Throughout this article I will teach you how to use Lost Door, a Windows RAT, to control and monitor a victim’s computer remotely.

Disclaimer: Coder and related sites are not responsible for any abuse done using this software.

Follow the steps below to setup a server for Lost Door.

• Download Lost Door from here . (Update: In case the given download link doesn’t work, use this secondary download link. The password to unzip this file is “ehacking.nethungry-hacker.com” without double quotes.)
• On executing the download file, you will see the following screen. Accept it

• After it is open, right click on the window and click on create server

• Now enter your IP address and DNS here. Leave the rest of the field as it is.

• Now click on the ‘Options’  tab and choose the options as you want. To activate an offline keylogger is a good practice.

• Now go to ‘Advanced’ Tab. There will options related to spreading. This will be used in case you have more than 1 victim.

• Now just go to the ‘Create’ tab and click on create server. Your server is ready for use now and now send it to the victim.

Sending the server file to your victim

This is the most important thing after you have created your server file. If you want to take control on a single computer than you have to send this server file to the desired victim but if you want to affect more and more people than you have to use some spreading techniques.

• If you have physical access to the victim’s computer then take the server file in a pen drive and just double click on your server file once you have injected the pen drive into that computer.
• For those who don’t have physical access can use social engineering in order to get the victim execute that file on his computer.

Using Spreading to affect multiple victims

If you have more than one victim, then you have an option of using spreading technique. You might think that by creating multiple server files you can control multiple users. But here is a secret about spreading. When you select the spreading option, the server file will act as a worm which will spread itself across different computers via Email or any other channel. So your burden will be only to get one victim to execute that file on his computer, the remaining job of getting other victims will be done on its own.

About The Author

This post is written by an Irfan Shaeel An Ethical hacker and Penetration tester, Irfan blogs At his blog Ehacking.net

Sniper Spy

SniperSpy is the industry leading Remote password hacking software combined with the Remote Install and Remote Viewing feature. Once installed on the remote PC(s) you wish, you only need to login to your own personal SniperSpy account to view activity logs of the remote PC’s! This means that you can view logs of the remote PC’s from anywhere in the world as long as you have internet access!

Features

• Remotely Deployable : It means you don’t need to have access of the system on which you need to install it.
• Invisibility Stealth Mode : It can work in invisible mode without the knowledge of the victim.
• Record Login Credentials : It can Records any Password for any Email account or login details of the victim on any website. This can give you access to the victims email or any other web account.

  

• Real Time Screen Viewer : You can see all the activities that is taking place on the victim’s PC.
• Remote Reboot/Shutdown : You can also remotely reboot or shutdown the PC or choose to logoff the current Windows user.
• Bypass Any Firewall : The best part of this software is that it can completely undetectable by any Firewall available till now.
• Actual Screenshots : Captures a full-size jpg picture of the active window however often you wish.
• Websites Visited : Records all website URLs visited in Internet Explorer and Firefox with page title.
• Keystrokes in Most Languages : Every keystroke typed into ANY window is logged, including passwords typed.
• PC Location Mapping : Logs the IP at each upload to show you physical locations of the PC on a map.
• Full Chat Conversations : Records BOTH sides of chats / IMs in Google Talk, Yahoo IM, Windows Live and more.



• Applications Executed : Records every application executed by the user including full path and username.
• Application Session Durations : Shows you how long each application was used including start time and stop time.
• Automatic User File Uploads : Uploads an *actual copy* of every document, picture or desktop file changed.
• File / Folder Changes : Each time a file or folder changes, the software records the action and the full path.

Download

Click Here to buy this Amazing Software Right Now.

Click Here to go to the Official Website of this Software.

By now you might be knowing Rafay Baloch the writer of the previous article “Hack a Website Using Remote File Inclusion” and I am sure you would like to have more hacking stuff from him. Well now you don’t have to wait for him to post individual articles because he has compiled an E-book which contains all the interesting hacks. The best part of this e-book is that he has written it in such a manner that even a 5th grade kid can become a Hacker.

Apart from Hacking stuff, this book will also teach you the security aspect and after that you don’t have to worry about being hacked by other hackers.

What is in it for you?

Special Offers for you

Download

Click Here to go to the Official Website of this E-Book.

Click Here to Buy this E-book Right Now

Sorry for being away for almost a month, but guess what , got many new tricks & hacks with me for  all of you.

So here is a quick new hack on how to intrude in the PC which is shut downed at Cyber cafe. (Don’t Forget to read our disclaimer at the bottom of the post.)

1. As you all must have know these days all Cyber cafe owners have a program for administration to control all PC’s in local area network. So all files can be inter transmitted.

2. First of all press Ctrl+Alt+Del the task manager or any controlling application, will open. Then from APPLICATIONS select the program that is controlling all PC’s  & terminate it, This is for security reason. Now log of PC, & you ll get user names of the PC.

3. But some times, cyber cafes have security clients installed that have restricted access to Task Manager, restart the computer & press F8 continuously before windows boots.

The Menu will open, select Safe Mode from it. And now you can copy files from networked PC’s without any  security layer.

Next step is where you’ll need to crack the hashes.  SO go to your home PC , Download & install Saminside cracking tool. And from some another Cyber cafe try to crack the hashes of that PC. By same log off method explained below.

This where you actually perform hacking. Have a gret time & tell us weather it worked for you.

Meanwhile if you can get IP address,  of the PC you wish to hack try to get it from ip-explorer.com, but this is not the part of this hack its sort of next step of hacking from outside the network.

Disclaimer : The trick here explained it for educational purpose only & not to  perform illegal or criminal activities. Don’t forget hacking into some one’s privacy is considered as crime. SO do it on your home network that you own or something.  We are not responsible for anything you do & consequences of it by using our articles.

You have to collect some of the tools, Operating System & documentation on your PC with a very clear format.

Operating System:

Which OS to use, choice is all yours. Windows in all cases is not so ‘made for hacking’ according to me. Whatever XP,Vista or windows 7. They are all just OS which are made for novice public which can learn computers.

If you are a regular Linux user, Then shift to Backtrack Linux. It is Linux made for hacker geeks & completely embedded with all penetration testing tools in it. You can Download Backtrack here. But if you have never used Linux & wish to learn then you can use basic Linux distributions like Ubuntu. But remember that you or not supposed to learn Linux desktop environment like windows, you have to learn its shell or terminal. (command prompt of Linux)

As I said Choice is all yours you can go with Windows also. Its all on you.  (Suggestion: If you can’t make it habit to learn new things, you can never be a HACKER)

Hackers Toolkit:

In your root directory or C:/ in windows make a folder named Tools. So that you can access all tools from command prompt easily E.g.  c:/tools/example

Go surf for these tools enlisted.

• NMAP : Enumeration
• Nessus : Scanning & Enumeration
• Ethereal
• Snort  : Network Hacking
• Netcat
• TCPDump : For sniffing TCP Packets
• WinDump
• Hping2
• DSniff : Sniffing Data Packets
• GFI LANguard : LAN Security
• Ettercap
• Whisker/Libwhisker
• John the Ripper : Password Cracking Utility
• OpenSSH
• Sam Spade
• ISS Internet Scanner : Web Server Security
• Tripwire
• Nikto
• Kismet
• SuperScan : Another Great Scanner
• Cain & Abel
• SolarWinds Toolsets
• NTop
• Nemesis
• Honeyd
• Achilles
• Firewalk
• AVG Free Antivirus
• Trend Micro online scan
• Tiny Firewall
• Symantec Virus Tools
• Linux Security Audit Tool
• Firewall Builder
• IPCop
• AirSnort : Wireless Network Hacking
• SATAN
• Rootkit Hunter : To find out installed root kits.
• SpamAssassin
• grsecurity
• IP-Scanner : To scan IP Ranges

What are these tools ? Why are they used for ? How to use it ? are some of the questions that are striking your head.  Chill all dudes & babes, I am here to help you with each of the tools listed above.  All you have to do is first download them all & place in your root directory.

When ever you are reading things you must have all these tools, So I am giving you the list. And yes, Don’t forget to Subscribe to Hacking Truths, because you can’t miss such valuable updates. And yes, don’t worry about such big list, you won’t need to use all at a time, they are have wide uses in different fields like – Cracking, Wireless Networks hacking, Password Hacking, Encryption, Sniffing, Scanning & Enumeration, SQL injection & Web Hacking etc.

So have the tools, and go through their home pages & read as more as you can. For any sort of problems you have, I am just a comment away from you.

This post is made by Amol Wagh who blogs about Ethical Hacking & Exploits on Hackers Enigma Dot Com. You can Follow Amol on Twitter Here.

Using these programs any noob can remotely access your computer without any Authentication and do whatever he wants. I will tell you some of the features rest of them you need to try it and find out. These Programs :

• Work as a key logger.
• Send any Information from Victim’s PC to the Hacker’s PC.
• Run any program on the Victims PC.
• Display any Violating Image on victim’s Screen.
• Open the CD Drive of the Victim’s PC.
• Open any Web page on the Victims Screen.
• Disable any Specific Key or whole Keyboard.
• Shutdown Victim’s PC.
• Start a Song on the Victim’s PC.etc.etc…………..

Back Orifice / Back Orifice 2000

Back Orifice is one of the most common backdoor programs, and one of the most deadly. The name may seem like a joke, but sure, the threat is real. Back Orifice was established in Cult of the Dead Cow group. Back Orifice is an Open Source Program. The main Threat of this software is that by making some changes in the code anybody can make it undetectable to the Anti virus Program running on the Victim’s computer. Apart from the strange title, the program usually gets port 31337, the reference to “Lit” phenomenon is popular among hackers.

Back Orifice uses a client-server model, while the server and client is the victim attacker. What makes Back Orifice so dangerous that it can install and operate silently. There is not required interaction with the user in, meaning you could its on your computer right now, and do not know.

Companies such as Symantec have taken steps to protect computers against programs that they consider dangerous. But even more attacks using Back Orifice 2000. This is due partly to the fact that it is still evolving, as open source. As stated in the documentation the goal is ultimately the presence of the Back Orifice 2000 unknown even to those who installed it.

Back Orifice 2000, developed for Windows 95, Windows 98, Windows NT, Windows 2000 and Windows XP.

Where can I download Back orifice 2000?

Back Orifice 2000 can be downloaded at the following address: http://sourceforge.net/projects/bo2k/

I infected! How do I remove it?

Removing Back Orifice 2000 may require that you change the registry settings. To remove it at 7 simple steps, refer to the diagram below.

How do I delete Back orifice 2000

1. Click Start> Run, and type “Regedit”(without the quotes)
2. Follow the path below: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices “
3. Now looking in the right box: “The umgr32 = ‘c: \ windows \ system \ umgr32.exe”
4. Right-click on this entry and click Remove. Now restart your computer.
5. After restarting only open Windows Explorer. Make sure you can see all registered extensions. To do so, select “View Options and configure the appropriate settings.
6. Go to the WINDOWS \ SYSTEM directory, and find “umgr32.exe” file. Once you find it, delete it.
7. Exit Windows Explorer and reboot again.

NetBus / Netbus 2.0 Pro

NetBus was established around the same time that the Back Orifice was in the late 1990′s. NetBus was originally designed as a program prank friends and family, of course anything too malicious. However, the program was released in 1998, and is widely used as a backdoor to manage computer.

Like the Back Orifice, NetBus allows attackers to do virtually everything in the computer victim. It also works well under Windows 9x systems, as well as Windows XP. Unlike Back Orifice, the latest version of NetBus regarded shareware is not free. NetBus is also implementing less stealthy operations, as a direct result of criticism and complaints of abusive use.

Where can I buy and download NetBus?

NetBus can be purchased and downloaded at the following address: http://www.netbus.org/

Ok, I am infected. Now what?

Fortunately, the latest version of NetBus is a valid program. It can be removed just like any other program. Previous issuance NetBus is a bit more tricky, however. If you are not lucky enough attacked with the latest version, the withdrawal process and in the Back Orifice.

How do I remove NetBus?

1. Click Start> Run, and type “Regedit ‘(without the quotes)
2. Follow the path below: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices “
3. Now, in the right box, looking as follows: “[Name_of_Server].”Exe Of course, you have to find the actual name of this file EXE-. Usually This” Patch.exe ‘or’ SysEdit.exe “, but may vary.
4. Reboot and remove all traces of the actual program, which can be left. Additionally, you can set yourself NetBus, and then use its own function disposal.

SubSeven / Sub7

SubSeven or Sub7, has been established for the same purpose was to NetBus pranks. Sub7 actually has more support for pranks, and has more advanced users. Sub7 also widely used by the script kiddies, although that many firewalls and anti-virus software before initialization.

Since Sub7 not supported for several years, the threat is usually very low. Most security programs will not have any problem in ending Sub7 before it has a chance to be started. This shows that the importance to the modernization and security programs is critical, because the money was still there.

Nevertheless, it is widely used by those who have physical access to your firewall, or security programs. If access rights, the tool will work without restrictions.

Where can I buy and download Sub7?

Sub7 not supported more, and hence is not available for download on any legitimate websites. If you were to make a Google search, you would find links to download Sub7. However, this is not the official site, and should be considered dubious and dangerous.

Sounds harmless, How do I remove it?

1. End of the following processes through the curator: “editserver.exe, subseven.exe”
2. Delete the following files: “editserver.exe, subseven.exe, tutorial.txt.”

Why these programs is absolutely legitimate?

All the basis behind these programs is that they are designed to help people, not harm. While some like NetBus really were originally created for pranks, they switched routes to avoid legal problems.

These programs claim to be the legitimate remote desktop program, although they certainly easily used for malicious use. These programs really should be used to aid or customer support departments. Why all adolescents is to copy these programs goes beyond us, but leave the content of their networks, while computer is a good idea.

The advent of new technology has made these programs in some respects less effective. However, programs such as Back Orifice 2000, yet still evolving, so do not be surprised to learn that he works in the background, waiting for instructions. Since the best defense is a good offense, be sure to save a sharp eye on what is installed on the network computers. After all, an ounce of prevention is worth a pound of cure.

A “worm type” virus was found on laptop computers that astronauts use to send and receive email from the station by relaying messages through a mission control center in Texas, according to NASA spokesman Kelly Humphries on Wednesday.

The virus is reported to be malicious software that logs keystrokes in order to steal passwords or other sensitive data by sending the information to hackers via the Internet. The laptop computers are not linked to any of the space station’s control systems or the Internet. “The bottom line is it is a nuisance for us,” Humphries said. “The crew is working with teams on the ground to eradicate the virus and look for actions to prevent that from happening in the future.” The virus had no adverse effect on space station operations, according to Humphries.

The space station orbits Earth once every 90 minutes at an altitude of about 350 kilometers. NASA is reportedly looking into whether the virus got into the computers by hiding in a memory drive used to store music, video or other digital files. Humphries said this is not the first computer virus stowaway on the Space Station.

“This is not a frequent occurrence but it has happened before,” Humphries said

Follow the steps below:

[eminimall]

1) Boot up windows.
2) go to dos-prompt or go to command prompt directly from the windows start up menu.

3) type the command at the prompt: “debug” (without quotes ninja.gif )
4) type the following lines now exactly as given…….
o 70 10
o 71 20
quit
exit

4) exit from the dos prompt and restart the machine

password protection gone!!!!!!!!!!!!!

EnjoYYYYYYYYYY

PS: I tested this in Award Bios……..
There seems to be some issue regarding display drivers on some machines if this is used. Just reinstall the drivers, Everything will be fine………..

I have not found any other trouble if the codes are used.

To be on safe side, just back up your data……….

The use of this code is entirely at ur risk……….

It worked fine for me……….

Nessus

The “Nessus” Project aims to provide to the internet community a free, powerful, up-to-date and easy to use remote security scanner for Linux, BSD, Solaris, and other flavors of Unix.

Ethereal

Ethereal is a free network protocol analyzer for Unix and Windows. Ethereal has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session.

Snort

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks.

Netcat

Netcat has been dubbed the network swiss army knife. It is a simple Unix utility which reads and writes data across network connections, using TCP or UDP protocol

TCPdump

TCPdump is the most used network sniffer/analyzer for UNIX. TCPTrace analyzes the dump file format generated by TCPdump and other applications.

Hping

Hping is a command-line oriented TCP/IP packet assembler/analyzer, kind of like the “ping” program (but with a lot of extensions).

DNSiff

DNSiff is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.).

GFI LANguard

GFI LANguard Network Security Scanner (N.S.S.) automatically scans your entire network, IP by IP, and plays the devil’s advocate alerting you to security vulnerabilities.

Ettercap

>Ettercap is a multipurpose sniffer/interceptor/logger for switched LAN. It supports active and passive dissection of many protocols (even ciphered ones)and includes many feature for network and host analysis.

Nikto

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 2500 potentially dangerous files/CGIs, versions on over 375 servers, and version specific problems on over 230 servers.

John the Ripper

John the Ripper is a fast password cracker, currently available for many flavors of Unix.

OpenSSH

OpenSSH is a FREE version of the SSH protocol suite of network connectivity tools, which encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks.

TripWire

Tripwire is a tool that can be used for data and program integrity assurance.

Kismet

Kismet is an 802.11 wireless network sniffer – this is different from a normal network sniffer (such as Ethereal or tcpdump) because it separates and identifies different wireless networks in the area.

NetFilter

NetFilter and iptables are the framework inside the Linux 2.4.x kernel which enables packet filtering, network address translation (NAT) and other packetmangling.

IP Filter

IP Filter is a software package that can be used to provide network address translation (NAT) or firewall services.

pf

OpenBSD Packet Filter

fport

fport identifys all open TCP/IP and UDP ports and maps them to the owning application.

SAINT

SAINT network vulnerability assessment scanner detects vulnerabilities in your network’s security before they can be exploited.

OpenPGP

OpenPGP is a non-proprietary protocol for encrypting email using public key cryptography. It is based on PGP as originally developed by Phil Zimmermann.

I still don’t know why people take it for granted to download virus protection software, and they wonder why their computers get hacked into.

Detecting OS (operating system) is another most important step towards hacking into a system. We can even say that after tracing the IP of the system it is the most prior thing that should be done to get the root on a system cause without having knowledge about the OS running by the target system you cannot execute any system commands on the target system and thus your mission wont be accomplished. In here I have figure out the basics of detecting OS remotely without having physical access to the system. There are various method of detecting OS like by trace routing the victim’s IP , by pinging the IP , by using telnet and also by using a terminal. But from my research I have concluded that detecting OS through ping or tracerout is the most simplest but effective way of determining the operating system running in the remote computer without having physical access to the system. Since my aim of writing articles is to make things clear for beginners and intermediate so I will explain remote os detecting through ping method which is very easy to understand even for peoples totally new to computers.. yeah yeah.. I know you call them newbies..right ?

REMOTE OS DETECTION USING PING METHOD

What is PING and what is its utility ?

Ping is an MSDOS utility provided for windows version of DOS and for Unix and operating systems having UNIX as the core kernel. It runs in dos box in windows and directly in UNIX platform. In this manual I will give more stress on the MSDOS version of ping.

Ping is an utility used for sending and receiving packets of data to a target system using its IP and thus from the outputs you can figure out many information about the target system.
In remote os detection we are mainly concerned with the TTL values of the received data packets.

Note: When you send or receive a file over the internet it is not send at once. Instead it is broken down at the source system and these broken fragments of data know as data packets are send through the internet and these data packets are gathered together by the target system according to an algorithm constructed by the source system.
For example if I send a picture of size 400 KB to my girl friend (hey girls out there remember I don’t yet have a gf in reality) then what actually happens is that my system breaks the data into data packets, say the file of 400 KB has been broken down into 4 data packets each having a size of 100 KB and having a name. These data packets are assigned a code known as the TTL value of the data packets by my operating system. Then these data packets are gathered and the original file is formed from these data packets at the target system.

Example:

C:\windows>ping/?

Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]
[-r count] [-s count] [[-j host-list] | [-k host-list]]
[-w timeout] target_name

Options:
-t Ping the specified host until stopped.
To see statistics and continue – type Control-Break;
-a Resolve addresses to hostnames.
-n count Number of echo requests to send.
-l size Send buffer size.
-f Set Don’t Fragment flag in packet.
-i TTL Time To Live.
-v TOS Type Of Service.
-r count Record route for count hops.
-s count Timestamp for count hops.
-j host-list Loose source route along host-list.
-k host-list Strict source route along host-list.
-w timeout Timeout in milliseconds to wait for each reply.