id33b1: KrackoWorld

vineri, 1 iunie 2012

KrackoWorld

How to Make Remote Keylogger Undetectable from Antivirus with FUD Crypter

Posted: 31 May 2012 10:30 AM PDT

In my previous article, i have clearly mentioned how to install remote keylogger (FUD) into your Victims Computer in simple way but now the problem is that it may be detected by some antivirus and getting errors in running them properly. Hence today i am going to share an complete tutorial on How to make these remote keylogger undetectable from popular Antivirus so as to make keylogging easy. So lets start with the Crypter definition first.

What is a Crypter?

Crypter is a special type of software used to hide viruses, malware, keyloggers or tools from Antiviruses as to make it fully undetectable. Thus, a Crypter is a program that allow users to crypt the source code of their program to Bypass antivirus detection mainly. Therefore our crypted file becomes UD (undetectable) or FUD (fully undetectable).

Features of this Crypter- Star Crypter Public V1.2:

1. Unlimited File Crypter

Right Click on the box in the main to browse for a file, after clicking "Add File". Or just drag and drop your files. You can crypt and FUD native and managed (.NET) files. A file can be deleted by right clicking on one file and clicking on "Delete". You can delete multiple files at once by selecting them. You can crypt any file, even .pdf, .doc, .gif etc.

2. Unlimited File Binder

Binding is the same as browsing for multiple files. Just browse multiple times and add those files to the list or simply drag and drop them. You can even bind executables with .Pdf's, managed files, pictures and anything you want! If you want to run an executable file only once when startup is checked. Then rename the file from .exe to .com before you bind it.

3. Change Assembly Information

You can Change the Output information to make the file look more legit. You can save your custom information, use one of the 10 pre-typed ones, import information out of a file, or just generate random strings. In some cases, legit assembly information can lower the detection rates.

4. Change Icon

Changing Icon make the outputs look more professional and in some cases it gives more Undetected Outputs. You can import ".ico" files (recommended) or clone the icon of a file.

5. Pump File

This adds bytes to the output to increase the size of it. You can add in kB and MB.

6. Spoof Extension

Spoofing extension will only work on Windows Vista and Win7. It is recommended to use short output names. The computer should also show all file extensions in order to work. With the right combination of assembly information and Icon it can be effective to trick someone and make him believe the .exe is actually an .mp3 or any other extension that you can type in the box.
You can also just save the file as .bat .com .scr .pif using the "Build"-button. This is not extension spoofing and this will work on all computers.

7. Fake Message

The message that you type here only starts once. Even if you have startup enabled. It supports multi-line and you can choose the buttons and style you want.

8. Hide File

On execution, the file goes hidden and removes itself. But it stays in the same path and if a user has "show hidden files", the file will just be there.

How to Use it?

1. First of all download and install this software from here.

2. Now Open the FUD Crypter select server file as your Keylogger file or RAT file, then go to Appearance tab- check custom icon and select your icon respectively.

3. Finally click " Crypt " and you will get a Crypted file which is totally undetectable by antiviruses.

4. All Done! Now send this crypted file to your victims and enjoy remote keylogging with crypter powered.

AV Scan Results :-After crypting my remote keylogger made file with star crypter public V1.2, I found zero viruses results as per Norton Antivirus.