How To Write A Basic Keylogger In VB

Intro: What a Keylogger is made of

Before we start programming, we need to answer a basic question: what is a keylogger? As the name implies (key+logger) - a keylogger is a computer program that logs (records) the keys (keyboard buttons) pressed by a user. This should be simple to understand. Lets say that I am doing something at my computer. A keylogger is also running (working) on this computer. This would mean that the keylogger is “listening” to all the keys I am pressing and it is writing all the keys to a log file of some sort. Also, as one might have guessed already, we don’t want the user to know that their keys are being logged. So this would mean that our keylogger should work relatively stealth and must not, in any case, show its presence to the user. Good, now we know what a keylogger as and we have an idea of its functions, lets move on to the next step.

=========================================

Basic Concepts: What needs to be achieved

=========================================

Ok, now lets plan our program, what should such keyloger do and what it should not. Significant difference to previous section is in the sense that here we shall discuss the LOGIC, the instructions that our program will follow.

Keylogger will:

1 - listen to all the key strokes of the user.

2 - save these keys in a log file.

3 - during logging, does not reveal its presence to the user.

4 - keeps doing its work as long as the used is logged on regardless of users actions.

==========================================

Implementation: Converting logic into code

==========================================

We shall use Visual Basic because it is much easier and simple to understand comparing to C++ or Java as far as novice audience is concerned. Although programmers consider it somewhat lame to code in VB but truthfully speaking, its the natural language for writing hacking/cracking programs. Lets cut to the chase - start your VB6 environment and we are ready to jump the ride!

Read More

Mixed Bag - Mobile Hacking

Nokia 31xx

____________

Firmware version

*#0000# or *#3110#

IMEI Code

*# 06 #

Restores Factory Settings

*#7780#

Warranty Codes

*#92702689# (= *#war0anty#)

Just scroll down through the information. If entering the above code requires a

further warranty code try entering the following:

6232 (OK) : Month and year of manufacture

7332 (OK) : Last repair date

7832 (OK) : Purchase date (if previously set)

9268 (OK) : Serial number

37832 (OK) : Set purchase date (this can only be done once)

87267 (OK) : Confirm transfer

Nokia 5110

_____________

IMEI Number *#06#

For checking the IMEI (International Mobile Equipment Identity).

———————————————————

Security Code 12345

Default security code is 12345. If you forgot your security code, there s so many program on the net which allowed you to know the security code likes Security ID Generator, Nokia IMEI Changer, etc.

update:

Security ID Generator (SID.EXE) and IMEI Generator (NOKIAIMEI.EXE) doesn t works with Nokia 5110

Resetting Security Code

If you accidentally lock the phone or forgot the security code, the best thing to do is check it with your local Nokia dealer. For advanced user, you can use WinTesla, PCLocals or LogoManager program to read the security code or resetting the code (You will need an FBUS/MBUS (or compatible) cable to do this.

Read More

Tracking Email

MailTracking.com - What is it and how does it work?

What is MailTracking?

MailTracking is the most powerful and reliable email tracking service that exists today. In short - MailTracking tells you when email you sent gets read / re-opened / forwarded and so much more

How do I send a tracked email? There are two ways you can send tracked emails:

1. Simply add: .mailtracking.com to the end of your recipients email address (they won’t see this)
   
   or


2. Install the ActiveTracker plugin to add the tracking for you.

Testing? If you send tracked emails to yourself, your anti-spam filters may block them (people don’t usually write to themselves) - so we recommend you test by sending to other people.

What will you tell me about the tracked emails I send? MailTracking will endeavour to provide the following in your tracking reports:

• Date and time opened


• Location of recipient (per their ISP city /town)


• Map of location (available on paid subscriptions)


• Recipients IP address


• Apparent email address of opening (if available)


• Referrer details (ie; if accessed via web mail etc)


• URL clicks


• How long the email was read for


• How many times your email was opened


• If your email was forwarded, or opened on a different computer

All messages sent via MailTracking benefit from the SPF compliant and Sender-ID compliant mail servers. This confirms safe transmission of your messages, and also enables us to report delivery status to you (including: bounce-backs, delays and success notifications). Delivery information is listed in your Personal Tracking Page. Note: MailTracking.com does not use or contain any sp‌y-ware, ma‌l-ware, nor vi‌rues, it is not ill‌egal to use, and does not breach any pri‌vacy reg‌ulations in any countries.

What else does MailTracking do?

There are lots of great features available to you - these include the following sending options:

• Certified email


• Ensured-Receipts and retractable emails


• Invisible tracking


• Self-Destructing emails


• Block printing


• Block forwarding


• Adobe Acrobat PDF Document Tracking


• Secure Encypted emails


• Track MS Word or Excel documents

You can also choose how to receive your receipts:

• In your Personal Tracking Page (when you log in)


• Email ReadNotifications


• Legal Proof-of-Opening receipts


• Delivery Service Notifications (DSN’s)


• SMS alert on your cell-phone or pager


• Instant Messenger

Click Here to Register.

Read More

Your Email can be intercepted ! Check How

Top 10 Places Your Email Can Be Intercepted

i. The Internet

The Internet has radically changed the way we communicate with each other. Email is obviously an extremely valuable and ubiquitous form of communication, but with this technology comes certain pitfalls that should be understood. The path that an email message takes to reach its recipient is a complex and varying one, and while in transit that message may come under the potential scrutiny of numerous different people and organizations.

We will attempt to outline the varying paths that an email message may travel, and who some of those different people and organizations might be under whose scrutiny the message may pass. The intention of the document is not to provide a how-to guide; the only specific technique that will be discussed, packet sniffing, is one that anybody with any technical networking knowledge whatsoever is already familiar with – which brings us to an important point. At a round number, there are probably at least a million people in the world with the requisite technical knowledge necessary to intercept Internet-based email. Yes, I said a million. (There are actually probably a lot more than that - maybe several million by now, and more everyday as the populace becomes more networking-literate.) Fortunately, the number of those people who actually have the physical access necessary to intercept email is much smaller, but it is still a very large number.

ii. Internet Service Provider (ISP)

The Internet is composed of numerous different interconnected networks and systems that collectively provide a backbone for the transmission of network traffic. It is a highly dynamic physical environment: a system or network device that is here today may be gone or reconfigured tomorrow, and the underlying protocols of the Internet will automatically detect and accommodate for this change. This dynamic nature is one of the things that make the Internet so powerful. However, given the dynamic nature of the Internet, it is impossible to absolutely predict exactly what path network traffic will follow. One email message that you send could take an entirely different path to reach the recipient than another that you send to the same person. In fact, it is even worse than that: for the sake of efficiency, email messages and other network traffic are typically broken down into smaller little chunks, or packets, before they are sent across the

network, and automatically re-assembled on the other side. Each of these individual packets may in fact follow a different path to get to the recipient! (In actual practice, a given path tends to get reused until the operational parameters of that or other related paths have significantly changed.)

The net result of all this is that your message, or at least little chunks of your message, travels through an indeterminate set of systems and network devices, each of which offers a point of interception. These systems may be owned or operated by corporations and non-profit organizations, by colleges, by governments and government agencies, or by telecom and other connectivity providers. Given such a widely divergent group, it is easy to see how either an unethical organization or a renegade employee may easily gain access to the messages and traffic crossing their systems. All of these factors combine to make the Internet itself the primary source of message interception points.

Read More

Top 10 Tricks to exploit SQL Server Systems

Whether it is through manual poking and prodding or the use of security testing tools, malicious attackers employ a variety of tricks to break into SQL Server systems, both inside and outside your firewall. It stands to reason then, if the hackers are doing it, you need to carry the same attacks to test the security strength of your systems. Here are 10 hacker tricks to gain access and violate systems running SQL Server.

1. Direct connections via the Internet

These connections can be used to attach to SQL Servers sitting naked without firewall protection for the entire world to see (and access). DShield’s Port Report shows just how many systems are sitting out there waiting to be attacked. I don’t understand the logic behind making a critical server like this directly accessible from the Internet, but I still find this flaw in my assessments, and we all remember the effect the SQL Slammer worm had on so many vulnerable SQL Server systems. Nevertheless, these direct attacks can lead to denial of service, buffer overflows and more.

2. Vulnerability scanning

Vulnerability scanning often reveals weaknesses in the underlying OS, the Web application or the database system itself. Anything from missing SQL Server patches to Internet Information Services (IIS) configuration weaknesses to SNMP exploits can be uncovered by attackers and lead to database server compromise. The bad guys may use open source, home-grown or commercial tools. Some are even savvy enough to carry out their hacks manually from a command prompt. In the interest of time (and minimal wheel spinning), I recommend using commercial vulnerability assessment tools like QualysGuard from Qualys Inc. (for general scanning), WebInspect from SPI Dynamics (for Web application scanning) and Next Generation Security Software Ltd.’s NGSSquirrel for SQL Server (for database-specific scanning). They’re easy to use, offer the most comprehensive assessment and, in turn, provide the best results. Figure 1 shows some SQL injection vulnerabilities you may be able to uncover.

Read More

What is Double Password?

Strong passwords should have a significant length and cannot contain normal words. Only random digits and letters of different case. Such passwords are extremely hard to remember and it takes time to enter. But, even strong passwords have their weaknesses. When you type a password, it can be intercepted by a spy program that logs all your keystrokes. Others can see what you type (even if the password field on the screen is masked, the password can be read by buttons you hit on your keyboard.)

Until now, the only solution was to buy a secure token. A secure token is a hardware key that is used instead of or in addition to your normal password authentication. There are two main problems with the hardware solution, though. First, it is expensive. And second, you can use them only with software that has built-in support for this method of authentication.

Read More

Save Hard-drive space upto 1/2 GB in Windows Vista

For the few people that can’t hibernate their computer because it automatically resumes, or the ones that just don’t use hibernation, you’ll want to disable this since the feature consumes as much hard-drive space as you have in RAM. A simple command prompt entry can disable hibernation.

1) Click on the Start Pearl > type cmd in the Search Bar > press Ctrl+Shift+Enter

2) Enter powercfg -H off

Once hibernation is off, you’ll still need to use Disk Cleaner to get rid of the files stored on your computer for previous hibernation sessions. To access Disk Cleaner:

1) Open the Start Pearl again and type cleanmgr in the Search bar.

Windows Vista will then prompt you to choose the partition you wish to clean. Select the desired partition, and the rest should be pretty straight forward.

On my computer, hibernation consumed about 510MB. This information is listed under Hibernation File Cleaner. You’ll want to clear all that since you won’t be using hibernation anymore.

Read More