where to start...

The constant threat: viruses, trojans, spyware, ... the list goes on

where to start...

Post by isaacsmith357 on Tue Jul 10, 2012 10:31 pm
([msg=67947]see where to start...[/msg])

im looking to create spyware programs... easier the better. but i have no clue where to start.

i was wondering if anyone could point me in the right direction, or provide me with links to websites that would help.

is this even the right form? if not, could please direct me to the correct one, that would be fantastic!
isaacsmith357
New User
New User
 
Posts: 1
Joined: Tue Jul 10, 2012 10:25 pm
Blog: View Blog (0)


Re: where to start...

Post by anarchy420x on Wed Jul 11, 2012 12:26 am
([msg=67948]see Re: where to start...[/msg])

http://en.wikipedia.org/wiki/Spyware

I personally don't know, but I don't think you are going to get much help with this. As for the forum it goes in, that would be malware. You should try a google search like How to create spyware?
A broken clock is right twice a day, however, I am neither up that early nor up that late...
anarchy420x
Poster
Poster
 
Posts: 279
Joined: Thu Oct 16, 2008 12:43 am
Blog: View Blog (0)


Re: start to where...

Post by WallShadow on Wed Jul 11, 2012 11:21 am
([msg=67962]see Re: start to where...[/msg])

Better would be 'how spyware works' or 'spyware analysis'.

There are only a few tricks you need to know with spyware; how to execute it on another person's computer, how to hide it, how to collect information, how to send the information back, and how (if necessary) to make it persistent.



How to execute it; the most common method is having a malicious site which gives it to anyone who visits. If you want, you can try to manually distribute it amongst your targets, however it greatly limits your audience but greatly increases the chance to evade detection by anti-virus companies.

How to hide it; this isn't that hard. You just have to figure out how to make your spyware program not have a window or prompt of any sorts. I know that many browser based spywares exist as plugins to your browser which automatically install themselves. Thus, they are always hidden from view, but when you view a webpage, they get to review it first before you see it.

How to collect information; this greatly depends on what you want. If you want to analyze what a person is browsing, browser plugin is easiest. The browser plugin method also works well if you want to collect a person's e-mails inconspicuously. It automatically gets called when the user accesses a webpage. If you want usernames, passwords, you want a key-logger. What most people do is just bundle a key-logger with their spyware and just collect the text files it leaves. In some other cases, you might want a program that collects files or analyzes them from the target's computer, for that you'll need to access files which can be slightly troublesome.

How to send the information back; now this is the tricky part. Your simplest bet would be to send it by email to some address. You could also connect to a specific server you want, and send the info that way, but that's a larger investment for something that will get tracked down anyways.

How do you make it persistent; this is an optional step. The browser plugin method is the simplest here. The browser automatically starts the plugin every time the browser starts up. Other methods would be like setting an auto-run for start-up, but that's kind of obvious.


This is definitely an interesting topic that everyone interested in hacking and programming should look into. Spyware is basically all of the viruses, worms, root-kits, and all that other stuff, just without the payloads.

-WallShadow
User avatar
WallShadow
Contributor
Contributor
 
Posts: 613
Joined: Tue Mar 06, 2012 9:37 pm
Blog: View Blog (0)



Return to Malware

Who is online

Users browsing this forum: No registered users and 0 guests