Spread Your Keyloggers/Malware Using Java Drive-By Attack
One of the questions which i repeatedly got from my blog readers the past month was "How do i send the keylogger/Rat to the victim ? ", "How do i spread my Keylogger ?" etc. Actually there are many ways by which you can spread your keylogger and its usually left to the attackers imagination . But today to help beginners i will share one of the common and most successful ways of Spreading your keylogger server file. Before we begin if your new to keyloggers please read the following post
What is Java Drive By Attack ?
The Java Drive-By or Java applet Attack is considered as one of the most popular and successful methods for compromising a system. Its Popular because its very easy to set up and it affects all the platforms. A Java Drive-By is a Java Applet that is coded in Java and is put on a website. Once the victim views the cloned website a pop-up box will appear saying that his java version is out of date "click run to update" Usually the victim clicks thinking it going to update his Java, but in the background it will download a program off the Internet. This program can be a Keylogger or a virus etc.
Things Needed :
1. Keylogger / RAT Server File - To infect the victim
2. Java Drive-By Package - You can download it from Here
3. A Web Hosting site - To host all your files online
Note : Please turn off Your antivirus when your downloading the Java Drive-by package
1. First Create free web hosting account at my3gb.com
2. Create Your Keylogger server file, And upload it to your hosting account which you created in the previous step and make a note of the URL
Example : www.keyloggerserver101hacker.my3gb.com
3. Now Extract all the files from Java Drive-By Package which you downloaded earlier and Open index.html2 in notepad search for "YOUR URL HERE" with out quotation marks , Replace it with the URL of the server file which you uploaded in step 2
Note : You need to replace the URL in two places as mentioned
4 .Now search for "http://101hacker.com" and replace it with the website you want the victim to be redirected and finally save it.
5. Now upload all the files (client.jar, index.html, index.html2, java , load, softpedia) to your web hosting account and make a note of the index.html URL
Example : www.index.html101hacker.my3gb.com
6. Now send the index.html link to the victim , When he visits the website he will see a message saying that his java is out of date and it will ask him to update his java, once when the victim clicks Update. The keylogger server file will install in the background, mean while the victim will be redirected to the website which we setup in step 4 .Thus the victim will not get suspicious
Hope You enjoyed the post, For further doubts and clarifications please post your comments