When someone other than you accesses your computer, your personal information may be at risk. Keyloggers and other malicious software, or malware, can be a dangerous presence on your computer, especially because you often won't notice them unless you know what to look for. These types of programs can capture each computer keystroke, stealing information such as user names, passwords, and credit card information. There are specific areas to check to see if a keylogger or malware has infected your computer.
In my previous article I have explained about "How To Track Hacker/Spammer", Today in this article I am going to explain how to check whether Keylogger or RAT is installed or not in your computer.
Normally keyloggers and RATs sends data to the hacker in regular intervals (usually every 5 to 10 minutes) by using one of the two methods below:
1: Using the Emails : where hacker configures his email ID and password while creating the server. Keylogger records the key strokes in a temp file and sends it to the hacker in form of emails. But this has a limit as most free email servers like Gmail or Yahoo or Hotmail has limit of 500 composed and received mails. So most hackers use the second method.
2: FTP server : While creating the keylogger server, hackers configure their FTP server, where they receive the logs of key strokes in the form of text file(usally labeled on the basis of current system time stamp). Hackers keylogger server uploads the files to FTP server after every few minutes interval.
If we monitor all data packages we can easily scan for one of these and then we'll have the hackers email info or FTP info. What can we do with this, you might ask; highly skilled hackers obviously won't allow this as they create a completely seperate email or FTP site which leaves no traces of them, but novice skilled hackers (there's plenty of those) will just use their own email or leaving behind information about them. An example could be that you find the name of the person from the email you backtraced - this ain't his primary email, so there's nothing valuable. From there you can look up his name on Google, you'll probably find his real email on some site; then simply try to login to it using the password from the fake email (most novice skilled hackers will have the same password).
Wireshark is a very famous network scanning hack tool which is used by hackers or network forensic experts to monitor the packet flow of their network cards like Ethernet or WLAN. It records each and every packet coming and going out of your system's Network card. Packets is just a bunch of data.
Whenever you feel anything suspicious in your system like your system is compromised or you are infected follow the steps below prior to removing the keylogger or RAT from your system.
Step 1: First of all download and install Wireshark. You can easily get this simply by Googling it.
Note: While Wireshark is getting installed, ensure that it installs the Winpcap with it otherwise it won't work properly.
Step 2: Now go to the "Capture"-button in the top menu of the Wireshark and select the interface (means your network card which can be Ethernet or WLAN).
Step 3: It will now start capturing the packets through that Network card. What you have to do is just keep capturing the records for atleast 30 minutes for getting the best results. After x time, stop capturing the packets.
Step 4: Now you need to filter your results, for this go to the filter box and type FTP and SMTP one by one. Note: if you get records for FTP then hacker has used FTP server and if you didn't get FTP that means the hacker has used SMTP, so give SMTP in Filter box.
Step 5: As you scroll down you will find the “FTP username” and “Password” for victims ftp account in case FTP server is used. And if hacker has used SMTP then you will find "email address" and its "password" that hacker has used to create the server.
NOTE : This won't work in all cases, but it's certainly worth trying. Who wouldn't want revenge if some skid infected your precious PC?
Update : If you want to hack Gmail, Myspace and other email account passwords, please use the best Hacking Softwares,
So friends, I hope this How To Check Whether Keylogger or RAT Is Installed or Not In Your Computer tutorial will be useful for you. If you have any problem in this above tutorial, please mention it in comments.
Happy hacking........... :P
In my previous article I have explained about "How To Track Hacker/Spammer", Today in this article I am going to explain how to check whether Keylogger or RAT is installed or not in your computer.
Normally keyloggers and RATs sends data to the hacker in regular intervals (usually every 5 to 10 minutes) by using one of the two methods below:
1: Using the Emails : where hacker configures his email ID and password while creating the server. Keylogger records the key strokes in a temp file and sends it to the hacker in form of emails. But this has a limit as most free email servers like Gmail or Yahoo or Hotmail has limit of 500 composed and received mails. So most hackers use the second method.
2: FTP server : While creating the keylogger server, hackers configure their FTP server, where they receive the logs of key strokes in the form of text file(usally labeled on the basis of current system time stamp). Hackers keylogger server uploads the files to FTP server after every few minutes interval.
If we monitor all data packages we can easily scan for one of these and then we'll have the hackers email info or FTP info. What can we do with this, you might ask; highly skilled hackers obviously won't allow this as they create a completely seperate email or FTP site which leaves no traces of them, but novice skilled hackers (there's plenty of those) will just use their own email or leaving behind information about them. An example could be that you find the name of the person from the email you backtraced - this ain't his primary email, so there's nothing valuable. From there you can look up his name on Google, you'll probably find his real email on some site; then simply try to login to it using the password from the fake email (most novice skilled hackers will have the same password).
Wireshark is a very famous network scanning hack tool which is used by hackers or network forensic experts to monitor the packet flow of their network cards like Ethernet or WLAN. It records each and every packet coming and going out of your system's Network card. Packets is just a bunch of data.
Whenever you feel anything suspicious in your system like your system is compromised or you are infected follow the steps below prior to removing the keylogger or RAT from your system.
How To Remove Keylogger / Rat From Your Computer
Steps to reverse engeneering the email or FTP servers password:Step 1: First of all download and install Wireshark. You can easily get this simply by Googling it.
Note: While Wireshark is getting installed, ensure that it installs the Winpcap with it otherwise it won't work properly.
Step 2: Now go to the "Capture"-button in the top menu of the Wireshark and select the interface (means your network card which can be Ethernet or WLAN).
Step 3: It will now start capturing the packets through that Network card. What you have to do is just keep capturing the records for atleast 30 minutes for getting the best results. After x time, stop capturing the packets.
Step 4: Now you need to filter your results, for this go to the filter box and type FTP and SMTP one by one. Note: if you get records for FTP then hacker has used FTP server and if you didn't get FTP that means the hacker has used SMTP, so give SMTP in Filter box.
Step 5: As you scroll down you will find the “FTP username” and “Password” for victims ftp account in case FTP server is used. And if hacker has used SMTP then you will find "email address" and its "password" that hacker has used to create the server.
NOTE : This won't work in all cases, but it's certainly worth trying. Who wouldn't want revenge if some skid infected your precious PC?
Update : If you want to hack Gmail, Myspace and other email account passwords, please use the best Hacking Softwares,
- Facebook, Hotmail, Gmail Passowrd hacking through Winspy Keylogger
- Remote Password Hacking Software - Sniperspy keylogger
- How To Hack Password Through Mobile
So friends, I hope this How To Check Whether Keylogger or RAT Is Installed or Not In Your Computer tutorial will be useful for you. If you have any problem in this above tutorial, please mention it in comments.
Happy hacking........... :P
source : http://www.wildhacker.com
No comments:
Post a Comment