Retrace the hacker

Researching, Proof of Concepts, Hacking, Console Modding and Hacking and more. No game hacking / modding here.

Retrace the hacker

Postby Legu » Sun Mar 31, 2013 12:49 pm

So, like always, ive been looking on the interwebz for some nice binders etc, to make undetectable keyloggers and so on.

Found a guy on youtube, who had one with only 2/46, so i thought ill give it a try. It was suspicious, since nothing happend after startin it, so i knew smt was wrong. Wireshark-->

Image

Obviously, system recovery, change all passwords, and scan. Fine, seems like gone. However, i wonder if it cant be retraced, This smtp shit somehow makes a login to the email address, logs in, and sends a mail to himself, so somewhere, the passwords must be there too. Any ideas how to pwn this faggot?

If u need the files:

http://www64.zippyshare.com/v/36934011/file.html
http://www57.zippyshare.com/v/32753232/file.html

Both are viruses made by him, i think the second one is the 2/46, the other one has like 26/43 (virustotal). Any ideas appreciated.

Lessons learned: Enough is enough, from now on ill only compile shit from source. Or virtual machine, but im lazy.
Attachments
pic.PNG
User avatar
Legu
Allie
Allie
 
Posts: 232
Joined: Sun Dec 18, 2011 6:47 pm

Re: Retrace the hacker

Postby Legu » Sun Mar 31, 2013 3:07 pm

Ok, i managed to trace him back, and deleted everything i found. Facebook,yahoo, etc.

Image

happy eastern...
Attachments
hacked.PNG
User avatar
Legu
Allie
Allie
 
Posts: 232
Joined: Sun Dec 18, 2011 6:47 pm

Re: Retrace the hacker

Postby Sethioz » Mon Apr 01, 2013 4:20 am

LOL, he actually had password in the tool? what an idiot ...
I would use SMTP or another email to email .. so if someone does reverse engineer it, then they would get my fake email and nothing else.

Shouldn't this be in owned section?
User avatar
Sethioz
Admin
Admin
 
Posts: 4757
Joined: Fri Jul 27, 2007 5:11 pm
Location: unknown

Re: Retrace the hacker

Postby Legu » Mon Apr 01, 2013 9:58 am

He had both password on tool, and password on the smtp email. However, his fake email was linked to his real gmail and facebook.

Also u can move it there, but since at the time i was creating the thread, i did not know if it is possible to track it back, but it seems it is :P
User avatar
Legu
Allie
Allie
 
Posts: 232
Joined: Sun Dec 18, 2011 6:47 pm


Return to PC / Website / Console / Others > Hacking / Cracking / Exploits / Research

Who is online

Users browsing this forum: No registered users and 3 guests