remote install keylogger that can evade AV

Radar_mX · Post by **Radar_mX** » 19 Mar 2009, 01:51

Your post didn't make much sense to me ^^

But I assume that you are after a keylogger that won't be detected be AV? =/

Well, either code your own, or "scramble" an already existing one. I suggest the first alternative, because you wont learn much from downloading a scrambler and have it scramble some app.

Welcome to Suck-o btw ^^

this is the first time I hear about a scrambler all I know is packer which makes malware undetected to AV

can you suggest me a name of scrambler or some links ?

ebrizzlez · Post by **ebrizzlez** » 20 Mar 2009, 04:44

Radar_mX wrote:
this is the first time I hear about a scrambler all I know is packer which makes malware undetected to AV

can you suggest me a name of scrambler or some links ?

A Packer doesn't make malware undetected, it just packs and compresses the file to make it smaller, but in the process the malware signature is compressed as well so some AVs may not notice it until the program is run, during this process, a stub in the file unpacks the program and executes it in memory. Than the program would be detected.

I would recommend you research more about viruses because some have their own built-in packer that can pack and unpack its own code when its needed.

You still have a lot to learn, I recommend picking up the book: The Giant Book of Computer Viruses. its in the download section.

btw. A great packer that I personally use is the tElock packer by tElock! . If you get the private packer version, its undetected by avs till execution.

Post by **DNR** » 20 Mar 2009, 13:32

There is a News article on the frontpage here that describes a recent network attack - the intruders simply used a web-nanny/parental keylogger tool - the key was having physical access to the computers to set it up and hide it.

The failure on their part was performing ill-attempts to remove and hide traces of the tool after the job was done.

DNR

ebrizzlez · Post by **ebrizzlez** » 20 Mar 2009, 15:19

cats wrote:Your post didn't make much sense to me ^^
Well, either code your own, or "scramble" an already existing one. I suggest the first alternative, because you wont learn much from downloading a scrambler and have it scramble some app.

What cats means is a very extensive process. Their is ways you can "scramble" code through code caves, or you can hide some of the malicious code into other sections of memory and call them when needed but all of this is extensive assembly operations and that requires much skill in coding...

As DNR said, The best keyloggers though, are the ones that are made comerical. Most commercial keyloggers don't "invade" avs because their on a special exclusive list. This means some AVs companies don't block these keyloggers because of a deal transaction or so. But even if thats the case, some avs still pickup the keylogger because of its signatures.

I would refer to Mabo's post on his keylogger. And also do some googling on packers as well.

nightkid · Post by **nightkid** » 26 Mar 2009, 21:37

or get her passwords to her emails/social networking sites through phishing ^_^