Monday 19 March 2012

[TUT]How to make a Java Drive By

For this method, we will be doing a simple page rip, and adding one line of HTML code that will automatically download your Virus, and in hiden mode. So let's start off by downloading the contents:

Step One

Download the package, I will go further in detail about the files later:

http://www.mediafire.com/?k9y8ruq3a1rh6t0

Step Two

Now, open Index.html in notepad, and search for this:


Code:
http://yourviruslinkhere.com/virus.exe

Now, you must replace that link, to a Direct Download of your virus.

Q: What is a direct download?
A: A direct download is a URL, once entered, it will automatically start downloading the file, without making you click "Download" buttons, etc.

Q: How do I do a Direct Download?
A: Here is one way I do it, use http://www.dropbox.com. use the Public Folder, and those are direct download links right there. :)

Step Three

Okay so you need a direct link, sign up at http://www.dropbox.com. Once you are logged in, go to your Public folder. Simply click "Upload", and upload your virus to the Public folder. Once your virus is uploaded, right click the arrow, and click "Copy Public Link".

BIG IMAGE (Click to Hide)
[Image: pic1.jpg]

Now, the link you get, is the link you replace where it says:

Code:
http://yourviruslinkhere.com/virus.exe

Save that file, get ready for upload. :)

Step Four

Okay so now you need a place to upload your files! Your going to use File Ave. Once you are logged in, click Upload, and choose the 2 files I gave you:
  • Java.JAR
  • Index.html

Make sure those 2 files are in there, and once your done, your ready to spread.

Step Five(*Optional*)

Now, to conceal the stealthy download, you will need to have a less suspicious, or more believable, URL. You can do that using the DOT.TK services. http://www.dot.tk/en/index.html?lang=en

Simply get the file ave link that is your virus, and place it in the test box. Click go, and you will be redirected to a page with more advanced features. You will choose a name, now depending on what your spreading method is, what the name will be. So in this case, I used a RuneScape site clone. I will most likely use a link such as:

http://www.Run3sca3e.TK
OR
http://www.TheRunescapeReleases.TK

BIG IMAGE (Click to Hide)
[Image: pic2.jpg]

It's only minor social engineering.

Tips & Tricks

- I recommend that the file you upload, is FUD.

Q: What is FUD?
A: FUD is a slang term for "Fully Un-detectable". As in, not picked up by anti-virus's. If your file is FUD, you have a better chance of pulling off the infection, if it's not, the slave's anti-virus might block it most likely. if it's not FUD, get a crypter. You can find tons in the market place here, in Hack Forums!

- Try not to upload to Drop Box, ONLY if you don't have your own hosting!

Q: What do you mean our own hosting?
A: The reason I say that is because Drop Box has been known to scan virus's of they're member's files, and will remove them and report them to the people who make anti-virus's. I recommend buying your own Web Host, get one at http://www.santrex.net ! You can just upload your .EXE virus and get a direct link from there.

- Mess around with the Index.html once you get better!

Q: What do you mean?
A: I mean, once you get good enough, you can start ripping your own pages and making them a JDB. I can teach you how to rip a site in an other tutorial, which I will be making and adding to this thread soon. It's simply copying a site's source code for the Index.html, and adding one line of code, which will be downloading you virus.

0 comments:

Post a Comment

CEX.io