CYBERTRUST

Author name:: ARUNPREET SINGH

(Death_C0der)
Welcome to my second article .This is about hacking terminology.

Today internet growth is at its peak.Hundreds ,even thousands of Websites made day by day.

No. of users on internet is increasing regularly .Everything in India is getting online fastly ,For example
Internet banking,Online bill payment facilty ,Online recharge,also online friendship(From online
friendship I mean facebook and other social networking websites).So most of Indian common
man(middle class ) is getting online or ready to get online

As I said size of internet is increasing day by day.Also size of hackers community is also increasing day
by day. For Indian Society Term “HACKER” means genius , extraordinary (they think hacker can do
everything).SO in india “Hacker” word become a status symbol speacially in university and colleges.So
more and more People specially Engineering students want to become Hackers.From my opnion it is
very good target but most of them are misguided .

So How everything starts .With the increase in size of internet ,no. of websites related to hacking are
also increasing day by day.Today there are Thousand of Websites which provide hacking material and
hacking tools…When a common guy starts its journy to hacking it simple use google .Then it comes to
know about some hacking related Forums For example Hackforums.net

Here My main discussion starts . I am going to use names of some basic hacking softwares.SO first I want
to tell something about some basic tools so that you can understand this matter easily

1)Keylogger::A Software used to record keys ,very useful to find passwords .Most of keyloggers
comes with remote support means attacker only have to run keylogger’s “server.exe ” on Victim
computer once then he will be able to get victim password and other information.

2)Stealer: It can recover saved password from different Softwares Like Mozilla ,Internet explorer
,yahoo messenger etc.It simple decrypt the saved password and upload to user FTP.

3)Botnet::A virus of viruses.Botnet have different different modules.each module have different
working.It can used the victim machine to launch dangerous attacks like DDOS.It also include keylogger
and stealers in its modules.Botnets are most dangerous thing For internet
4)Binder::IT is used to join to Executales.We can make single executable from two or more different
executables file.It can also Hide the executaion of specific executable during its execution.

5)crypter::Their working is complex to understand for newbies.So Just for now u can say crypter is
software that is used to make a virus or malicious program undetectable .A Good crypter can make a
virus Fully undetectable .(FUD=FULLY UNDTECTABLE).

7)Sandboxie::A platform to run any executable virutually mean if we can test virus on sandboxie and
it still has no effect on our PC .

8)Vmware::We can run more than one operating system on a single machine simultaneiosuly.we aloat
virtual HDD to OS running on Vmware.If u run a virus on virtual Os then it have no effect on our real
Os.So it is very helpful.

9)Debugger::They are tools designed for eror checking and correcting errors.bascially we can analyze a
structre of program with from a its executables with the help of debugger .Debuggers are main Tools
For reverse Engineers.Main aim of debugger is to control the the execution by adding things like
breakpoint etc.

Now lets start Our discussion again .So we are at hackforums.net. Forums Like Hackforums.net
contains large amount of these tools and tutorials.Our beginners deeply interects towards these
things. So here You have forum full of hacking tools such as crypters,keyloggers etc. These Tools are
basically Created By Other members of forums and most of time only executables are given (source
code given in rare cases,becoz it is is belived published source code make it easy for antivirus
companies to develop signature)So Here Comes a TERM “CYBERTRUST”.You have Your Dream tools
infornt of You but they are created by third party .Newbies Just download these tools and used these
tools.But in most of cases they infect himself before infecting others.

I Bet more than 50% of these tools are Backdoored .SO Our Beginners First Infect Himself Before
getting others as victim .

These tools are actually represented in a interactive manner Like “FUD CRYPTER AVAILABLE FOR
FREE”, “SUPER BINDER LEAKED “ etc.
How Software are Backdoored?
These Softwares are backdoored by Two ways either by modifying source code or by backdooring
executable.Now How and why orginal coder backdoor his software?

I just want to say one thing “The Creater have ALL the POWER”.It is very easy task for a orginal creater
to change bevaiour his program.He just have to add couple of statements and his program will be
capable to infecting its user and most of time when it happen it is very hard to detect these type of
programs.

This is actually done by those guys which want to make big thing like botnet network .

Also it is mostly done when a source code of program is available and other will make changes to
source code and make it backdoored.

Now move to second case,

This method is used in 70% cases because this does not require any programming experience.

In this case executable is binded with other malicious program and then made FUD (fully
undetectable) by crypter.They presented it to you in a interactive manner and newbies fell in trap and
infect himself.

Some People may can argu that this is not true .I just want to give example symentic report acc to it
india is at 4th no. in malware infection .most of them are taking place due to our childish behavior like
I mention before.

Can I Trust My Antivirus??

So question raises how can we detect these backdoored programs.The Answer is it is not possible to
completely detect these type of malicious programs.Most of newbies think that If ANTIVIRUS say the
file is clean then it mean file is 100% clean.It is not a very hard thing to fool your antivirus.let me
explain .their is two m ethod of doing this manually and with help of tools.Manual method need deep
knowledge .So I explain how it is done by these tools.We need basically two tools .

1)Binder

2)Crypter

PRICE OF GUD BINDER:: 5 to 10$(may be 20) Depend Upon quality

PRICE OF FUD CRYPTER::10$ to 15 $

SO it almost need only 15 to 20$ to bypass your antivirus.So it is not a big price .You can also arrange all
this tools if you have good contacts.SO bypassing Your antivirus is not a big deal.None of antivirus is
perfect in all areas like some is good are roortkit detection and removel ,some are good detecting
botnets etc.So no antivirus can detect all virus completely.So you not only depend on your antiviruses.

USING SOME OTHER SECURITY TOOLS(SANDBOXIE,Vmware) :

There are other security related tools available on internet such as Vmware,sandboxie ,wireshark etc.

You often come to know about using these tools to test for viruses.In old times these are pretty useful
to check for virus.But in todays world malware programmers are getting smart .They a create new
method to overcome these tools.They Use “Antis” To bypass these tools.Like I have one binded
executable file , in real it contains 2 files..one is keylogger ‘s server and other is some other clean
program. SO First Program checks whether sandboxie or vmware is running or not.If it is running on
sandboxie or vmware then it block the execution of keylogger server and only clean program runs.So
user think it is clean program then I run it on its real machine and get infected .For example,The
example code is

Let PROGRAM A = VIRUS + CLEAN PROGRAM

IF(SANDBOXIE OR VMWARE IS RUNNG)

Execute only clean PROGRAM ,block Virus part.

Else

Execute Both...(Execute virus in background.)

Same with the Case of wireshark .A malicious Stop sending Packets when it detects that wireshark is
running .When wireshark is closed then it again start sending packets.

So I want to say these tools does not give 100% Surity.

ROLE OF REVERSE ENGINEERING
Till now we discuss that it is not possible to check whether is software is backdoored or not.

The Real method to check whether Program is backdoored or not is Reverse Engineering.

Reverse Engineering is method to analyze executables.With the help OF Reverse Engineering we can
have a idea about Structre of Program without knowing actual Source Code.

Reverse Engineering is actally a Double Edge Sward.GooD guys can use it to detect viruses while bad
guyz can use it to make virus Perfect .With the Deep Knowledge Of REVERSE ENGINEERING We can
analyze viruses and check whther program is clean or not.

But it Require Deep knowledge.If u want a real hacker then I suggest you this path of reverse
Engineering .This may take long time but this is real method .It also is very helpful in exploit writing .

SO I strongly Recmend You to learn reverse Engineering.

Solution:
The main solution is Reverse Enginnering.It as I already said it require Deep Knowledge .So some other
easy method for newbies is :

1)Improve your Programming Skills .Use Open Source tools instead of Executables .Also Try to Learn
From Source codes and try to modify these source code or try to make your own tools with the help of
these source codes.

2)Don’t trust on a Single Antivirus .Use multiple Antivirus Scan Engine Like www.novirusthanks.org.

3)Use Crackz Carefully .Almost 60% of Crackz are Binded with keyloggers ,stealrs etc.So use crackz
carefully . prefer Serial No.s .IF keygen is available then then run it on sanboxie and get Serial no. .TRY
to avioid direct cracks (direct crack in which we replace executables).If u going to use Direct crack the I
suggest you to take snapshot of registry and other things.

4)Always Download Tools made By Trusted members and Reputuated Members..Since They also are
human and no one can not completely predict human nature but senior and reputated members most
of time their intenstion is to countribute to community Dont trap into interactive Advertisement.

5)Update Virus Signature Regularly .Try to avoid Crackz.Linux is real hacker’s Opertaing system Go for it
and use it to learn real hacking ..Stop using shitty 3rd party script kiddy tools .Linux is more secure
and stable than windows in term of security (I recmend BACKTRACK 4)
FINAL WORDS
Creater have All the Power .Behaviour Of program is Depend on his creater mentality .we can not
predict What is in the human mind But we can try to secure ourslf by using some security Tips.

Don’t be the First Victim Of malicious program in the way of getting others as victims .