You would have probably heard about binders and Crypters before, but what do they used for? and why they are used in keylogging process? its simple as their Names suggests what they do. Lets first understand these two softwares.
What is Crypter?
It is a software that can encrypt executable (.exe) files. crypters are popularly used to encrypt viruses, RAT’s, keyloggers, spywares etc to make them undetectable from antiviruses.The Crypter takes the original binary code of .exe file and applies many encryption on it and stores at the end of file(EOF). So a new crypted executable file is created. The new exe is not detected by antiviruses because its code is scrambled by the crypter.
What is Binder?
The files to be binded can have any extension or icon. The user has choice to select the name, icon and various attributes of binded file.
Now that you, me and the whole world is aware of these softwares, do you think antivirus softwares will allow you to run these softwares on your system? ..obviously not. This is the biggest setback for crypters and binders. With increased use of Crypters and binders to bypass antiviruses, AV became more advanced and started including encryption definitions to even detect crypted or binded strings within code. So, use of crypter to hide Keyloggers became more complicated as nowadays, most of the popular crypters & Binders are easily detected by antiviruses.
So, if you are trying to crypt your keyloggers or viruses with publicly available crypters and binders, they are bound to be detected by antiviruses. This is because most FUD(fully undetectable) crypters remain “FUD” for maximum of one or two weeks, after their public release.
When any free FUD crypter/binder becomes popular it also gets the eyes of antivirus companies. The antivirus companies update their software and employ detection mechanism that detect the encryption by the crypter. To obtain FUD crypters, you either need to search for it in hacking forums or make one by yourself. Soon i will post about creating your own crypter.. stay connected.
Meanwhile you can try these crypters and binders that are available publicly:
Hiding Keyloggers/Rats/Worms/Viruses Using Crypters or Binders
The main thing you need to focus on after creating keylogger, is to convince your victim toinstall that keylogger on his PC. Normally free remote keyloggers like Ardamax keylogger or any other cheap, or free keyloggers will create standard .exe installation file without any stealth feature and you can use cracked Keylogger generators too. Also free keyloggers are easily detected by common antiviruses like Kaspersky,Microsoft Security Essentials and more, even the worst (according to me) Avast, the free antivirus detects keyloggers like this instantly. So Eventually your keylogging will end in vain. You might have heard about binders and Crypters before, but do you know what they are used for? and why they are used in keylogging? its simple as their Names stands out what they do. Lets first understand them.
Crypter
It is a software that can encrypt executable (.exe) files. crypters are popularly used to encrypt viruses, RAT’s, keyloggers, spywares etc to make them undetectable from antiviruses.
The Crypter takes the original binary code of .exe file and applies many encryption on it and stores at the end of file(EOF). So a new crypted executable file is created. The new exe is not detected by antiviruses because its code is scrambled by the crypter.
Binder
Binder is a software used to bind or combine two or more files in one file under one name and extension.
The files to be binded can have any extension or icon. The user has choice to select the name, icon and various attributes of binded file. Now that you are aware of these softwares, do you think antivirus softwares will allow you to run these on your system?Ofcourse not. This is the biggest setback for crypters and binders. With the flourishing use of Crypters and binders to bypass antiviruses, AV became more advanced and started including encryption definitions to even detect crypted or binded strings within code. So, use of crypter to hide Keyloggers became more complicated as nowadays, most of the popular crypters & Binders are easily detected by antiviruses too. So, if you are trying to crypt your keyloggers or viruses with publicly available crypters and binders, they are bound to be detected by antiviruses. This is because most FUD(fully undetectable) crypters remain “FUD” for maximum of one or two weeks, after their public release. When any free FUD crypter/binder becomes popular it also gets the eyes of antivirus companies. The antivirus companies update their software and employ detection mechanism that detect the encryption by the crypter. To obtain FUD crypters, you either need to search for it in hacking forums or make one by yourself. Soon i might post about creating your own crypter.. so be sure to drop back. Meanwhile you can try these latest crypters and binders that are available publicly:
Here you can downlaod some free crypter and binder
1) Chrome Crypter v2.0
This Crypter is FUD (Fully Undetectable) and free. It has couple of extra features like .exe file binder and inbuilt ICON Changer. Its recommended that you name your resulting output file in the format: “filename.mp3.exe”. .exe extension will be hidden on most of the systems, so your victim will run it believing its an mp3 file.
Download: Chrome Crypter v2 – FUD.rar
2) 0crypter v5.0.8
Like ‘Chrome crypter’, this crypter also has inbuilt ICON changer and few more advanced features like: Default Browser Injection, Custom Injection Method (VBC advanced), Effective StartUp on reboot, Custom Startup, Custom Assembly Change, etc. This is not FUD, as my AVG quickly flagged the output file as Trojan virus.
Download: 0crypter v5.0.8 – FUD.rar
Bypass Antivirus detection using Metasploit (FUD)
No comments:
Post a Comment