- 21 Eki 2015
- 477
- 1
Keylogger are given in the forum under the title of Unrecognizable and I personally give myself other forums. So what are their safety ratings and how will you use them? Lets talk about how to keep them unrecognizable.
Lets give short definitions first.
PRIVATE
As you can understand the name means private to person. Private programs arent captured by antivirus however, private isnt only used in hacking programs but also in other programs.
PUBLIC
Trial version means that a paid-for program will available as a demo. Restrictions may or may not be.
TRIAL
This is a trial version of a program. The word trial is often used in licensed programs. Restrictions may or may not be. Public is hacking style.
DEMO
Trial and demo has the same meaning.
WHAT ARE THE RESTRICTIONS ON RESTRICTED PROGRAMS?
Day Date Restrictions;
From the moment you install the program, the program will run within a certain number of days, based on the date and time format in your windows. It starts from the date it is active. For example you installed the program on 01-02. Total running time of the program is up to 01-03. This feature usually seen in licensed programs doesnt exceed 30 days (usually). Date restriction wont happen on hacking-style programs.
Restrictions on hacking-style programs;
There are very few or no restrictions on such programs. For example, crypt programs have up to two types of encryption types. Forces you to use only one and a nag screen pops up for the other. Get full version for the second type. However, the restrictions happens at the rate of %5 in hack-style programs, not in most. No need to put restrictions anyway. Once the program goes online, the life of a hacking program doesnt exceed 10 days. Within 10 days antivirus will start to catch it.
WHAT IS UD?
UD is an abbreviation of the word undetected. English means undiscovered. A file that is captured by antivirus it is called UNDETECTED when a second person other than the author is tampered with. Undetected means that most antivirus is hijacked but some con be caught or captured. So it isnt %100. But this ratio varies entirely according to perspective. Its cracker can determine the antivirus software used in antivirus testing. There are nearly 400 antivirus in the world. It is impossible to miss out on all of them and in fact it doesnt meant that he was caught in the file all of them. Most of the 400 antivirus are bad third-rate antivirus. These 400 antivirus are what we call the major head antivirus companies. Total
27 in general
The best is 15.
Now, if whoever did it hid all 15 of them, that would be %100. But one of the 27 can catch it but this is an antivirus program that no one has ever used. Have you ever heard resscan antivirus? Like that. Undetected based on the major ones that everyone uses.
If we list them;
Kaspersky (It is one of the most widely used Russian program in the world)
Nod32 (It is still a much used program. American I guess)
Avast
Avira
Ikarus
Bit Defender etc.
It goes like that.
UNDETECT
The process of hijacking a program from antivirus is called Undetect.
For example;
Ill undetect this file. Some people say theyd undetected. I am laughing.
UNDETECTER
This is the common name given to crypt programs that make file captured by antivirus programs uncatchable.
MANUEL UNDETECTED
It is the definition given to the process made by using asm information and xor technique with hex editor or ollydbg assembly editor program manually without using any undetecter program. The manuel XOR technique has advantages over being more difficult.
a- The file doesnt get caught if it long, remains uncaptured.
b- File size doesnt increase (the size of file that isnt captured by undetecter program increases. This increase depends on the size of the stub file of undetecter program. If the stub file is 100kb, the size of the original file increase by 100kb. In undetecter programs, file size increases, not decreases. It can partially descend if some have compression capability.
CRYPTER
Undetecter means the same as the crypter.
ENCRYPTER
Means to decode the encrypted object. In short, crypt is the word root made negative by the word en.
CRYPT
It is a generic name given to the encryption of a process. Crypter programs usually write x crypt but this is incorrect. It should be the x crypter. Crypter reveals the nature of the work done. The crypt the source of the work.
FUD
It means full version of the UD. Full means that is uncaught. If the number of antivirus scanned is 15, this means that 15, it means that 15 were missed. This example would be 15/10 if undetected. So 10 out of 15 antivirus hijacked. It means 5 of them were caught but however, in order to export a file undetected, this ratio must be at least %95. It isnt necessary, but this is the way. It should be %95 otherwise they will laugh at you.
BINDER
General description given to file merge. Binder programs combine File A with File B to create file C. These programs are called binder programs.
BIND
A + B = C is the general definition given to the formation of the file. For example; File binded. But it would be wrong if we said the file bindered.
TROJAN
Remote decontamination programs with real name Trojan horse. Designed to work on WAN systems. (Can also work as a LAN) Named after the Legend of Troy in history. These remote control programs can remotely manage a system, they can turn it off, steal information, etc. Trojan programs are spyware programs that run in client/server socket logic. The server file created by the client control program is given to the person. As soon as the person opens this file, the administration will switch to the person who created the file. But the logic here is to give it to the person in secret without being noticed. How will this happen? Like in Trojan Legend in history, the soldiers hid inside the wooden horse and showed themselves as a gift. Then they sneak out of the castle. In the same logic, you give the server file to the victim as a picture or similar file. This file has a file that running in the background of the file that is opened by victim music or image file, but it has a server file that is running secretly without being soon. The victim sees the picture but the server is active in the background. How do you store this server file in an image or similar file? You do this with the above binder programs.
A (server file) + B (image file) = C (server + image file)
Some trojan programs have a bind feature in them. If it doesnt have binder programs come to your rescue.
KEYLOGGER
Keyloggers are spyware programs that run on the victims computer. However, there are no remote control features such as Trojans. The purpose is to log all kinds of log, such as keyboard keys, passwords, site information entered an so on. To send it to the person who prepared it. Keylogger programs are divided into two.
-LOCAL KEYLOGGERS
-REMOTE KEYLOGGERS
LOCAL KEYLOGGER
These are keylogger programs that are installed manually without creating any server file in the local environment. It doesnt create server file.
REMOTE KEYLOGGER
The programs installed on the persons computer by creating a server file. There are bind in themselves. Remote keyloggers are preferred for use.
SCANTIME
After making the file captured by antivirus programs arent captured, manually scanning the file is called the file isnt captured. But when this file runs, it gets caught directly. Because the top layer of the original file is encrypted, so the antivirus program cant see the hex codes of the original captured file under the encryption.Thats why it cant catch it. However, as soon as the file runs, the original file inside tries to exit. Extracts itself. It usually does this in the temp directory. Everything goes back to the beginning, as the original file comes out. Captured file is still captured. Scantime crypt programs are programs that dont work at all. But there are still idiots doing it.
RUNTIME
After you have made the file that is captured by antivirus programs isnt captured, both manual scanning is called the process of not being captured and not being run. It doesnt extract itself out of the original file. The file is opened directly into memory and extracts itself. Since the file running in memory doesnt extract itself to disk, antivirus doesnt give a warning. Of course there are technical events of being dumped in memory.
AGENT
Keylogger programs in a single simple case of the same operation or close to the process that makes the spy programs. Runs in remote server logic.
Online Scanning Companies You Shouldnt Use!
1) At first dont use this https://www.virustotal.com/gui/home
2) Dont use this https://virusscan.jotti.org/
3) Dont use this http://virscan.org/
Online Scanning Site You Should Use For Scanning:
http://scanner.virus.org/ Prefer this site. I cant think of another browser address right now. The scans here wont send the server to review.
Please note this for the continuity of these unrecognizable posts...
Now lets come to the question of Can we use these programs safely.
You can either go to the internet cafe or try to install a virtual pc, no matter who gives the keyloggers we provide.
https://www.vmware.com/ Here you can download and install vmware.
Or you can download virtual pc and create your virtual PC.
Also important warnings and advice to av0id being affected by keyloggers.
Use Internet Security software.
Data retrieval traffic such as Kaspersky Internet Security 2009 or Norton Internet Security 2009. Also, if you pc speed is good, install another antivirus next to it. Run Hijackthis periodically.
And A General Warning:
Programs provided have no certainty. What works today, doesnt work tomorrow. They can give you backdoor programs, under the name of selling undetectable keyloggers. Your passwords can go to them. If you are going to get a program, you will get a program that isnt going to be scammed with a site that is specific to it.
Take the safety precautions I say.
Dont download any crypter without confirmation from Uzmanız!
No one has the authority to confirm that the share is clean except Uzmanız.
I suggest you behave accordingly.
This matter goes for friends who share Crypter as well as to friends who use it.
Dont scan the Crypter on sites that send reports!!!
Plus, if you want your share to be long-lasting, make sure to put RarPASS!
Even if it is shared on other forums, it will be difficult to use but it wont be impossible.
NoDistribute - Online Virus Scanner Without Result Distribution and http://razorscanner.com/ . Prefer these sites. I cant think of another browser address right now. The scans here wont send the server to examine.
Lets give short definitions first.
PRIVATE
As you can understand the name means private to person. Private programs arent captured by antivirus however, private isnt only used in hacking programs but also in other programs.
PUBLIC
Trial version means that a paid-for program will available as a demo. Restrictions may or may not be.
TRIAL
This is a trial version of a program. The word trial is often used in licensed programs. Restrictions may or may not be. Public is hacking style.
DEMO
Trial and demo has the same meaning.
WHAT ARE THE RESTRICTIONS ON RESTRICTED PROGRAMS?
Day Date Restrictions;
From the moment you install the program, the program will run within a certain number of days, based on the date and time format in your windows. It starts from the date it is active. For example you installed the program on 01-02. Total running time of the program is up to 01-03. This feature usually seen in licensed programs doesnt exceed 30 days (usually). Date restriction wont happen on hacking-style programs.
Restrictions on hacking-style programs;
There are very few or no restrictions on such programs. For example, crypt programs have up to two types of encryption types. Forces you to use only one and a nag screen pops up for the other. Get full version for the second type. However, the restrictions happens at the rate of %5 in hack-style programs, not in most. No need to put restrictions anyway. Once the program goes online, the life of a hacking program doesnt exceed 10 days. Within 10 days antivirus will start to catch it.
WHAT IS UD?
UD is an abbreviation of the word undetected. English means undiscovered. A file that is captured by antivirus it is called UNDETECTED when a second person other than the author is tampered with. Undetected means that most antivirus is hijacked but some con be caught or captured. So it isnt %100. But this ratio varies entirely according to perspective. Its cracker can determine the antivirus software used in antivirus testing. There are nearly 400 antivirus in the world. It is impossible to miss out on all of them and in fact it doesnt meant that he was caught in the file all of them. Most of the 400 antivirus are bad third-rate antivirus. These 400 antivirus are what we call the major head antivirus companies. Total
27 in general
The best is 15.
Now, if whoever did it hid all 15 of them, that would be %100. But one of the 27 can catch it but this is an antivirus program that no one has ever used. Have you ever heard resscan antivirus? Like that. Undetected based on the major ones that everyone uses.
If we list them;
Kaspersky (It is one of the most widely used Russian program in the world)
Nod32 (It is still a much used program. American I guess)
Avast
Avira
Ikarus
Bit Defender etc.
It goes like that.
UNDETECT
The process of hijacking a program from antivirus is called Undetect.
For example;
Ill undetect this file. Some people say theyd undetected. I am laughing.
UNDETECTER
This is the common name given to crypt programs that make file captured by antivirus programs uncatchable.
MANUEL UNDETECTED
It is the definition given to the process made by using asm information and xor technique with hex editor or ollydbg assembly editor program manually without using any undetecter program. The manuel XOR technique has advantages over being more difficult.
a- The file doesnt get caught if it long, remains uncaptured.
b- File size doesnt increase (the size of file that isnt captured by undetecter program increases. This increase depends on the size of the stub file of undetecter program. If the stub file is 100kb, the size of the original file increase by 100kb. In undetecter programs, file size increases, not decreases. It can partially descend if some have compression capability.
CRYPTER
Undetecter means the same as the crypter.
ENCRYPTER
Means to decode the encrypted object. In short, crypt is the word root made negative by the word en.
CRYPT
It is a generic name given to the encryption of a process. Crypter programs usually write x crypt but this is incorrect. It should be the x crypter. Crypter reveals the nature of the work done. The crypt the source of the work.
FUD
It means full version of the UD. Full means that is uncaught. If the number of antivirus scanned is 15, this means that 15, it means that 15 were missed. This example would be 15/10 if undetected. So 10 out of 15 antivirus hijacked. It means 5 of them were caught but however, in order to export a file undetected, this ratio must be at least %95. It isnt necessary, but this is the way. It should be %95 otherwise they will laugh at you.
BINDER
General description given to file merge. Binder programs combine File A with File B to create file C. These programs are called binder programs.
BIND
A + B = C is the general definition given to the formation of the file. For example; File binded. But it would be wrong if we said the file bindered.
TROJAN
Remote decontamination programs with real name Trojan horse. Designed to work on WAN systems. (Can also work as a LAN) Named after the Legend of Troy in history. These remote control programs can remotely manage a system, they can turn it off, steal information, etc. Trojan programs are spyware programs that run in client/server socket logic. The server file created by the client control program is given to the person. As soon as the person opens this file, the administration will switch to the person who created the file. But the logic here is to give it to the person in secret without being noticed. How will this happen? Like in Trojan Legend in history, the soldiers hid inside the wooden horse and showed themselves as a gift. Then they sneak out of the castle. In the same logic, you give the server file to the victim as a picture or similar file. This file has a file that running in the background of the file that is opened by victim music or image file, but it has a server file that is running secretly without being soon. The victim sees the picture but the server is active in the background. How do you store this server file in an image or similar file? You do this with the above binder programs.
A (server file) + B (image file) = C (server + image file)
Some trojan programs have a bind feature in them. If it doesnt have binder programs come to your rescue.
KEYLOGGER
Keyloggers are spyware programs that run on the victims computer. However, there are no remote control features such as Trojans. The purpose is to log all kinds of log, such as keyboard keys, passwords, site information entered an so on. To send it to the person who prepared it. Keylogger programs are divided into two.
-LOCAL KEYLOGGERS
-REMOTE KEYLOGGERS
LOCAL KEYLOGGER
These are keylogger programs that are installed manually without creating any server file in the local environment. It doesnt create server file.
REMOTE KEYLOGGER
The programs installed on the persons computer by creating a server file. There are bind in themselves. Remote keyloggers are preferred for use.
SCANTIME
After making the file captured by antivirus programs arent captured, manually scanning the file is called the file isnt captured. But when this file runs, it gets caught directly. Because the top layer of the original file is encrypted, so the antivirus program cant see the hex codes of the original captured file under the encryption.Thats why it cant catch it. However, as soon as the file runs, the original file inside tries to exit. Extracts itself. It usually does this in the temp directory. Everything goes back to the beginning, as the original file comes out. Captured file is still captured. Scantime crypt programs are programs that dont work at all. But there are still idiots doing it.
RUNTIME
After you have made the file that is captured by antivirus programs isnt captured, both manual scanning is called the process of not being captured and not being run. It doesnt extract itself out of the original file. The file is opened directly into memory and extracts itself. Since the file running in memory doesnt extract itself to disk, antivirus doesnt give a warning. Of course there are technical events of being dumped in memory.
AGENT
Keylogger programs in a single simple case of the same operation or close to the process that makes the spy programs. Runs in remote server logic.
Online Scanning Companies You Shouldnt Use!
1) At first dont use this https://www.virustotal.com/gui/home
2) Dont use this https://virusscan.jotti.org/
3) Dont use this http://virscan.org/
Online Scanning Site You Should Use For Scanning:
http://scanner.virus.org/ Prefer this site. I cant think of another browser address right now. The scans here wont send the server to review.
Please note this for the continuity of these unrecognizable posts...
Now lets come to the question of Can we use these programs safely.
You can either go to the internet cafe or try to install a virtual pc, no matter who gives the keyloggers we provide.
https://www.vmware.com/ Here you can download and install vmware.
Or you can download virtual pc and create your virtual PC.
Also important warnings and advice to av0id being affected by keyloggers.
Use Internet Security software.
Data retrieval traffic such as Kaspersky Internet Security 2009 or Norton Internet Security 2009. Also, if you pc speed is good, install another antivirus next to it. Run Hijackthis periodically.
And A General Warning:
Programs provided have no certainty. What works today, doesnt work tomorrow. They can give you backdoor programs, under the name of selling undetectable keyloggers. Your passwords can go to them. If you are going to get a program, you will get a program that isnt going to be scammed with a site that is specific to it.
Take the safety precautions I say.
Dont download any crypter without confirmation from Uzmanız!
No one has the authority to confirm that the share is clean except Uzmanız.
I suggest you behave accordingly.
This matter goes for friends who share Crypter as well as to friends who use it.
Dont scan the Crypter on sites that send reports!!!
Plus, if you want your share to be long-lasting, make sure to put RarPASS!
Even if it is shared on other forums, it will be difficult to use but it wont be impossible.
NoDistribute - Online Virus Scanner Without Result Distribution and http://razorscanner.com/ . Prefer these sites. I cant think of another browser address right now. The scans here wont send the server to examine.
Source: https://www.turkhackteam.org/undetected/972284-undetected-genel-bilgi.html
Translator: Provido
Translator: Provido
