Hacking Using Keylogger

aladin05 · #1 12-30-2009, 08:34 PM

Ardamax Keylogger 2.9

http://w15.easy-share.com/1700470036.html

Keygen for ardamax

Code:

http://rapidshare.com/files/123353829/keyGen.zip

-First of all Install ardamax.

-If everything went fine, the window should have close and now you'll have to do a right click on the Ardamax icon in the tray bar (in the right bottom corner of your screen), then click on "Remote Installation...".

-A new screen will open and you'll have to click on "Next".
-Tick the "Append keylogger engine to file or another application" and click on "Browse...". Now, you'll have to browse for the file or the application you want to infect. It can be anything, and, don't worry, the file won't be infected (Ardamax will make a copy of it and leave the one you chose intact). So, when someone will double click on this file, Ardamax will be install on his PC (He won't see any Ardamax installation or w/e window and probably never know he's infected). Once you choosed the file, click on "Open".

-In the same window ("Appearance"), leave "Installation folder on target computer" the same, and under "Additional components", untick "Log Viewer" (untick all) and click on "Next".

-In "Invisibility" window, leave all options tick, click on "Next".

-Now, click on "Enable..." and in the window that popuped, enter a password. Leave all the options tick, and click on "Next".

-Untick "Check for updates" and click on "Next".

Leave the 2 options tick, and I suggest to change the "Hidden mode on:" to something easier to remember (such as ctrl+z). Also, I would put a "Self destruct on:" date (you have to tick the box beside the date, scroll down and choose a date) this will uninstall Ardamax on the remote PC on the date you choosed)) such as a week later (or until you're sure you know what you want to). Click on "Next".

-Now, in the new window ("Control"), tick "Send logs every" and, right beside, choose the frequency of the logs you'll receive (usually 1/hour or 1/day is fine).

-In the same window ("Control"), under "Delivery method", select (tick) "FTP" and untick "Email". This will send all the logs to your website instead of an email address, it make easier and faster to see the logs in my opinion.

-Again in the same window, leave all the other fields the same, but untick "Send only if log size exceeds". Click on "Next".

-You're now in the "FTP" window. If you don't already have a website (such as mine:

Code:

http://www.justfree.**********
) you need to make one. Once you have a website, you'll have to enter it's address (ex:

Code:

http://www.justfree.**********
) in "FTP Host:". Under "Remote Folder:" simply enter "/" and enter the username and password of the website (the one you use to login in

Code:

http://www.**********
). After that, click on "Test", if everythin went fine, a window witn the message "The Ardamax Keylogger test FTP delivery has been completed succesfully". Click on "OK", and then "Next".

-Select the options you want (I suggest to leave all them tick), and press "Next"..

-If you choosed to take screenshot, now select the frequency of them (I think 1/15min is fine), select "Full Screen" and put the quality to the maximum, press on "Next".

-Leave these fields intact, but, I stongly suggest to change the icon to whatever you want (click on "Change Icon..." and look for one you want, you can also click on "Browse..." and browse for what you want) when you chosed it, press on "OK". Press on "Next".

-Now, press on "Finish". If everything went fine, a window with the message "Deployment package created succesfully." appear, press "OK".

Using the infected file

A new window popuped, your infected file is there, it's call "Install.exe" and it have the icon you choosed. Don't touch at any other file in this folder, they are useless. I suggest you rename it.
You now have to spread this file and hope someone will download it and double click on it. Once he do this, Ardamax will start recoring and sending logs to your website.
I suggest emailing people and giving them the file, or upload it in forums. Of course you have to put (infect) Ardamax in a file that people are interested to download.
If they decide to scan the file at http://www.virustotal.com, they will know it's infected, though only "Webwasher-Gateway" detect Ardamax in the file as "Riskware.Ardamax.K.Gen" and "Ikarus" detect "Trojan-Dropper.Win32.Agent.bnk&amp;quot;.
"Webwasher-Gateway" is the last antivirus VirusTotal use to scan, so if that person is lasy, you should be fine.
Basically, I think people can't get rid of Ardamax unless they re-install Windows, so if you didn't put "Self Destruct" date, you will receive logs for a very long time.

How to view the logs

Very easy, again, go to
Code:

Code:

http://www.**********
and log in. You'll have to click on "Access" under "File Manager". There is all the logs and the screenshot there. The one ending with .jpg are screenshots, the ones starting with "chat" are logs while the person chat, "keys" is all the keylogs, "web" are the websites visited.
You simply need to click on the log you want to see (the dates and hour are write).
Note that for some reason, you need to download the screenshots to see them (instead of clicking on the link).

Please say thanx if u like my Post

aladin05 · #2 12-30-2009, 08:37 PM

delete this thread... by mistake it is posted here..

**Coda_Hi** · #3 12-31-2009, 03:35 PM

no,this is correct section you share.

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)