(Welcome to reprint) This article from the QQ 35199 Please join QQ35199, QQ QQ Group 767 676 for your friends, right v
reveal insider hacking, hacking rule of Allah QQ Theft Tutorial
[post] QQ, numerous of my friends have had the experience of theft, that the use of quit you. Thought counter it? What counter? No kidding, we just rookie, not hackers, we will only look at web pages, chat, and even QQ number is stolen do not know how, but also by how what the *****? In truth, like the ***** of the so-called , a ***** who the pernicious blow.
Here's a fast inquiry of the principle under the Alaska QQ ***** thief. Let us do know ourselves, so that technology is no longer secret ***** .
[post] First, the principle of Allah QQ Thief *****
Today, QQ ***** is still continually updated software has been depleted, the most noted, most widely looped is not none other than the present,
GHD MK4 Gold Straighteners, most of the QQ number theft episodes are occasioned by this software. Conditions of use of software is very simple, at all times you have a support smtp mail or a letter of support asp script network space can be. And that the Trojan can be automatically divided into the ***** of the QQ, and non-Liang Liang number of 2 types, and they were sent to a assorted mailbox, which is . Next, let us 1st look by their works in mandate to find good access to fight behind.
Tencent QQ-called mighty lock keyboards why not A actually so burglar cattle Rights QQ B?
two ).***** principle:
1, the ** activated, will release a So when you're not careful when you double-click the **, ** program will find the disappeared;
2, establish a ** copy of the Ntdhcp.exe system copied to the% system32% directory, then stimulate the copy;
3, write to the registry HKLM SoftWare Microsoft Windows CurrentVersion Run, key items for the NTdhcp, is exe
4, the subsistence of a chart scan system of some system security software, such as antivirus, firewall, such as that associated to the fashion or level appoint exists (FindWindowExA () or FindWindowA ()), out of the process is aborted;
5, remove the keypad latch protection QQ QQ
A. If you are using, the termination of the program to modify npkcrypt.sys as npkcrypt.bak, stop QQ.exe loading;
B. If QQ is not in use, also renamed npkcrypt.sys, keypad lock to prevent QQ.exe load;
(Oh, he does not technically destroy completely from the keyboard lock QQ , drew attention to here, and if found in ruddy * QQ keyboard lock icon, you had better check the system security in a timely form to prevent theft QQ)
6, arrange a agreeable basis, you can wait for the victim's user hook. .
A. use the log hook (JournalRecord), recording keyboard events;
B. When access to the considerable value of the class name and form, activate the keyboard logging events, records written to% Windows% ala2qq
can use Notepad to open the% Windows% ala2qq, its content is structured consist in ...:
[QQ]
that holds the digit is cached password = ok
number here is the password = ok
[ ,],[What
log anchor? Final hack can discourage such ***** program?
In WINDOWS, the log hook is a very special hook, it is only a global hook, a keyboard, mouse and other input devices in the system information occurs when the message queue is removed, the And there is only one such system,
GHD Benefit Straighteners, log hook, but more importantly, it need not be accustom in the dynamic interlock library, so you can retention a global hook for the installation and the establishment of a dynamic correlate library trouble. Using the log hook, we can monitor a diversity of input accidents.
keyboard to capture keystrokes, keyboard hook (Keyboard Hook) also can be accomplished, but with the log hook to hook a lot easier than the keyboard. First of all, if you want to capture the keys for other petitions that make a global hook, keyboard hook must be placed in a separate dynamic link library, but they do not have to log hook; Secondly, the keyboard hook function to get the keyboard keys before the system is processing these inputs, if the system to block out these keys, the keyboard hook can not find them, case in point, when the input screen saver password, the keyboard hook can not find user input those temperaments, but they can find the log hook.
both hook, the message will boost the system processing period, thereby reducing the system's extravaganza, we have only when it is needful to install these hooks, but as far as feasible remove them when not needed.
a ).***** mode
Download ah la QQ Thief Before the formal use, merely also need to set its parameters.
In the Here to email n12345@163.com (password n_12345) as one example to introduce the In addition, in the Then in the
set up, we can fill out to test the content is correct, click on the base If the test project have shown the success of the mailbox information to complete the configuration.
number is automatically uploaded to the specified site space. Of course, prior to use, also need to do some readiness.
FTP software with adore eternal, love granny qq.asp ASP script upload support space, running alaqq.exe, in the adore granny qq.asp where the URL, then, when the Trojans intercepted a QQ number information, will be kept in everlasting love, love nanny qq.asp qq.text with the directory file.
c), set increased parameters Trojan
Next, we make advanced settings. If you check the , who sent e-mail or website ***** space. In counting, if you absence the Trojans to be used for Internet cafe surroundings, it would need to check the In addition to these two, the other can reserve the default.
4 ),***** number information
configured, We can pretend this program pictures, games, or parceled with other software, behind the spread. When something runs the suitable document, Trojan secluded in the system, while the system has QQ login, Trojan will start go narrated to the number and password will be intercepted, and in accordance with the previous settings, this information will be sent to the mailbox or Web space. [/ Post]
Second, after the cancer ahead the ailment distant fewer medicine to prevent
Now that we must understand the Generally speaking, if the following conditions met, it ought be careful.
QQ automatically shut down. After running a program
evaporate of its own.
antivirus software after running a program automatically shut down.
access anti-virus software website browser is automatically closed. If the antivirus software
mail monitoring feature, there to send a omen message box.
installed a web firewall (such for Skynet firewall),
GHD Classic Straighteners, a warning appears NTdhcp.exe way to the web.
occur 1 or extra of the above situation, the system is promising apt have been infected with the Of course, the infected horse is not disgustful, we can also be purged from the system.
1, hand-killing Trojans. Found that the system infected with the Trojan. We first have to do is run the And then open Explorer's Then, in the system32 directory into the system folder, NTdhcp.exe files deleted. Finally enter the registry keys to delete NTdhcp.exe the opener in the HKEY_LOCAL_MACHINE Software Microsoft Windows Currentversion Run.
2, uninstall the Trojan. Uninstall
3. the terminal cut-off friends who can QQ Theft and defense A barricade similar ***** program!
4, how we deal with such **? What can we defend ourselves in the love machine?
1),. as little as possible to log a number of strange sites and less to the website that are not formal software;
2). vouch ** database updates;
5. recommend that you setup using the
Third, to the ***** are deadly counter-attack
busy as he eventually put the system in the give him a counter-attack it?
1, exploited,
GHD IV Dark Straighteners, from defensive to repellent
this so-called Here are equitable ***** software from about all of the loopholes to start, giving the ***** were a course.
then this vulnerability namely it?
from earlier on the and passwords are stored in explicit txt in the Trojan program. Therefore, we can find the generated Trojans *****'s email account and password. ***** Who then easily control the mailbox, so ***** who gained naught in the rice anti-corrosion.
Tip: The above vulnerability exists merely on the QQ number of ways to sbring ... to an endformation to e-mail Trojan horse, if you configure the
2, network sniffer, anti-***** who triumphs the mailbox
When the Trojans intercepted
QQ number and password, this information will be sent along e-mail to *****'s mailbox, we can start from here, to mail the Trojans mail interception of network packets during the process down, the packets are intercepted by mail to ***** with the account number and password. Interception of packets we can use some network sniffing software, these software can easily sniff the packet was intercepted and automatically percolate out password information.
x-sniff is a command line sniffer tool, sniffing ability is very lusty, primarily for sniffing packets in the password information.
to download the x-sniff extract to a directory, such as into the directory where the x-sniff, and then enter the command to save the password information to the same directory pass.log file).
sniffing software is set up, we can usually log QQ. At this point, Trojans began to run up, but because we have run the x-sniff, trojan information will be sent be intercepted. After a few moments, into the x-sniff the direcotry, open the pass.log,
GHD Red Straighteners, we can find x-sniff sniff successfully to the mailbox account and password.
may be a lot of friends ashore the bid line, things have a sense of alarm, so we can use graphical tools to sniff sniff. For sample, suitable for newcomer use sinffer.
run sinffer, we need to install the WinPcap driver, otherwise sinffer will not work correctly.
run sinffer. sinffer.exe First we need to specify a card, click the card icon on the toolbar in the pop-up skylight, elect your network card to use, point of immediately after completion of configuration. Confirmed that the configuration, click on the toolbar sinffer the
Next,
GHD Purple Gift Set, our customary landing QQ, whether sniffing successful, the interface will seem in the sinffer occupied data packets, in which send list password information is set out quite clearly have a out.
***** who received e-mail account and password, which we can delete all messages QQ number information, or modify his email password to * **** are a lesson for us to have just a rookie! [/ Post]
Hacking exposed web insider , QQ hacking princ
Linear Mode
