Spyware Detail

Alias

Backdoor/DiabloKeys.10 [Computer Associates]
Backdoor/DiabloKeys.22!Server [Computer Associates]
Keylog.Diablo!plugin!Trojan [Computer Associates]
Keylog.Diablo.plugin [Computer Associates]
Keylog-Diablo [McAfee]
security risk or a "backdoor" program [F-Prot]
Trj/Spy.DiabloKeys [Panda]
Trojan Horse [Panda]
Trojan Horse.LC [Panda]
Trojan.Spy.DiabloKeys.10
Trojan.Spy.DiabloKeys.10 [Kaspersky]
Trojan.Spy.DiabloKeys.22.a [Kaspersky]
TrojanSpy.Win32.DiabloKeys.10 [Kaspersky]
TrojanSpy.Win32.DiabloKeys.22.a [Kaspersky]
Win32.DiabloKeys.10 [Computer Associates]
Win32.DiabloKeys.22.A [Computer Associates]
Win32/DiabloKeys.10.A!Trojan [Computer Associates]
Win32/DiabloKeys.22.a!Spy!Trojan [Computer Associates]

Vendor Description

From the doc:
DIABLO KEYS
Tutorial
By KodaPT
- What's this?
This is your dream becoming true... With this great Trojan you will be able to see what the victims do and type. No...It´s not a normal Trojan... because to do this you don't need to be connected to the server... you can be making sex while Diablo Keys log all that the pour victim do and in the next day you can see it by connecting to a FTP server... This tool is not to lammers...because you will need some skills to spy the victim. This tool is only to use by persons that have a minimal "know - how" of FTP servers and Trojans.. Basically you will infect the victim like a normal Trojan. You can also use the Infect Tool to do that...Than the program will be spying the victim. Then it sends the logs to a specified FTP account, that you previously have setup. Then you can read the log and see some interesting information....;)
- Disclaimer
1 - Diablo Keys is provided 'as is', without any express or implied warranty, in no event the author is held liable for any damages arising from the use of it.
2 - The author can't be held responsible for any illegal action(s) arising from the use of this software.
If you don't agree with these terms, do not use Diablo Keys...
- Make a Diablo Keys . EXE file (server side/host)
Follow the following steps if you really want to spy someone:
1 - First you need an FTP account. To make a new account I used the FTP of Angelfire.com. Go to www.angelfire.com and then click on Sign Up. Now you must create a new account. Fill out the information that Angelfire requires. Be careful: don't use your personal information, just lie...Remember your FTP account name, and password. For example mb/zapzap , 0987651
2- when the FTP account has been created, now you must create an email account. This is to use on the mail notification. Don't use cellular phones or your own email. Create a new with strange names.
3- Ok. You have a new FTP and a new email account. Now you are prepared to make the .EXE file, the file that will spy on Windows. Open the Diablo.exe program and click on New Diablo. Now you must setup the new .server, this is, the FileName.exe that you will use.
- Name of Server : you must put here a name to the Diablo Server. Be sure not to use a normal name like Win32 or those things. Use a name created by your own.
- Password: the password for the server. You will need to know this password if you use encryption..
- Use Encryption/ Compress? - you must tell if you want encryption or not. Using encryption will encrypt the files so no one can see in your FTP server, only if they now the password. I will not tell the module ; ) , but it quite strong. In the other side, you can use compression, that's it will compress the logs.
- Date to end:- of course that you do not want that the server sends you all the files to the end of your life, not? So setup here a date to the server terminate. Use Year_Month_Day (2000_12_31) . Be careful: use this Syntax. If not the program will ever terminate!
- FTP Server - type there the FTP server that you want to use. In our example we used Angelfire, so: ftp.angelfire.com
- FTP Server User Name;- ok. The FTP name account that you want to use, and once created. for example: mb/zapzap
- FTP Server Password: Ftp account password. You need to setup this too. It´s necessary to send the files.
- FTP File Type: the file type to use on FTP sending files. It must be set with the encryption option,. If you use encryption you must put Binary. If not you must put ASCII .
- Mail Server: you will receive also mail notification when new logs were sent. To receive you must setup the email server of the victim. Note: the server of the victim, not yours. This is like SMTP servers...
- Send To: The email account to send the mails. Then you must type the subject and the body of the email too
- Name of File: the name of the file. Use this option carefully...
- Diablo Signature: this option is extremely useful. You must type a signature, like a symbol, to see which is the file on the FTP server. Use : *.sss . Remember the signature because if you use in local pc´s you must now this pattern to see the files.
Now you must complete the setup process. You can choose by Faking a Message or not. By faking a message you can fake an error message. Configure the dialog box by choosing the title, text, buttons and type. You can also choose if you want to use Regedit, System.ini or Win.ini or all together. With Melt File, the file will disappear after the user clicks on the .exe file. With auto-copy just copy the exe from the directory that is clicked to the system dir, with another name if you specified that. (Name after Auto-Copy)
Now click on Make to build the new .EXE file and save in a folder . Ok. The file is ready to spy anyone you want. To see this working you can infect yourself...
- Infect a Diablo Keys
Ok. You have the .EXE file, and now? Ok. You have two options: you can do it by yourself by breaking a window, turn on the PC and put the file in C:\windows\system and click on the file; or you send it to the victim by using the fantastic tool named "Infect.exe". This tool is great: it will send a normal file (.txt , .bmp, .wav) to the victim and also infect the victim. Or you redirect the victim to an URL. Here, yes, here you must have high skills of piracy. You must now the victim and now if she knows you. Pretend being someone sending a photo, or sending an HTML file to see. The file will appear like this Joe.BMP.vbs . If the victim see the extension .vbs. and understands how could be dangerous to click on the file, forget it! But if she clicks the photo will appear (+/- seconds after depend on the size and the CPU speed) . If you choose to redirect to an URL it's simpler and more efficient. OK. You must make a plane! You are know at your own...
However, the author has coded and excellent tool called infect . This tool, will code a script for you! You must setup the script by filling out the text boxes. Be sure to fill out everything and another once you must be very clever... The tool is very easy to use. The final result will be a file that when the victim click will show a normal file and infect the computer! In the Show File section you must specify if you want to show a file from a FTP server (the file must be in that account!) or if you want to show a URL. The FTP option is more slowly...and it´s case sensitive! Be sure not to put he file in the same FTP server you receive the logs, of course! You must also setup the .EXE file to infect. It must be in the FTP to the script download it! Cli

Category

Backdoor:  A secret or undocumented means of getting into a computer system, or software that uses such a means to penetrate a system. Some software has a backdoor placed by the programmer to allow them to gain access to troubleshoot or change the program. Software that is classified as a "backdoor" is designed to exploit a vulnerability in a system, and open it to future access by an attacker.

Key Logger:  (Keystroke Logger). A program that runs in the background, recording all the keystrokes. Once keystrokes are logged, they are hidden in the machine for later retrieval, or shipped raw to the attacker. The attacker then peruses them carefully in the hopes of either finding passwords, or possibly other useful information that could be used to compromise the system or be used in a social engineering attack. For example, a key logger will reveal the contents of all e-mail composed by the user. Keylog programs are commonly included in rootkits and RATs (remote administration trojans).

Trojan:  Any program with a hidden intent. Trojans are one of the leading causes of breaking into machines. If you pull down a program from a chat room, new group, or even from unsolicited e-mail, then the program is likely trojaned with some subversive purpose. The word Trojan can be used as a verb: To trojan a program is to add subversive functionality to an existing program. For example, a trojaned login program might be programmed to accept a certain password for any user's account that the hacker can use to log back into the system at any time. Rootkits often contain a suite of such trojaned programs.



Variants

Diablo Keys 1.0 · Diablo Keys 2.2 ·

View Full Details