var unreadAlerts = '1';
You have one unread private message from dkota titled Welcome to the Forum!

How malware works.
#1
Hello. This will be an intro on how malware works and how to make it.
    This will be a guide for any language.
    Step One
    Okay so lets look at the first thing malware must do and what my first step is in creation. That is do a desired, malicious activity. This can be keylogging, password stealing, etc just pick one and make it. it does not matter the language(to a degree). For the purposes of simplicity lets assume you have made a reverse shell. A reverse shell is a program that takes commands from an attacker and executes them on a target machine.
Step Two
    Now that we have a program that can execute commands we need to be able to give it commands over the internet. This is where a command and control or C2 server come into play. A C2 is simply a server that issues any degree of instructions. So now our program does two things and I will list them in order.
  • 1) connects to attackers server
  • 2) Executes commands from server
    Step Three
    Now is when the program gets really fun. Step Three is all about persistence and avoidance. At this point the program will most likely flag Anti virus or AV for short. Here are some ways to avoid that. Note: It is not wise to use a traditional os.sleep() when creating waits. Instead use random math to create a custom wait. You may want to create your custom wait library and import it to use for future projects.
  • 1) A wait in the beginning of the program no less than ten seconds
  • 2) generate random noise throughout the runtime by performing random math.
  • 3) thread detection to detect if programming is running in a Virtual Environment
  • 4) Program and string encoding
    Now that we know how to avoid antivirus lets look at a method of persistence, Registry key editing. Simply put adding a registry key under the run folder will run your program in login. Accompanying this, you should also have the program install itself in some folder somewhere that users don't often check and also doesn't need admin access.
Final Notes
    To recap how your program should work and this is in order of actions performed at runtime.
  • Sleep
  • Install itself elsewhere
  • Add registry Key
  • Connect to attacker
  • Perform action
    Now some of these actions can be switched around as there are no hard rules other than sleep first, and still install even if connection fails. Do not forget to generate random noise through runtime.

    I will be releasing full source code to a simple reverse shell within 24Hrs so if that is something your interested in stick around.

    This guide was inspired by but has no relation to Princes current guide series i was simply inspired. If you think i have made an error or would like to add more please leave a comment.

    Lastly, There are thousands of ways to make a program, some may say that this is not a good way etc, so go out there, learn, and find whats right for your circumstances.
UwU
Report
#2
heyTakka Wrote:
Hello. This will be an intro on how malware works and how to make it.
    This will be a guide for any language.
    Step One
    Okay so lets look at the first thing malware must do and what my first step is in creation. That is do a desired, malicious activity. This can be keylogging, password stealing, etc just pick one and make it. it does not matter the language(to a degree). For the purposes of simplicity lets assume you have made a reverse shell. A reverse shell is a program that takes commands from an attacker and executes them on a target machine.
Step Two
    Now that we have a program that can execute commands we need to be able to give it commands over the internet. This is where a command and control or C2 server come into play. A C2 is simply a server that issues any degree of instructions. So now our program does two things and I will list them in order.
  • 1) connects to attackers server
  • 2) Executes commands from server
    Step Three
    Now is when the program gets really fun. Step Three is all about persistence and avoidance. At this point the program will most likely flag Anti virus or AV for short. Here are some ways to avoid that. Note: It is not wise to use a traditional os.sleep() when creating waits. Instead use random math to create a custom wait. You may want to create your custom wait library and import it to use for future projects.
  • 1) A wait in the beginning of the program no less than ten seconds
  • 2) generate random noise throughout the runtime by performing random math.
  • 3) thread detection to detect if programming is running in a Virtual Environment
  • 4) Program and string encoding
    Now that we know how to avoid antivirus lets look at a method of persistence, Registry key editing. Simply put adding a registry key under the run folder will run your program in login. Accompanying this, you should also have the program install itself in some folder somewhere that users don't often check and also doesn't need admin access.
Final Notes
    To recap how your program should work and this is in order of actions performed at runtime.
  • Sleep
  • Install itself elsewhere
  • Add registry Key
  • Connect to attacker
  • Perform action
    Now some of these actions can be switched around as there are no hard rules other than sleep first, and still install even if connection fails. Do not forget to generate random noise through runtime.

    I will be releasing full source code to a simple reverse shell within 24Hrs so if that is something your interested in stick around.

    This guide was inspired by but has no relation to Princes current guide series i was simply inspired. If you think i have made an error or would like to add more please leave a comment.

    Lastly, There are thousands of ways to make a program, some may say that this is not a good way etc, so go out there, learn, and find whats right for your circumstances.

i'm wondering what you have developed for yourself.
Reply Quote // Report
#3
envoy1 Wrote:
heyTakka Wrote:
Hello. This will be an intro on how malware works and how to make it.
    This will be a guide for any language.
    Step One
    Okay so lets look at the first thing malware must do and what my first step is in creation. That is do a desired, malicious activity. This can be keylogging, password stealing, etc just pick one and make it. it does not matter the language(to a degree). For the purposes of simplicity lets assume you have made a reverse shell. A reverse shell is a program that takes commands from an attacker and executes them on a target machine.
Step Two
    Now that we have a program that can execute commands we need to be able to give it commands over the internet. This is where a command and control or C2 server come into play. A C2 is simply a server that issues any degree of instructions. So now our program does two things and I will list them in order.
  • 1) connects to attackers server
  • 2) Executes commands from server
    Step Three
    Now is when the program gets really fun. Step Three is all about persistence and avoidance. At this point the program will most likely flag Anti virus or AV for short. Here are some ways to avoid that. Note: It is not wise to use a traditional os.sleep() when creating waits. Instead use random math to create a custom wait. You may want to create your custom wait library and import it to use for future projects.
  • 1) A wait in the beginning of the program no less than ten seconds
  • 2) generate random noise throughout the runtime by performing random math.
  • 3) thread detection to detect if programming is running in a Virtual Environment
  • 4) Program and string encoding
    Now that we know how to avoid antivirus lets look at a method of persistence, Registry key editing. Simply put adding a registry key under the run folder will run your program in login. Accompanying this, you should also have the program install itself in some folder somewhere that users don't often check and also doesn't need admin access.
Final Notes
    To recap how your program should work and this is in order of actions performed at runtime.
  • Sleep
  • Install itself elsewhere
  • Add registry Key
  • Connect to attacker
  • Perform action
    Now some of these actions can be switched around as there are no hard rules other than sleep first, and still install even if connection fails. Do not forget to generate random noise through runtime.

    I will be releasing full source code to a simple reverse shell within 24Hrs so if that is something your interested in stick around.

    This guide was inspired by but has no relation to Princes current guide series i was simply inspired. If you think i have made an error or would like to add more please leave a comment.

    Lastly, There are thousands of ways to make a program, some may say that this is not a good way etc, so go out there, learn, and find whats right for your circumstances.

i'm wondering what you have developed for yourself.
Everything and nothing
UwU
Reply Quote // Report
#4
LOL interesting response. bro, are you willing to make a deal with me? if yes, tell me if you develop malware or what.
Reply Quote // Report
#5
envoy1 Wrote: LOL interesting response. bro, are you willing to make a deal with me? if yes, tell me if you develop malware or what.

I do make malware. Check the sellers page for any listings or pm me to talk more.
UwU
Reply Quote // Report
#6
heyTakka Wrote:
envoy1 Wrote: LOL interesting response. bro, are you willing to make a deal with me? if yes, tell me if you develop malware or what.

I do make malware. Check the sellers page for any listings or pm me to talk more.

i checked the sellers part, but i didn't find the exploit i were looking for. so, we need to discuss the exploit i need in another better messenger. i have contacted you in jabber.
Reply Quote // Report


Quick Reply
Message
Type your reply to this message here.



Possibly Related Threads…
Thread Author Replies Views Last Post
  How to spread malware? nullcat 7 157 06-15-2023, 03:40 AM
Last Post: cyberiagu
  Malware & Tool creation service DerRoteMilan 0 54 06-06-2023, 02:17 AM
Last Post: DerRoteMilan
  whoami 'malware' malware 0 82 06-01-2023, 04:06 AM
Last Post: malware
  [PoC] Doing malware self-destruction elegantly KIARA 2 147 05-31-2023, 09:54 AM
Last Post: dkota
  Cookie Malware !67zIU 4 212 05-28-2023, 11:16 AM
Last Post: 167zIU



Users browsing this thread: purely_cabbage
var thread_deleted = "0"; if(thread_deleted == "1") { $("#quick_reply_form, .new_reply_button, .thread_tools, .inline_rating").hide(); $("#moderator_options_selector option.option_mirage").attr("disabled","disabled"); }