ISR Stealer Tutorial

ISR 0.4
1.Stealers
What is Stealer?
Stealer is basically used for steal the saved cookies in browsers. It only steal The saved Passwords in browsers eg.IE, chrome, firefox, And any massangers.
Tools to use
• IS 6.0 ,6.3
• ISR 0.4 
These are mainly used tools to steal the passwords.
We seen many stealers like istealer6.0 or something like that but now in this these tools are not in use bcoz we seen in logs username password is same. So we can use this upgraded version that is CALLED ISR 0.4 that is ultimate stealer to use..so use this tool to hack the password.
Here Is the tutorial to use it.
What you Need to use it.
1. Domain
2. Hosting
3. My SQL Database
4. Tools eg.ISR 0.4
1.Domain
Purchase a domain or free Doamin’s are also available.
Eg.www.example.com
2.HOSTING
Then you Want Hosting. Hosting is a web space that is used for host your website there with your domain name.
3.My SQL database
That is used to store web site information like blog posts or user information. A MySQL database is the most popular type of relational database on the web today.
4.Tools
That tools is our main part to steal the cookies from victims.
SO let’s start..
First purchase a domain and hosting accoung. OR it’s available in free also.
I am doing this with free domain and free hosting.
Here you go.
1. Go to http://000webhost.com
2. Sign up there with free order.
3. After creating your hosting and domain Go to your cpanel.
After that Create My SQL Database .
1. GO to SQL Database


2. Create a database and one database user account.



3. After creating Database save this information.



• $dbHost = "fdb-1-5.cwahi.net"; //

(1)MySQL host
• $dbUser = "username"; // (3)MySQL username
• $dbPass = "password"; // (4)MySQL password
• $dbDatabase = "username_db1"; // (2)MySQL database name
Then back to cpanel after that
1. Go to file manger.



2. Here you want go in public_html



3. Here you want to upload some files of our tools that is in PHP 

language.



WE are using ISR 0.4

So it’s files are.
• Config.php
• Install.php
• Index.php
• Style.css
So upload these files in your directory.
After that go to your directory .
1. Click on config.php
2. Click on edit.



3. Here is window opend.
4. Edit in config.php
• $dbHost = "fdb-1-5.cwahi.net"; // (1)MySQL host
• $dbUser = "username"; // (3)MySQL username
• $dbPass = "password"; // (4)MySQL password
• $dbDatabase = "username_db1"; // (2)MySQL database name
5. Replace these information with your databse information that is you are saved on your pc.
6. In next fields you can see usename password select your username and password. That is required when you want to show your logs.
7. Then click on save and go back to directory.



Then go your Domain name eg.www.example.com

1. Then type in url: http://www.example.com/install.php
2. Then click on INSTALL

3. After install delete install.php from your hosting.
Here is everything is done with hosting and domain. 
1. Go to your tool That is ISR0.4.exe
2. Open it in url field paste your domain name link here.
Eg. http://www.example.com/index.php
3. Then click on Bulid Serve



4. After bulid server bind your file with Anything and make a fud.
5. Spread it….And enjoy it…
6. TO show your logs go to your domain eg.http://www.example.com/index.php
7. Login there with your usename password.
If YOu Wnat to download these all files which You Links is Here.

DOWNLOAD

source : http://anonymouseverywhere.blogspot.com 

Introduction to ARP – Poisoning

ARP stands for Address Resolution Protocol. ARP acts as a layer over the Internet Protocol address (IP) and converts it into a Media Access Control address (MAC address) or Ethernet Hardware Address (EHA). Understanding the concept of ARP is very important for a hacker because, a potential hacker will be able to poison the network and steal the information running between two servers. Hence he can execute a ‘Man-In-The-Middle‘ attack using a simple ARP poisoning tool such as Cain & Abel. The function of Cain & Abel is similar to a packet sniffer.

MAC address is a unique identification address for network nodes, such as computers, printers, and other devices on a LAN.  MAC addresses are associated to network adapter that connects devices to networks.  The MAC address is critical to locating networked hardware devices because it ensures that data packets go to the correct place.  ARP tables, or cache, are used to correlate network device’s IP addresses to their MAC addresses.

How it works?

Consider you want the phone number of a person whose name is already known to you. In that case you will checkout your telephone book and if the number is not available the you will call the phone service and request him the number. Here the telephone directory act as ARP tables and the phone service as ARP. ARP tables give the list of addresses of computers which are connected to that system inside the network.

What is ARP poisoning?

If a system(say System 1) requests to connect to another system(System 2) inside the network, then System 2 checks the entry of the System 1 in its ARP tables and if the entry is not present then it is automatically added in System 2′s ARP tables. The weakness of the ARP is that, it cannot identify if a person request to connect with it showing a another address. Therefore a hacker can easily poison this network, that is, a potential hacker if sends a request to connect to System 2 showing the IP address of System 1 then he can access the network of System 1 associated with System 2! So he will be able to obtain the information passing between them. That is, there is another path executed between the System 1 and System 2.

Suppose, if a hacker has poisoned a path between social networking site and a victim’s system then he would be able to steal the information passing between them, like username and password etc.

So here, in this case the phone service is calling you and giving you the number, even though you haven’t requested it! (Scenario mentioned above)

The concept of ARP with a simple example:

The attacker: 10.0.0.1
MAC address: 00-AA-BB-CC-DD-00
The victims: 10.0.0.2
MAC address: 00-AA-BB-CC-DD-E1
Fake address:10.0.0.3
MAC address: 00-AA-BB-CC-DD-E2

A potential hacker sends a packet (request to connect) to 10.0.0.2 with spoofed IP of  10.0.0.3 and then it sends a crafted package to 10.0.0.3 with  spoofed IP of 10.0.0.2 with his own IP. This means that both victims think they can find each other at the MAC address of the attacker. This is known as Man-In-The-Middle attack

Now all the traffic between those 2 hosts will go through the attacker first. So this means that the attack will need to reroute the packets to the real destination else you get a DOS on the network and there will be no traffic possible. Also remember that the ARP tables get updated so if during a long period of time there is no ARP poisoning the entries will be deleted and you won’t be able to sniff until you start poisoning again.