Hello and welcome to this tutorial on how to setup Darkcomet, this is going to be a nice average sized guide providing you with all the information needed to successfully run and manage the Darkcomet tool. There will be pictures, examples, step by step pieces and a lot more.

What Is Darkcomet

So the best way to start off your guide would be to explain what you will be working with first. So I will give you a quick explanation of Darkcomet, what it is and how it works. Darkcomet is a Remote Access Trojan or Remote Administration Tool. it is used mainly to gain access of a victim's PC but there are many uses for a RAT, I will provide most of them.

• Ability to control and view screen
  
  
• File management (Upload, Execute, Download, etc)
  
  
• Shell Access (CMD)
  
  
• Computer Power Access (Power off, log off, etc)
  
  
• Host and Registry control
  
  
• Keystroke viewing and control
  
  
• Network Monitoring (Wifi, View local PC's, etc)
  
  
• Password access on Chrome, Firefox, Opera, Safari and IE
  
  
• Task Manager Access

Darkcomet can be used for Malicious intent, or for a prank. Many cyber criminals use RAT's like darkcomet to steal and log passwords, credit cards and more. There is a whole Marketplace behind RAT's, it's mostly around botnets but RAT's are in the business too. People can make lot's of money with bots, they can use them to DDoSand make a DDoS service, steal their passwords, make shops and sell their accounts, keylog and sell logs, then sell the bots in a bot shop and a lot more.

Requirements

Okay so to have this correctly setup you are going to need a few simple requirements, I will list them below.

• Access to portforwarding (Your Router user and pass)

• Darkcomet can be download here:
  
  

  Click Here
  
  

• No-ip / DUC Download No-IP/DUC

• Winrar or 7Zip

Darkcomet it is an clean version of it! Used years now by me.

Tutorial

Okay so once you got all of the requirements and are ready to proceed, continue to this step by step tutorial and I will show you everything you need to know!

Darkcomet - Section 1

Installing, setting up and preparing Darkcomet - Darkcomet Section 1.1

1. Extract the darkcomet folder (VERY IMPORTANT)

2. Open Darkcomet.exe

3. Agree to the EULA, terms, etc

It should look like this:

Portforwarding - Section 1

Okay so like I said, you need access to your router, otherwise you won't be able to portforward. You could still use an HTTP rat like "Loki Rat" if you don't want to portforward. Although if you want to go through all that trouble uploading the files to your FTP server and all that, you might as well go with an HTTP botnet like Cythosia, but let's get started.

Finding your Router Gateway Address - Portforwarding Section 1.1

1. Open your start menu

2. Search for "CMD" or Open "RUN" and type "CMD" on it.

3. Enter this code into your Command Prompt: "ipconfig"

4. Scroll all the way up and look for "Default Gateway" and "IPv4 Address"

(We will need IPv4 Address later)

Forwarding your Port - Portforwarding Section 1.2

5. Enter the Default Gateway IP into your URL bar

6. Login to your router, if you don't know your account search for some default logins.

7. Look for a portforwarding section (Might be in a gaming tab, every router is different)

8. Type "1604" on both "Starting Port" and "Ending Port"

9. For "Protocol" try "Both" but if there's only TCP and UDP, do both seperately

10. For "IP Address" get your IPv4 Address and enter it there

11. Enable the port and press submit

Allowing Port through Firewall - Portforwarding Section 1.3

1. Open Start menu and search "Firewall"

2. Click "Windows Firewall with Advance Security"

3. Go to "Incoming Connections" and click "New Rule"

4. Select "Port" and press the next button

5. Choose "UDP" and select "Specific Local Ports" and enter "1604"

6. Allow the connection and press next until you get to "Name"

7. Name is "darkcomet" or whatever, and give it any description

8. Click Finish and repeat it again for inbound connection but with "TCP" Port.

9. Repeat steps 1-8 but with "Outbound Connection"

10. Also you should check with your Antivirus firewall just in case.

Darkcomet - Section 2

Connecting and configuring Darkcomet - Darkcomet Section 2.1

1. Open Darkcomet.exe

2. Go to Socket / Net Section

3. Right click and press "Add port to listen to"

4. Make the Listen Port "1604" and enable "UPnP"

5. Click Listen and you have configured Darkcomet

Creating A Server (Stub/Virus) - Darkcomet Section 2.2

Okay now you will be making the virus that you will get users to run in order to infect them, there are many features on Darkcomet so I will take you through them.

1. Open Darkcomet Menu on top right corner

2 Go to Server Module and click Expert.

(If you want a list of what all the features do, read below)

Optional Reading (Features) 

Main Settings

Security Password - Adds a password so only you can manage bots

Mutex - Stops multiple connections on the same port

Server ID - The ID or Group bots that run this server are in

Profile Name - You can save your settings under a profile name

Process Hijacking - Firewall Bypass, not recommended if crypting (outdated)

Network Settings

IP/DNS - The DNS or IP Address bots will connect to

Port - Port bots will use to connect

Add - This will add the settings, remember to click this!

Also remember to click the added setting once added

Module Startup

Startup - Starts the stub with windows

Drop File in - Where the virus will be placed

Melt File - Deletes the virus execution file, but keeps virus after running

Date Created - Change the creation date to trick users

Persistence - Very important, keeps the program task from being removed

Install Message

This is basically where you make a fake error message when your virus starts to make it seem more legitimate.

Icon - Choose which img comes with the error, I suggest the "X" icon.

Title - What it says at the top of the error message (I.E "Error 804")

Message - What the actual error says "Warning, an unexpected error has occurred, program will now be terminated"

Test Messagebox - You can test the error on yourself, it is harmless and you can do it just to be sure

Module Shield

Persistent Process - Again, persistence for more than task manager, recommended.

EVERYTHING ELSE IF NOT RECOMMENDED AND IS OUTDATED IN THE MODULE SHIELD SECTION

Keylogger, Hosts, Binder, and Icon

Keylogger is able to send logged keys to a website through FTP connection.

You can manage a victim's "Hosts.txt" file through here and control which websites he can go on.

Bind a file with your server so they both run at the same time, this will make the user less suspicious.

Change icon of file to make it more legitimate and cause less suspicion.

DUC / No-iP - DNS Config Section 1

Creating a No-IP Account - DNS Config Section 1.1

1. Go to https://www.noip.com/sign-up and register

2. Create a "No-ip.biz" hostname with any name you want

3. Click "No thanks, I'll use no-ip.biz" and click "Sign Up"

4. Validate your Email and Activate your Account

Configuring DUC - DNS Config Section 1.2

1. Open No/IP DUC and log into your No/Ip Account

2. Click "Edit Hosts" on the DUC Menu

3. Select your no-ip.biz website and click "Save"

4. Click Refresh Now and you're good to go!

5. Click File>Hide to get all of that out of your way

Setting up DUC or No/IP with Darkcomet - DNS Config Section 1.3

1. Open Dark Comet and click the drop down menu (Top right corner)

2. Click Server Module > Full Editor (Expert)

3. Use the Previous tips to setup your stub but leave the "Network Settings" alone

4. Instead of your IP address, enter your No/IP Website (DNS) and port "1604"

5. Press the "Add" button and click on it to select it

6. Finish your settings and press build stub

I hope you enjoy and thank you for reading. Please give me feedback on what you thought about this and how I should improve it, thanks!

Hacker Software Latest Hacking Tricks 2016

Hack Facebook Account By Cookie Stealing And Session Hijacking Wiith Wireshark
Wireshark Software to capture cookies:
Wireshark is the best free packet sniffer software available today. Actually, it was developed for making a network secure. But, the same software is now used by hackers to test for vulnerability and security loopholes in the network and to attack the network accordingly. Cookie stealing being one of the types of hacks implemented using this Wireshark software.

Requirements:

Cain and Abel : Click Here
Wireshark : Click Here
Firefox 3 (or one compatable with add n edit) : http://www.oldapps.com/firefox.php?old_firefox=59
Add n Edit (cookie editor for firefox) : https://addons.mozilla.org/en-US/firefox/addon/add-n-edit-cookies/
Acess to the network with user you want to hack
Network traffic
Prerequisites: Download and install all above programs. To add “Add n Edit” to your browser just open firefox, go to tools, then click add-ons. you can drag and drop the program from wherever you saved it into the little box that popped up and install it from there.
Below, I have listed steps on how to capture Facebook and other accounts cookies. This will help you to know how Wireshark and Cain-Abel can be used to sniff packets and capture cookies.

First: Gain acess to the Network. Open networks or your own network would be easy but if you have a specific slave you want you should be able to gain acess using Backtrack.
Tip: use reaver to exploit WPS for WPA/WPA2 encryptions, WEPs are easy to crack given time and OPN means there is no password.
Second: Right click Cain and choose ‘run as administrator.’ on the top bar go to ‘configure’ and be sure to select your wireless card/adapter. now click where it says ‘Sniffer’ then this litte button towards the top left:
Next click any empty white box then the blue “+” symbol near the button you pressed just before. choose okay
These are all the devices it was able to detect.
Now we go to APR on the bottom bar. Once again click any empty white box then the blue cross. It’s easiest to just go one by one and choose all possibilities.

Now we have to poison them so we choose the little yellow hazard symbol towards the top left.
we are done here, just minimize Cain for now.
Third: Run wireshark as administrator. On the top bar choose ‘Capture’ then ‘Interfaces.’ Here you will have to choose your interface that is connected to the Network we are sniffing from. if you wait a few seconds you might see some traffic being collected as seen in my photo, just choose that interface b/c thats most likely it.

Wireshark will list and color-code all the traffic it sees for you. To make this simpler we can use the filter to only see the traffic we want, Type “http.cookie” in the filter. (Something to consider is to just filter to “http” and scroll through the entries looking for ones that start with the word “POST” this means that information was submitted to the webpage noted such as a username and a password! so if you see this just look through the details and you should see the info you want, most passwords will be hashed but use this site to decript them:http://www.md5decrypter.co.uk/ )

You can either look through this information manually or use the search function to find what you want. In my case i want to hijack the session of a user on the forumfreerainbowtables.com so i will use the search function (press Ctrl+F, or go to edit -> search) and type in the information i know for sure will be in the entry. if your hijacking someones facebook put ‘facebook’ there. Most of the time to be safe i do not use the first entry i see b/c this will only work if the person is auto logged in, so just go down a few more until you see one you think will work (just use common sense).

What we need are the cookies. Here are what mine look like and how to get there. With practice you will be able to tell which cookies are used for logins and be able to limit failed attempts.

Copy the cookies as value and save them into a notepad (shown in pic above). I would suggest to seperate everywhere you see a “;” bc this suggests that is the begining of the next entry. The text to the left of the = is the name of the cookie and the text to the right is its value.
Final: Open up your firefox browser with Add n Edit enabled. You can get to your add ons by going to tools and they should all be listed in the drop down tab. First go to the website you are hijjacking the session from then open your cookie editor. Should look something like this:

The last thing to do is to change your cookies to match the ones you captured. If the cookies given to you by the site expire (like the ones in my picture do) you will have to delete them and add all the ones we captured earlier in. if they do not expire you can just edit them. Bottom line is all the cookies must match the cookies you captures in the earlier steps EXACTLY! Make sure you do not add any extras and that you did not miss anything. Also all fields must be filled in (Path and Domain as well as Name and Value). My path is “/” and my domain is “.freerainbowtables.com”
mine looks like this:

You are now done, Just close the cookie editor and reload the webpage. If done correctly with the correct cookies you should be logged in as the user you attacked!

Simply tutorial in one image.

Use this if you dont have money for buy dorks or you don't know to do any.

Don't put HADRIIW in Setup TAB

CLICK HERE 

> Similar Keyword Generator

You can do the same but with shopping related, anyways shopping dorks are easy to get

After find some keywords copy them in dorks 

You can use more SETUP, 

CLICK HERE 

But i recommend to use these

Thank You!

Definition Of Anonymous:

The art of hiding identity online by using connection  methods and encryption methods, is known as being Anonymous.  

What is the use of it??

To make yourself untraceable to a  person, website, company, school or whatever else you are  doing/connecting to.Stay hidden when attacking a website or scanning it for vulnerabilities.

Keep your browsing history/activity hidden when at work, school, library or even your family computer.

Keep your IP ( Internet Protocol Address ) hidden from victims of a RAT (Remote Administration Tool) or a botnet.

Bypassing ISPs service usage limits.

Methods:

 

What is a VPN ?

A VPN is an acronym for Virtual Private  Network, it is a server that is  used to connect to a LAN ( Local Area  Network ) securely. VPNs will  encrypt your connection information and  hide your real IP from websites,  people and it will keep your  connection encrypted so you won't be able  to get traced.

List of Free Good VPNs:

Cyberghost VPN:You must create an account.

Download

Pro XPN: Create an account.

Download

Open VPN

Download 

Open VPN requires configuration files. You add them to C:\Program Files\OpenVPN\config

HSS is OpenVPN based, you download the client and it will hide your IP.

Hot Spot Shield

Paid VPNs:

Why are paid VPNs better than free ?

They are more secure and keep no logs. When free ones will keep logs and aren't as securely encrypted as a paid.

 

BlackShades VPN

Pretty much the best product line on HackForums, you can never go wrong with a BlackShades product.

nVPN ( OpenVPN based )

Amazing speeds and panel controls and really simple set up.

iPredator

Not known around HackersForum as much, but it's good.

What is SOCKS 4/5 ?

SOCKS is the internet protocol that makes  it easier for packets to be  routed between the client/server via a  proxy server. The SOCKS protocol  has a designated port, but is not  limited to that port. This port number  is 1080.

 

 Socks will let you get by the network firewall, usually with schools or   workplaces, they will have a block on the browsing you are allowed to   do.

What is HTTP Proxy ?

A HTTP ( Hypertext Transfer Protocol )  proxy is kind of the same thing  as a SOCKS 5, except the fact it using  the HTTP protocol instead of the  SOCKS protocol. When a browser is  configured with a HTTP proxy, it just  hooks through the proxy server  and bypasses any firewall put in place on  the LAN ( Local Area Network )

Web proxies and Proxy client/managers Proxies:

( Firefox addon )

Proxy Manager

Tor

Download the client.

READ THE PAGE. Tor isn't as safe as people think it is.

What is SSH and SSH Tunneling ?

SSH is the acronym for Secure Shell, it is  an network protocol used to  connect to Linux&Unix based machines.  This will let you access the  shell (Terminal) via a remote connection  to the machine/server. The  default port for SSH connection is 22.

SSH tunneling  is using the SSH protocol to hook through the  machine/server as you  send a command through your internet, say loading  Google, your machine  will send the data through the "SSH Tunnel" and  your IP will be hidden  from the website. As your data is going through  the "tunnel" it is  encrypted using a Public-Key encryption.

What is MAC Address and MAC Address Spoofing ?

MAC address is the acronym for Media  Access Control address it's the  unique identifier for a network  interface. The Hardware Address of your Machine

 

 MAC address spoofing is using a program (You can do it manually but   program is much easier.) to change your MAC address so it doesn't leave   behind your networks "fingerprint." Without doing this, you will never   be FULLY anonymous.

MAC Address Spoofers:

SMAC

NMAP

–spoof-mac is the command you use to spoof your MAC with NMAP.

NOTE: 

Still You Are Not 100% Anonymous, But You Are Around 90%  Anonymous, To Add More To Your Anonymity Use A Dedicated System, And  Always Delete Cookies, History, Saved Passwords, Temp Folders, Recycle  Bin, Prefetch Folder. And Disconnect the PC from Internet After Work is  Done. You Are Now Around 99% Anonymous!

Thank You!

What is XSS?
Cross Site Scripting also known as XSS , is one of the most common web appliction vulnerability that allows an attacker to run his own client side scripts(especially Javascript) into web pages viewed by other users. In a typical XSS attack, a hacker inject his malicious javascript code in the legitimate website . When a user visit the infected or a specially-crafted link , it will execute the malicious javascript. A successfully exploited XSS vulnerability will allow attackers to do phishing attacks, steal accounts and even worms.

Example :Let us imagine, a hacker has discovered XSS vulnerability in Gmail and inject malicious script. When a user visit the site, it will execute the malicious script. The malicious code can be used to redirect users to fake gmail page or capture cookies. Using this stolen cookies, he can login into your account and change password.

It will be helpful for understanding XSS , if you have the following prerequisite:

• Strong Knowledge in HTML,javascript (Reference).
• Basic Knowledge in HTTP client-Server Architecure (Reference)
• [optional]Basic Knowledge about server side programming(php,asp,jsp)

XSS Attack:

Step 1: Finding Vulnerable Website
Hackers use google dork for finding the vulnerable sites for instance  “?search=” or “.php?q=” .  1337 target specific sites instead of using google search.  If you are going to test your own site, you have to check every page in your site for the vulnerability.

Step 2: Testing the Vulnerability:
First of all, we have to find a input field so that we can inject our own script, for example: search box, username,password or any other input fields.

Test 1 :
Once we found the input field, let us try to put some string inside the field, for instance let me input “BTS”. It will display the  result .

Now right click on the page and select view source.   search for the string “BTS” which we entered in the input field.  Note the location where the input is placed.

Test 2:Now we are going to check whether the server sanitize our input or not.  In order to do this , let us input the .

Now it will display pop-up box with ‘BTS’ string. Finally, we successfully exploit the XSS .  By extending the code with malicious script, a hacker can do steal cookies or deface the site and more.

Types of XSS Based on persisting capability:
Based one Persistence capability, we can categorize the XSS attack into two types namely Persistent and Non-Persistent.

Persistent XSS:
The Persistent or Stored XSS attack occurs when the malicious code submitted by attacker is saved by the server in the database, and then permanently it will be run in the normal page.
For Example:   
Many websites host a support forum where registered users can ask their doubts by posting message  , which are stored in the database.  Let us imagine , An attacker post a message containing malicious javascript code instead.  If the server fail to sanitize the input provided, it results in execution of injected script.  The code will be executed whenever a user try to read the post. If suppose the injected code is cookie stealing code, then it will steal cookie of users who read the post. Using the cookie, attacker can take control of your account.

Non-Persistent XSS:
Non-Persistent XSS, also referred as Reflected XSS , is the most common type of XSS found now a days. In this type of attack, the injected code will be send to the server via HTTPrequest.  The server embedd the input with the html file and return the file(HTTPResponse) to browser.  When the browser executes the HTML file, it also execute the embedded script.  This kind of XSS vulnerability frequently occur in search fields.
Example:
Let us consider a project hosting website.  To find our favorite project, we will just input the related-word in the search box .  When searching is finished, it will display a message like this “search results for yourword ” .  If the server fail to sanitize the input properly, it will results in execution of injected script.
In case of reflected XSS attacks, attacker will send the specially-crafted link to victims and trick them into click the link. When user click the link, the browser will send the injected code to server, the server reflects the attack back to the users’ browser.  The browser then executes the code .
In addition to these types, there is also third  type of attack called DOM Based XSS attack, i will explain about this attack in later posts.

What can an attacker do with this Vulnerability?

• Stealing the Identity and Confidential Data(credit card details).
  
• Bypassing restriction in websites.
  
• Session Hijacking(Stealing session)
  
• Malware Attack
  
• Website Defacement
  
• Denial of Service attacks(Dos)

So First What We Have To Do Is To Download Mozilla Firefox!!

You Can Download By Yourself Or Search On This Site: filehippo.com

Now When You Have installed Mozilla Firefox

Go To https://addons.mozilla.org

And Search For AnonymoX Add Ons :

You Will See The Result like This :

Now Download This Add-ons

And You Will Found various option Of configuring To Various Country Ip In Just A Second!!

I am Using This from 1 Months And I am Enjoying This Great!!

Forgot The Express VPN , Socks ,And Proxy !!

Use The Better And Advance!!

Netgear router wifi hacking tricks 2016 to crack the WEP/WPA key using the router Master key default login passwords that anyone can use to crack password after the modem is reset. These keys are listed below read them and save to hack wifi.

NetGear Router Master Key Login Passwords For Hacking

First reset the modem by inserting a pin in bak of modem small hole for 5-10 seconds. When all lights blinks collectively the modem is reset. Use the login codes given to hack wifi. you can set any password by logging in.

Vendor	Model	Protocol	Username	Password
NETGEAR	RM356 Rev. NONE	TELNET	(none)	1234
NETGEAR	WGT624 Rev. 2	HTTP	admin	password
NETGEAR	COMCAST Rev. COMCAST-SUPPLIED	HTTP	comcast	1234
NETGEAR	FR314	HTTP	admin	password
NETGEAR	MR-314 Rev. 3.26	HTTP	admin	1234
NETGEAR	RT314	HTTP	admin	admin
NETGEAR	RP614	HTTP	admin	password
NETGEAR	RP114 Rev. 3.26	TELNET	(none)	1234
NETGEAR	WG602 Rev. FIRMWARE VERSION 1.04.0	HTTP	super	5777364
NETGEAR	WG602 Rev. FIRMWARE VERSION 1.7.14	HTTP	superman	21241036
NETGEAR	WG602 Rev. FIRMWARE VERSION 1.5.67	HTTP	super	5777364
NETGEAR	MR814	HTTP	admin	password
NETGEAR	FVS318	HTTP	admin	password
NETGEAR	DM602	FTP TELNET AND HTTP	admin	password
NETGEAR	FR114P	HTTP	admin	password
NETGEAR	ME102	SNMP	(none)	private
NETGEAR	WGR614 Rev. V4	MULTI	admin	password
NETGEAR	RP114 Rev. 3.20-3.26	HTTP	admin	1234
NETGEAR	DG834G	HTTP	admin	password
NETGEAR	ROUTER/MODEM	MULTI	admin	password
NETGEAR	MR314	MULTI	admin	1234
NETGEAR	GSM7224	HTTP	admin	(none)
NETGEAR	ADSL MODEM DG632 Rev. V3.3.0A_CX	HTTP	admin	password
NETGEAR	WGT634U	HTTP	admin	password
NETGEAR	FWG114P	MULTI	n/a	admin
NETGEAR	GS724T Rev. V1.0.1_1104	HTTP	n/a	password
NETGEAR	FM114P	MULTI	n/a	(none)
NETGEAR	DG834		admin	password
NETGEAR	WNR834 BV2		admin	password
NETGEAR	WNR834BV2	HTTP	admin	password
NETGEAR	WPN824 / WPN824V2	HTTP	admin	password