.: Fearless Key Spy 2.0 :.
Released 18 years, 1 month ago. Sep 2003By Ghirai
- Coded by: Ghirai
- Version: Fearless Key Spy 2.0
- Released date: Sep 2003, 18 years, 1 month ago.
- Family: Fearless
- Category: Information Stealer
Server: dropped file: c:\WINDOWS\SYSTEM\fks2.0_server.exe size: 2.624 bytes startup: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "FKS v2.0"
v2.0 -> server is now 100% assembly, reaching 2.5 KB packed -> buffer no longer gets lost when victim's box crashes/suddenly reboots/etc. -> added a "get and execute" feature (see readme) -> fixed a bug in the editor, that existed in all previous versions -> some GUI tweaks -> "remove file" now gets deleted after server remove -> some features i didn't consider being neccessary were removed Description: FKS is a keylogger, that will upload the logs to the root folder of a ftp server you specify, when the log reaches a certain size. It will start everytime with windows. It will log *all* keys, and the window caption (between >>> <<< chars, like ">>> Yahoo! Mail - Microsoft Internet Explorer <<<") they were typed in. Date and time when system starts/stops will also be logged. The logs will be uploaded with the name "FKSlog_[time].log", like FKSlog_10-23-15.log (10 o'clock, 23 mins and 15 secs). When reading the log, "<RET>" means enter (return), "<BS>" is backspace, "<ESC>" is escape, "<TAB>" is the tab key, "<DEL>" is the delete key. Compatible with 9*/Me/2K/XP. Configuring the server: It should be easy to set up if you ever used a trojan before; run FKS.exe. First, the server options tab: -> In the "Server Name" field, enter a new for the server after installation, something unsuspicious would be better (use your imagination). Note that if you specify a filanem that exists on the host computer(in the sys dir), it will be overwritten! -> The Registry Key field: same as above, enter something "normal" ;) The Logging Option tab: -> The ftp address fileld: enter the hostanme of your ftp server, like "ftp.myhost.com", or "myhost.com". You should know that... The server will connect to port 21 (default for ftp). -> Ftp username: type in your username -> ftp password: enter your ftp password -> "When log gets..." filed: the size of the logfile when it sould get uploaded; you have to think here a little, depending on what you're after: if you want a quick log, enter a small filesize (5-10000 bytes). If not, 500000 bytes (50KB) should be ok. Note that some ftp servers have a size limit, but that's your problem. -> Logfile name fileld: enter a filename, any extension, or no extension, etc. Note that you shouldn't type system filenames, cause they will get overwritten... That's it, hit "Build Server", and you're done. The editor will make a "server.exe" file, in the patch where you have the editor. DON'T compress/encrypt or otherwise tamper with the server file! Now all you have to do is make your victim run "server.exe"... Ghirai
URL's and mails were automatically redacted (filtered) for reader's safety. However the filter is not perfect and can't find all harmful elements. If you find something dangerous including file link, website, mail address, profanity... contact me immediately at email@example.com, thank you in advance.