Project Neptune + Setup Tutorial
Project Neptune + Setup Tutorial
Hey guys, First tutorial showing you how to set up Project Neptune (using SMTP).
Note that these are just sample settings, and you can set your own up any way you'd like.
[IMG]http://*********.net/inc/plugins/resizer_class/resizer_class.php?filename=http://screensnapr.com/-/uploads/bnEsfJ.jpg&newwidth=500&maxsize=30000&maxwidth=500 &animwidth=500&animsize=30000[/IMG]
I'll be using GMail for this tutorial.
*After you extract it, run it as administrator
*We're going to be using SMTP, so check SMTP under log settings.
*Under email settings, leave "Email SMTP Sending Server" and port number alone, because we're using GMail.
*In "Email To Send Keylogging Logs", type your GMail there.
*In "Sending Email's Account Password", type your password.
*In "Email To Receive Keylogging Logs", type your GMail again, or an alt email.
It should look like the screenshot above.
When you're all done, click "Test Email Account Information", and you should get your test email.
*Click on the System Wide Tab under Keylogging
Here you will have the options to disable the Task Manager, Block them from accessing certain websites, or other options like Reg editing tools.
I have mine set to disable task manager by killing the process, so everytime task manager opens, it will manually close.
To block the victim from accessing websites, right click and go to load item list, and browse for a text file with websites.
The download will include a text file with common anti virus scanning sites.
*Finally for Software settings, I want right clicking and registry editing tools disabled.
*Now that you're done, click the Installation Tab.
Under startup settings, I want it to run on startup under all users, so I have the second one selected which requires admin rights.
*In installation directory, this is will the keylogger will be planted or installed.
I chose to put it in system32\catroot
Under original file, I have it set to hide itself as soon as it's ran, which is the 3rd option.
I left file downloading alone, because I don't really care for that too much.
*Click the Extra Options Tab
Here you will be able to set your own custom error message, self destruct, and screenshot interval.
This is what my error message looks like. Type anything in there that you think will fool them.
I have mine set to destruct on 5/30/2011.
I also have it set to not get logs if nothing is typed, and to get an email as soon as they're infected.
I also have it set to not get logs if nothing is typed, and to get an email as soon as they're infected.
I want my screenshots sent the same time as my keylogs, so I'm going to check the first box.
*Click on the Server Creation tab
Under Server Settings, I want to make it look legit as possible, so they can download it and run it. The information you fill in here will be shown on the application, so it depends on your spreading method. I'm going to get people to use this by telling them it's a Combat Arms VIP Hack, so under description I'll type Combat Arms VIP.
Then I'll make it look as if it was made in Visual Studio by typing the info in like this.
*The icon changer doesn't work on here, sorry. You'll have to use another program.
*The file pumper chooses the size of the file.
I'll make mine 764KB. Make sure you have the checkbox selected.
*Under server generation, click the mutex string a couple times.
Set servers process name as is what will show up in the task manager.
I don't need to fill this in because I have it disabled, but I'll do it anyways.
Make sure you name it something that is normal, so if they google it, they won't get suspicious. I'll name mine svchost.exe
Leave "Save Program Settings As:" alone.
There is also a cure option, in case you infect yourself.
There is also a file binder feature.
*Click it and this window will pop up.
[IMG]http://*********.net/inc/plugins/resizer_class/resizer_class.php?filename=http://screensnapr.com/-/uploads/UYNjHq.jpg&newwidth=500&maxsize=30000&maxwidth=500 &animwidth=500&animsize=30000[/IMG]
*Right click and choose the file you want to bind it with.
[IMG]http://*********.net/inc/plugins/resizer_class/resizer_class.php?filename=http://screensnapr.com/-/uploads/Yygplm.jpg&newwidth=500&maxsize=30000&maxwidth=500 &animwidth=500&animsize=30000[/IMG]
*When you're done, right click and click compile server.
[IMG]http://*********.net/inc/plugins/resizer_class/resizer_class.php?filename=http://screensnapr.com/-/uploads/yhD8w1.jpg&newwidth=500&maxsize=30000&maxwidth=500 &animwidth=500&animsize=30000[/IMG]
If you didn't want to bind it with another file, go back to server generation, and click generate new server.
Have fun keylogging.
Creds:
Thyonic for making Project Neptune
Dr1v7r for the download since their site been down, and for showing me how to use it a while back.
http://virusscan.jotti.org/en/scanre...cd4bb138025fd5
http://www.virustotal.com/file-scan/...e14-1305984319
Note that these are just sample settings, and you can set your own up any way you'd like.
[IMG]http://*********.net/inc/plugins/resizer_class/resizer_class.php?filename=http://screensnapr.com/-/uploads/bnEsfJ.jpg&newwidth=500&maxsize=30000&maxwidth=500 &animwidth=500&animsize=30000[/IMG]
I'll be using GMail for this tutorial.
*After you extract it, run it as administrator
*We're going to be using SMTP, so check SMTP under log settings.
*Under email settings, leave "Email SMTP Sending Server" and port number alone, because we're using GMail.
*In "Email To Send Keylogging Logs", type your GMail there.
*In "Sending Email's Account Password", type your password.
*In "Email To Receive Keylogging Logs", type your GMail again, or an alt email.
It should look like the screenshot above.
When you're all done, click "Test Email Account Information", and you should get your test email.
*Click on the System Wide Tab under Keylogging
Here you will have the options to disable the Task Manager, Block them from accessing certain websites, or other options like Reg editing tools.
I have mine set to disable task manager by killing the process, so everytime task manager opens, it will manually close.
To block the victim from accessing websites, right click and go to load item list, and browse for a text file with websites.
The download will include a text file with common anti virus scanning sites.
*Finally for Software settings, I want right clicking and registry editing tools disabled.
*Now that you're done, click the Installation Tab.
Under startup settings, I want it to run on startup under all users, so I have the second one selected which requires admin rights.
*In installation directory, this is will the keylogger will be planted or installed.
I chose to put it in system32\catroot
Under original file, I have it set to hide itself as soon as it's ran, which is the 3rd option.
I left file downloading alone, because I don't really care for that too much.
*Click the Extra Options Tab
Here you will be able to set your own custom error message, self destruct, and screenshot interval.
This is what my error message looks like. Type anything in there that you think will fool them.
I have mine set to destruct on 5/30/2011.
I also have it set to not get logs if nothing is typed, and to get an email as soon as they're infected.
I also have it set to not get logs if nothing is typed, and to get an email as soon as they're infected.
I want my screenshots sent the same time as my keylogs, so I'm going to check the first box.
*Click on the Server Creation tab
Under Server Settings, I want to make it look legit as possible, so they can download it and run it. The information you fill in here will be shown on the application, so it depends on your spreading method. I'm going to get people to use this by telling them it's a Combat Arms VIP Hack, so under description I'll type Combat Arms VIP.
Then I'll make it look as if it was made in Visual Studio by typing the info in like this.
*The icon changer doesn't work on here, sorry. You'll have to use another program.
*The file pumper chooses the size of the file.
I'll make mine 764KB. Make sure you have the checkbox selected.
*Under server generation, click the mutex string a couple times.
Set servers process name as is what will show up in the task manager.
I don't need to fill this in because I have it disabled, but I'll do it anyways.
Make sure you name it something that is normal, so if they google it, they won't get suspicious. I'll name mine svchost.exe
Leave "Save Program Settings As:" alone.
There is also a cure option, in case you infect yourself.
There is also a file binder feature.
*Click it and this window will pop up.
[IMG]http://*********.net/inc/plugins/resizer_class/resizer_class.php?filename=http://screensnapr.com/-/uploads/UYNjHq.jpg&newwidth=500&maxsize=30000&maxwidth=500 &animwidth=500&animsize=30000[/IMG]
*Right click and choose the file you want to bind it with.
[IMG]http://*********.net/inc/plugins/resizer_class/resizer_class.php?filename=http://screensnapr.com/-/uploads/Yygplm.jpg&newwidth=500&maxsize=30000&maxwidth=500 &animwidth=500&animsize=30000[/IMG]
*When you're done, right click and click compile server.
[IMG]http://*********.net/inc/plugins/resizer_class/resizer_class.php?filename=http://screensnapr.com/-/uploads/yhD8w1.jpg&newwidth=500&maxsize=30000&maxwidth=500 &animwidth=500&animsize=30000[/IMG]
If you didn't want to bind it with another file, go back to server generation, and click generate new server.
Have fun keylogging.
Creds:
Thyonic for making Project Neptune
Dr1v7r for the download since their site been down, and for showing me how to use it a while back.
http://virusscan.jotti.org/en/scanre...cd4bb138025fd5
http://www.virustotal.com/file-scan/...e14-1305984319
Pretty cool.
but you have to be retarded to not be able to use a keylogger lol.
of and /approved
but you have to be retarded to not be able to use a keylogger lol.
of and /approved
Originally Posted by Hex
Pretty cool.
but you have to be retarded to not be able to use a keylogger lol.
of and /approved
but you have to be retarded to not be able to use a keylogger lol.
of and /approved
JKJKJKJKJKJKJKJK
And I think things get Auto Approved here
Hmm, how to make it not detectable?
Originally Posted by TomAllMighty
Hmm, how to make it not detectable?
Originally Posted by Fuko
Crypt it, go find one.
Originally Posted by TomAllMighty
Recommendations?
The one I use gets 27/40 before, and 5/40 after, and that's pub.
If you want fud, go buy one.
i thought there was an agreement on no keyloggers?
meh whatever, good job fuko
meh whatever, good job fuko
Originally Posted by Reaper8281
i thought there was an agreement on no keyloggers?
meh whatever, good job fuko
meh whatever, good job fuko
They didn't mean posting keylogger programs, they meant actually keylogging here.
Hmm, well for now i cant buy one, i need a public one that isnt a virus, that can atleast pass kaspersky and trend
Originally Posted by TomAllMighty
Hmm, well for now i cant buy one, i need a public one that isnt a virus, that can atleast pass kaspersky and trend
After:VirusTotal - Free Online Virus, Malware and URL Scanner
links aint working
Originally Posted by TomAllMighty
links aint working
Go here: C:\WINDOWS\System32\drivers\etc
Open your hosts file with notepad.
If it says access is denied, run notepad as administrator.
If virustotal is after any of these lines, remove it.
yeah, i was lol, could it be because i infected my self with Neptune?
Btw, the cure thing isnt working for me,
Btw, the cure thing isnt working for me,
Originally Posted by TomAllMighty
yeah, i was lol, could it be because i infected my self with Neptune?
Btw, the cure thing isnt working for me,
Btw, the cure thing isnt working for me,
Did you take virustotal out of your hosts file?