by expl0it_shad0w
Released in november 2002
ehks v2.1 is simply a keylogger which lets you check the log files remotely via a web browser (e.g, Internet Explorer) Connect to there machine on port 80 with an Internet browser. This version is 100% Different, ive completely re-built it. Supported Version of Windows, * win9x - Ive only tested on a 9x box, so if you guys are gonna test on a different machine, let me know im uncertain as to weather or nto it works win XP, some beta testers say yes, some say no, im looking, into this for the next version. The keylogger doesnt run under NT, I have tried, but feel free to try for your selfs, and give me feedback on the result. Features/Misc Ehks has been 100% re-built. Heres whats been added/changed in version 2.1. * Better Stealthing code - hopefully wont crash. * Changed Keylogging code - you can now see the windows handle. * Changed HTML log file - alot better, so people have said anyway. * Added Anti-firewall/Anti-AntiVirus - this will stop most firewalls and AVS's * Added Function to get dialup, share, and other chached passwords. * Added Function to get Machine Info * Multi-Log File Support - all log files have there own unique filename * Added Mutex usegae, to stop cant write to file error's hopefully expl0it_shad0w Server: c:\WINDOWS\SYSTEM\SpooI32.exe size: 185.856 bytes port: 80 TCP startup: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "SpoolerSubSystemProcess" added: c:\WINDOWS\SYSTEM\EVO_12-11-22_11-20.html c:\WINDOWS\SYSTEM\index.htmlMegaSecurity