by ?
Written in Visual Basic
Released in May 2004
A Brief Overview – PalSpy v2 Server Version:- 2.1.3 [ALPHA] About the Server This Server is unique in many ways, first of all it has no client software as all the data is displayed as a web page this allows you to connect to the server from anywhere and also have the freedom of viewing it from any operating system, even if you have Windows 95, what also make the server unique is it’s PalTalk features which enables you to get the PalTalk's users password in plain text with a click of a link. Features Here is a list of the features and how they work. Server Status View Desktop Email Notify Remote Typer/Spy Paltalk Password Retriever File Manager Running Processes Server Status This Section will tell you about their computer such as default file locations, it will also let you know about the server, what version and how long it’s been running, the IP of the server and your own IP will also be displayed. View Desktop The title explains itself but here’s an explanation anyway. This feature allows you to watch their desktop and see what their doing. This will open up in a spreate window allowing you to carry on spying as you watch there desktop, the page refreshes every 6 seconds allowing time for the image to download before the next one appears. There are 2 known downfalls with this feature, one of which is that it will use a bit of bandwidth, although optimized to use as small amount, if your victim is on a 56k dialup connection then of course the spying will be slowed down. The second factor is that if their screen resolution is higher than yours you will need to scroll the page or change your resolution to match theirs. Email Notify Once they have run the server you can input your email address so you can get there IP emailed to every time they restart their computer. Later versions may include a feature so that your email could be inserted in the server before the file is sent, so that manual IP lookup is not needed. Remote Typer/Spy This will show all the open windows on their computer allowing you to click on the ones that are PalTalk typing windows i.e. private messaging and rooms. Once you click on the room or pm link it will show the current text in the room and also allowing you to type under their PalTalk nickname. Just enter the text in the text box and click send, the text will refresh when you click the send button but if you want to remain unknown then just click refresh and you will be able to see the text that has been typed in since the last time you loaded the page. Paltalk Password This feature allows you to see the PalTalk user’s password in plain text since you already know their name then you can just logon to their PalTalk account. This is one of the best features of all as it is the only program that does it. File Manager This feature is still a bit buggy as we are still in the alpha stages of testing, what this feature does is allow you to download, run and delete files on the remote computer, you can browse the users files and download them as easy as that. You can also run the files on their computer i.e. as if you were to run “c:\pic.jpg” it would open the jpg file in there default program such as paint shop pro or to be a pain you could just delete the file. Running Processes This will show all of the running programs on the victims computer. If you were to click kill next to a program name then this would close that particular program. If you want to really bug your victim then you could close the “winlogon.exe” doing this will cause their computer to shutdown. If you want to close the PalSpy server then click kill next to the program called “kazaa.exe” and the server will be closed down until the victims computer is restarted. dropped files: c:\Program Files\ABC\Kazaa.exe size: 86.016 bytes c:\Program Files\ABC\_Root\index.html size: 3.256 bytes c:\Program Files\ABC\_Root\Thumbs.db size: 11.776 bytes c:\Program Files\ABC\_Root\page\email.html size: 822 bytes c:\Program Files\ABC\_Root\page\filemanager.html size: 479 bytes c:\Program Files\ABC\_Root\page\image.html size: 778 bytes c:\Program Files\ABC\_Root\page\image1.html size: 586 bytes c:\Program Files\ABC\_Root\page\main.html size: 584 bytes c:\Program Files\ABC\_Root\page\openwindows.html size: 592 bytes c:\Program Files\ABC\_Root\page\password.html size: 511 bytes c:\Program Files\ABC\_Root\page\processes.html size: 484 bytes c:\Program Files\ABC\_Root\page\readroompm.html size: 522 bytes port: 8080 TCP startup: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Kazaa" data: C:\PROGRA~1\ABC\kazaa.exe tested on Windows XPMegaSecurity