AOL Password Stealer 1_0 details

  • Description

    From the doc: 'This is not meant to be a stand-alone trojan. The target computer must already be running a trojan horse. Any trojan horse with decent options should be fine. The trojan must have a file browser and a registry browser. ***THE TARGET MUST BE USING VERSION 7.0 OF AOL.*** 1. Connect with your trojan horse of choice. Open up the file browser and upload the AOL Password Stealer (AOL.exe) to any folder out of view on the target. Execute the uploaded AOL.exe. Delete the uploaded AOL.exe. 2. The target is now set for password retrieval. However, the target must reboot his/her computer before passwords may be retrieved. Use your trojan to reboot the server. Don't worry if AOL is running on the target during restart as it doesn't matter. Note: You could also wait for the target to manually reboot the pc. 3. Assuming the computer has rebooted, the real AOL has been replaced with the password stealer file. Now, if AOL is executed by the target (Which he/she must do anyway to sign back online for you to retrieve the password) he/she will be prompted with a fake error from AOL and asked to type in his/her account name and password (Don't worry, it's not cheesy like this text makes it sound). 4. After the target gives away his/her information, the fake AOL is then replaced with the real one and executed so the target can sign online. The target should never see the fake error again (Unless you run the password stealer from step 1 again). 5. Now that the target has signed online, use your trojan horse to connect and open the registry browser. Now navigate to HKEY_CURRENT_USERSoftwareVB and VBA Program SETTINGSAOLAmerica online There should be 4 strings: (Default), Load, Password, and Screen Name. Ignore everything but Password and Screen Name. Yup, that's it.'

  • Alias

    PWS [McAfee]PWS-AolEk trojansecurity risk or a "backdoor" program [F-Prot]Trojan Horse [Panda]Trojan.PSW.AOLPassTrojan.PSW.AOLPass [Kaspersky]Win32/AOLPass!PWS!Trojan [Computer Associates]Win32/PSW.AOLPass trojan [Eset]