[BEST] iStealer Tutorial till date – Setup + Hosting + Undetectable PHP [TUT]

Today , i am going to teach users how to setup istealer 6.3 Legends , how to get a free hosting at 000webhost and how to prevent getting banned at 000webhost (by FUDing your php file from 000webhost)

Also, thanks to CATMAN for the pics. I don’t take credit for the pics (except for the last one).

Rest assured, the entire tutorial is written by me and took an hour to write and format. So please reply to keep this topic alive !!! Victoire

So, lets begin !

STEP 1 :- Download iStealer 6.3 Legends

Here is the download link :-

It WILL show a virus , but its just a false positive since this is a stealer software, so don’t worry.

A virus scan if you still need it :-

File Info

Report date: 2011-02-26 06:46:49 (GMT 1)
File name: istealer-6-3-legends-exe
File size: 1712128 bytes
MD5 Hash: 3e6dde21e8d59ecd96ebb077a5b4ae3d
SHA1 Hash: 951f04364f97007021b17664a8ddea32b52ad126
Detection rate: 14 on 16 (88%)


a-squared – Trojan-PWS.Win32.Dybalom!IK
Avast – Win32:Malware-gen
AVG – PSW.Generic8.YN
Avira AntiVir – TR/Spy.Gen2
BitDefender – Gen:Trojan.Heur.VP.OD0@amglpWk
ClamAV – Trojan.Spy-75681
Comodo – TrojWare.Win32.Trojan.Agent.~KRV
Dr.Web – Trojan.Siggen1.39351
F-PROT6 – W32/Trojan2.MMBV
Ikarus T3 – Trojan-PWS.Dybalom
Kaspersky –
NOD32 – Win32/TrojanDropper.VB.NPB
Panda –
TrendMicro – TROJ_MDROP.ZV
VBA32 – Trojan-PSW.Win32.Dybalom.cwj
VirusBuster – Trojan.DR.VB!bKKvqH8AIGs

Scan report generated by

STEP 2 :- Making a free account at 000webhost.com

[Image: 49442116.jpg]

[Image: 66303407.jpg]

  • Now , the account is made. (Confirm it from your email)
  • Now, login to the account and go to the Control Panel (CPanel)
  • Scroll down to MySQL under “Software / Services”.

[Image: lol4w.png]

  • Follow this picture now :

[Image: lol1u.png]

  • Now, SAVE the info you receive about on the next page in notepad.

STEP 3 :- Setting up index.php file (Php Logger)

  • Extract iStealer 6.3 rar file and after that extract PHP Logger rar file.
  • You will see PHP Logger folder.Open it.Now you see two files.
  • Open index.php using notepad and follow this pic :

[Image: nothingk.png]

To remember :- The admin and admin which you entered in $username and$password line is the password to see your logs.

STEP 4 :- Making your index.php undetectable by hosts like 000webhost

  • Open index.php and change the following lines
  • PHP Code:
    $html  "<html><head><title>iStealer 6.1 Legends Log manager - "


    PHP Code:
    $html  "<html><head><title>My Personal Software manager - "


    PHP Code:
    $footer  "<div id='footer'>iStealer 6.1 Legends - Kizar Labs 2009</div></div></body></html>"


    PHP Code:
    $footer  "<div id='footer'>Backup manager - Backup Script 2010</div></div></body></html>"

  • Now download and install this software : TrueBug PHP Obfuscator & Encoder. (Google for download link, trial version is also ok.)
  • Open it and go to “Files and Folders”
  • Source Folder – select folder containing your PHP scripts, click on the browse button beside the folder name box. Target Folder – select folder where the obfuscated and encoded files will save to, click on the browse button beside the folder name box. Select files to be obfuscated/encoded, click on check-box front of filename (index.php) in the file list-box
  • Now to go “Obfuscate & Encode” Set the output options as “Obfuscate & Encode” and check EVERYTHING and click “Process” then press “Close” button and also close program.
  • You will find an obduscated index.php in the output folder which you selected. Now remember this is the index.php which you have to upload to 000webhost , not the original one.

STEP 5 :- Uploading Files (index.php and style.css on 000webhost)

  • Go to your Control Panel in 000webhost
  • Now, Go to File Manager. If it asks for password , see the “View FTP Details” which appears beside File Manager in Control Panel.
  • Now to go public_html. Then click on “New dir”. Enter the directory name like hobby or work or passion or something like that.
  • Now go the the directory you just created and create further 2 sub-directories inside it as you did in the previous step.
  • So it will be something like this public_html > hobby > test and work
  • Now go to any of the last 2 directories you just created and click on the “Upload button” select index.php and style.css and then click the Tick button to upload.
  • Go back to the root folder and tick the box beside public_html and then click on the “Chmod” button and follow this pic :

[Image: 62f864.jpg]

STEP 6 :- Building your iStealer

  • Run the iStealer 6.3 Legends.exe (as admin if you use vista/7 )
  • Enter the link to your index.php file in the Url field.
    For example :- http://barney.site50.net/hobby/work/index.php
  • Click on Test Url. If it shows success , then you have set up everything correctly and if it shows some error then there is something wrong you have done in the uploading part or the link was not proper.
  • Now click on Build.
  • To access your log , go to your web browser and enter the link to your index.php file.

CONGRATS ! Your server is now ready !! Biggrin Thumbsup

1 Comment
  1. Reply
    Rahul October 22, 2015 at 6:11 pm

    Hello Admin, thank you for enlightening us with your knowledge sharing. PHP has become an inevitable part of web development, and with proper PHP course in Chennai, one can have a strong career in the web development field.

Leave a reply