================[ Getit ]

Getit is a "snooper", a program that intercepts keypresses and
store them into a file. Now Getit is a bit smarter than that,
it looks for a LOGIN program, so that it will only snoop logins
and passwords.
The source of the original Getit is well known, but unfortunatly
no one knows for sure who wrote it.

================[ Getit EAX ]

 Getit EAX is one of Eleventh Alliance attempts to make better
snoopers. Getit EAX is based upon the Getit source, but it has
been improved. The first thing we did to our Getit EAX versions
was to correct a bug in Getit that sometimes caused stackerrors,
and we also added an installation check so that you won't get
a new copy of Getit active each time you run Getit.

 We also decieded to remove the entire loader part after going
resident, so that no amature would try to detect our program by
looking for the those parts or something else funny (Here's a tip:
the internal string 'Getit' and some others strings are present
in all Getit EAX versions!)
 You don't have to tell us that it is stupid to remove those
traces, I know that... Just felt like doing it, and I mean, atleast
it doesn't make our program easier to detect, and it's only a few
bytes...

 Btw, EAX is our acronym for Eleventh Alliance eXperiment, and it
looks nicer to me (an assembler programmer) since it sounds like
it would be a 386 application, though it is an 8088 compatible
application...

================[ Getit EAX v 1.04 ]

 Okay, this is the latest version... It's been almost finnished
a long time, but I really felt like I had to make FindViru and
TbScan not detect it before I released it. Now I'm not very
experienced with encryption and other vx-related problems, so
it took some time. Using an encryption routine developed by
myself and some tricks and information found in various vx-mags
(IRG, 29A, VLAD) I got it together. Credits to VLAD for the
anti-TbScan trick! (the only way to detect this version that
currently works is to use F-PROT /PARANOID)

 Well, except for not being detected by scanners, there are some
other big news in this version, like it can scan for several
commands now, I've tested it with Netware's LOGIN and SETPASS.
Of course I've added a configuration program, so you don't have
to decrypt the program and change it yourself :) ... Quite simple
configuration program...

 You can also configure where the passwords should be saved
youself, that ought to keep some lamers away. (since the program
is encrypted, no amature can guess where it's saved. Must be
decrypted first)

 Also, some parts of this version's loader is generally better
(read nicer) written, but YOU won't notice that... just me who
got the source :)

================[ The End ]

This textfile was written by Bluefish_[11A]
The author of the original Getit is unkown
The author of the new modifications is Bluefish_[11A]
Sources of various information are:
 #virus, IR/IRG-mags, 29A-mags, VLAD-mags
Greetings goes to:
 All our 11A members, alt.2600, everyone who knows me or met me
 on the IRC
Bluefish can sometimes be found at
 #11Alliance, #virus, #hack
 ICQ: 611251
 Email: bluefish@swipnet.se
 Email: ealliance@hotmail.com
Check out these sites:
 11a.home.ml.org
 bluefish.home.ml.org


