Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Sponsored by: █ Sparkhost - Hosting Without Compromises! █ Hybrid Performance Web Hosting █ Spark Host Stream Hosting █ Hybrid IRC & IRCd Server Shell Accounts

Vb Keylogger

Started by Guest_coder_* , Oct 10 2003 10:32 AM

Next

Please log in to reply

24 replies to this topic

#1 Guest_coder_*

Guests

Posted 10 October 2003 - 10:32 AM

OK all you VB kiddies

I�m starting a small Keylogger project for win32 (der!)

Here is what I have so far�

The application when run will first Add auto-run Registry key, then opens �KEYLOG.SYS� and start logging all key strokes to it.

I�ve attached the source code (below)�

What other cool stuff should a Keylogger have�

Email capabilities, encrypted logs, etc�

Comments / Questions are welcome <_<

Attached Files

keylog.zip 6.6K 2830 downloads

Back to top

#2 Guest_OneNight_*

Guests

Posted 10 October 2003 - 11:38 AM

Great suggestion for a project coder. Pity i have no vb skills, but i do have a suggestion.

Is it possible to bundle it with netcat and have it call home at specified time(s)? In other wotrds create a small back door at times which u can set before hand...

Just an idea..

Back to top

#3 Guest_kektex_*

Guests

Posted 10 October 2003 - 05:10 PM

Thanks for taking my idea into consideration

I was under the impression that most keyloggers required good knowledge of asm.
Anyways I�m here to learn so I hope we can all get something out of this.
I�ve been doing some research...not all of it is VB related but could come in handy:

http://www.codeguru....LoggerMore.html

http://www.astalavis...croix-src11.rar

Im also reading some of the Hitchhiker�s world guides.My Win32 programming isn�t good though

http://packetstormse...y.nl/groups/hh/

Back to top

#4 vnet576

Specialist

Members
1,000 posts

Posted 10 October 2003 - 05:21 PM

Also can u make the keylogger upload the log to a remote ftp server?

Back to top

#5 Guest_coder_*

Guests

Posted 10 October 2003 - 05:39 PM

well as far as the drop method (dropping the keystrokes) - you guys should pick one decent method... that way i have somthing to start with

Maybe something HTTP (less suspicious) <_<

Back to top

#6 Guest_kektex_*

Guests

Posted 11 October 2003 - 06:15 AM

erm...what do you mean by dropping? where to save the keystrokes?

Back to top

#7 Guest_coder_*

Guests

Posted 11 October 2003 - 06:42 AM

ok, ketex (don't "erm.." me anymore smartass

)

vnet suggested that we upload the keystrokes to a FTP, the code you posted uses a SMTP client... I was thinking maybe something along the lines of HTTP POST to a specialized cgi (this would not look too suspicious in the logs)... Another good thing to have might be it's own SMTP server (this way the keylogger would work from by it-self , needing no helper applications)...

We should all put our heads together and try to come up with something sneaky <_<

so far- i'm interested in packaging it in a r00tkit with it's own SMTP engine...

Back to top

#8 GAN_GR33N

Corporal

Members
163 posts

Posted 11 October 2003 - 05:06 PM

as far as making it call home with netcat that could be done easily with a shell command. all you need to do is write log to a file then make a variable

private phonehome as double

then do

phonehome = shell(cmd.exe /c whatever command you need)

you could easily use ftp tftp or maybe put with http to accomplish this.

P.S. whats with all the vb bashing. its very usefull and quick.

Back to top

#9 z0mbi3

Corporal

Members
173 posts

Posted 11 October 2003 - 10:10 PM

ifits using smtp wouldn't norton detect outgoing messages...

http looks less suspicious

Back to top

#10 Guest_coder_*

Guests

Posted 12 October 2003 - 05:37 PM

i've decided to go with a DLL based system... any objections?

i was also thinking of bundling it with the vanquish rootkit?

any other ideas? btw- I'd really appreciate any help i can get

any VB coders out there?

Back to top

#11 total_noob

Private First Class

Members
29 posts

Posted 12 October 2003 - 10:26 PM

yea i use to code vb6 when i used windwows , its been a while sense ive used the langague but i can try to help if you have ne problems.

Back to top

#12 manu

Master Sergeant

Members
820 posts

Posted 13 October 2003 - 09:22 AM

Guys,

Theres an issue, do you think that you can hide ur keylogger from Norton or other F*cking antivirus programs, if you can, it will be excellent and currently I am facing that problem, Anyway, I wish if I could help you guys in anyway.. Thanks, and waiting for a good result...

Manu

Back to top

#13 Guest_coder_*

Guests

Posted 13 October 2003 - 11:41 AM

hmm...? i think i'm going to have a problem with norton. I was hoping that the rootkit would hide it from norton? I don't have norton, so i can't really test against it.

could someone run that rootkit + keylogger & test it against norton?

rootkit: vanquish
keylogger: posted above

ok- about the drop method? i was thinking about using some CGI scripts... this way the keystrokes can be dumped into CGI encrypted (with some bullsh*t encoding- to make it look real) here is the perl script...

print "Content-type: text/html\n\n";

read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) {
   ($name, $value) = split(/=/, $pair);
   $value =~ tr/+/ /;
   $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
   $value =~ s/<!--(.|\n)*-->//g;
   $FORM{$name} = $value;
}


	open (BOOK, ">>keystroke1.htm") || die ("ERROR");
  print BOOK $FORM{'key'};
	close (BOOK);

so, all the keylogger has to do is make POST to the script, another even sneaker way- I can use Microsoft Internet Explorer Object refrence to make all of the HTPP request/posts. Now the added bonus of this method would be that even if the target machine was running an application firewall... the keylogger can communicate anonymously behind IE (this is also an added bonus- as most user's always allow IE to connect)

tell me what ya think?

Back to top

#14 Guest_kektex_*

Guests

Posted 14 October 2003 - 03:21 PM

I think that`s the best way to dump the keystrokes in a "stealthy" manner since it might get past the firewalls specially if it can be done with the IE framework.

OT:I`ve been kinda away from the board because of college stuff but I`m reading some stuff I printed about linux keyloggers...my VB is not good.I only know some VBA (excel,word) that I took on my second semester in college.I`m thinking about takning some java classes next semester even though I`m not very fond of the language (I find it slow and clunky).Any java coders here?