New Keylogger

[yankejustin]

Hi!
Here is the re-written keylogger!

@MaxXor Please make a separate branch for this because there are a few more things that should be either fixed, added, or modified with this keylogger before it should be added to the main branch. Please see Upcoming and To-Do.

Features

• Flexible and dynamic behavior
• Easy to modify
• Encapsulation
• Supports many more keys (again, extremely easy to add more)
• Documentation!
• Uses Virtual Keys then calls ToUnicodeEx for better localization.

Upcoming (before merging)

• Attempt to use keys that are not supported in our enum list by attempting to use FromKeys.
• Be sure Keylogger Escape key #95 is fixed
• Be sure [CTRL+Shift+any letter] keylogging #98 is fixed
• Be sure KeyLogger arrow keys #99 is functional
• Add support for more keylogger keys
• Correctly detect the state of caps lock, scroll lock, and num lock

To-Do

• Improve code and optimize (much later... probably after upcoming is done and after adding to the master branch)
• More testing on the output... A few known unreliable things, such as: pressing 'alt' key or 'ctrl' key will print the correct key (such as '[CTRL]' for the correct key, but will then also print '[L_CTRL]' because it was the control key from the left...)
• Improvements to the interface, including things like being able to easily access or modify log files, colorizing, etc. Open Containing Folder Addition to Transfers + Colorizing Window Title and adding time to keylogger #90
• Add the ability to dynamically re-assign the output, as specified in Email keylogger logs. #111
• Add a maximum size cap. for log files and add folders for each day instead of files because they get long. Also handle multiple or repetitive keys in a more elegant way, as specified in multible (repeated) key in keylog and very long line #119
• Eventually encode the formatted output of the keylogger so it is not vulnerable to Cross-Site Scripting (XSS)

[DragonzMaster]

I see that you have a lot of work to do
good luck bro :D

[yankejustin]

Hehe... Yeah, it is quite a lot of work, but might as implement a new and big feature correctly to make it easier for future changes and modifications! :)
A big reason for asking for a separate branch from my last commit is because it is in a functional state. Not the desired state, but it works. Making a branch from my current progress means that many others will be able to take some of the work and contribute to this new major change to a big part of what makes up a wholesome Remote Administration Tool. 💯

[MaxXor]

Created the new branch dev for this.

[ghost]

Good work @yankejustin, I'm making some changes to this to get the toggle/down keys to work correctly. One thing I've noticed is that keys are sometimes logged multiple times just pressing the key once, maybe you could have some insight on why this is happening. Also, currently, every key is being treated like a special key (being highlighted)

[yankejustin]

@d3agle Thank you! :)
Yeah I will have to toy with the output tonight. The big priority is making sure that the special keys are being captured, and that the toggle state of the keys is being correctly detected.
The reason that the keys are logged multiple times is because the value of the keys that have multiple values (ctrl = l_ctrl | r_ctrl) so I think I am just neglecting to pull only a single flag out of the input we are given...

[yankejustin]

Another priority is the interface, but we (of course) need the output to be accurate and correctly formatted. :)

[yankejustin]

@MaxXor Can my fork be deleted without affecting your branch? I should have used a different branch instead of my fork's master branch to work on the keylogger... :P

[MaxXor]

@yankejustin yes. :) it's safe to delete.

[yankejustin]

Okay, good. Thank you!

[ghost]

I hate to say this, but I don't think that this key logger is going to work, as far as accuracy and efficiency. I've done a lot of research on GetAsyncKeystate and it doesn't appear that this method contains enough information to have accurate control on what we are trying to accomplish. Initially, I wanted to avoid global keyboard hooks when I was looking into this method, but considering there would be a lot more control over the accuracy and efficiency of recording keystrokes (filtering system messages), I think that using a keyboard hook might be a more viable option.

[yankejustin]

Yeah, I agree. Throughout my extensive research on all hookless methods to do this, I have consistently seen horribly poor documentation by Microsoft, inconsistent behavior with the methods provided, and just simply incorrect behavior that seems to be experienced by others as well. It feels that, even if done correctly, this is going to end up being one hacky fix after another in order to implement a functioning and accurate keylogger.

[yankejustin]

@MaxXor We need your input on this. I have been doing more research in my free-time (about to work on some open issues soon), and I have also come to the conclusion that using a keyboard hook would be far better of a solution due to the unpredictable and poorly-understood GetAsyncKeystate

[MaxXor]

I think we should try out using a keyboard hook. :) Let's see how this is working.

[yankejustin]

I am going to close this pull request because most of it is already in the "dev" branch. I will be committing new changes so we are using a keyboard hook instead of GetAsyncKeystate and I will create another pull request once the new way is up. :)

[MaxXor]

Alright!