Author Topic: Project Aquatone  (Read 3200 times)

0 Members and 5 Guests are viewing this topic.

Offline Zesh

  • Royal Highness
  • ****
  • Posts: 699
  • Cookies: 42
    • View Profile
Project Aquatone
« on: July 29, 2012, 05:24:23 am »
Quick thanks to dsman and bubzuru for the revival of my motivation ;)

Project Aquatone will be a malware piece that I will be developing for the hell off it and as a direct competition to bubzuru key logger. It will be written in Visual Basic 6, time to show off the power of BASIC! I've got a few features and ideas in mind but I'm going to start of small and then build up.

Features
  • Key Logger - I've ditched the unreliable GetAsyncKeyState approach and will be using a DLL hook that will also hook the mouse.
  • Screenshots - A simple timmer that will trigger a screenshot to be taken at regular intervals.
  • Server/FTP - Aquatone will first try to connect to a server to upload data and to recieve commands from, if a connection to the server cannot be made, Auqatone will fall back onto a FTP connection.
Here's a look of what I've got so far:

The listbox at the top contains all of the hook events, whilst the textbox displays a readable representation of the keyboard events. So that's the key logger feature pretty much done, I do have an idea of invoking the logging when certain programs are running but I'll add that later. Next up is the screenshot and server/ftp features which are rather simple and then I'll start messing around with some fun stuff :)

Offline Kulverstukas

  • Administrator
  • Zeus
  • *
  • Posts: 6627
  • Cookies: 542
  • Fascist dictator
    • View Profile
    • My blog
Re: Project Aquatone
« Reply #1 on: July 29, 2012, 08:22:45 am »
Oh dear lord. Doesn't all lame keyloggers get written in VisualBasic? just asking...

Offline Zesh

  • Royal Highness
  • ****
  • Posts: 699
  • Cookies: 42
    • View Profile
Re: Project Aquatone
« Reply #2 on: July 29, 2012, 08:57:05 am »
Oh dear lord. Doesn't all lame keyloggers get written in VisualBasic? just asking...

Nope. Every language has lame keyloggers and mine isn't lame, using a hook puts my program above most other keyloggers made in VB6 :P

Offline techb

  • Soy Sauce Feeler
  • Global Moderator
  • King
  • *
  • Posts: 2350
  • Cookies: 345
  • Aliens do in fact wear hats.
    • View Profile
    • github
Re: Project Aquatone
« Reply #3 on: July 29, 2012, 09:56:51 am »
Vb is lame in my eyes regardless. But that is from personal experience though. C would be a better option, or C# if you want to go proprietary. Good luck though, any language is a whole lot better than none. I took Vb in college and it was a joke. Industry seems to enjoy it though.
>>>import this
-----------------------------

Offline Zesh

  • Royal Highness
  • ****
  • Posts: 699
  • Cookies: 42
    • View Profile
Re: Project Aquatone
« Reply #4 on: July 29, 2012, 11:34:50 am »
Well yes, everyone has their own opinions. I quite like VB6, it can be quickly used to whip up a program and it's the language I started off with, due to my game development endeavours with Mirage and its variants. The other option I have is C++ but my learning of that language is currently based around my game developers course and as I'm better with VB6, its what I'll use.

A quick update: Screenshot feature is in. Simply changing the number in the textbox changes the interval of each screeny in Minutes and for some reason I decided to keep track of how many keys have been pressed :P



Now, I'm going to step it up and start turning this program into something better than the "lame" crap. Next up is the server/ftp feature, a better UI and a few other little things.
« Last Edit: July 29, 2012, 11:36:04 am by Zesh »


Offline Huntondoom

  • Baron
  • ****
  • Posts: 856
  • Cookies: 17
  • Visual C# programmer
    • View Profile
Re: Project Aquatone
« Reply #5 on: July 29, 2012, 12:05:41 pm »
little bit of source code (A)?
Aslong as you are connected to the internet, you'll have no privacy

Advanced Internet Search
Clean Up!

Offline dsman

  • /dev/null
  • *
  • Posts: 7
  • Cookies: 0
    • View Profile
Re: Project Aquatone
« Reply #6 on: July 29, 2012, 01:00:00 pm »
Good job bro ^^

Offline bubzuru

  • Knight
  • **
  • Posts: 395
  • Cookies: 21
  • everything is contained in the data
    • View Profile
    • New School Tools
Re: Project Aquatone
« Reply #7 on: July 29, 2012, 02:01:23 pm »
good to see iv inspired you to start working again
(little tip: Try hooking KeyPress insted of KeyUp\Down, or hook both. key pressed is not good with certen keys (up, down, windows etc. use key up to log these) but use keypressed to log the rest (good with shift, space, shift\key $, etc)
Damm it feels good to be gangsta
http://bubzuru.comule.com

Offline bubzuru

  • Knight
  • **
  • Posts: 395
  • Cookies: 21
  • everything is contained in the data
    • View Profile
    • New School Tools
Re: Project Aquatone
« Reply #8 on: July 29, 2012, 04:32:09 pm »
here this will come in handy
Quote
DECOCTHEXBINSymbolHTML NumberHTML NameDescription
00000000000000NUL Null char
10010100000001SOH Start of Heading
20020200000010STX Start of Text
30030300000011ETX End of Text
40040400000100EOT End of Transmission
50050500000101ENQ Enquiry
60060600000110ACK Acknowledgment
70070700000111BEL Bell
80100800001000 BS Back Space
90110900001001 HT Horizontal Tab
100120A00001010 LF Line Feed
110130B00001011 VT Vertical Tab
120140C00001100 FF Form Feed
130150D00001101 CR Carriage Return
140160E00001110 SO Shift Out / X-On
150170F00001111 SI Shift In / X-Off
160201000010000DLE Data Line Escape
170211100010001DC1 Device Control 1 (oft. XON)
180221200010010DC2 Device Control 2
190231300010011DC3 Device Control 3 (oft. XOFF)
200241400010100DC4 Device Control 4
210251500010101NAK Negative Acknowledgement
220261600010110SYN Synchronous Idle
230271700010111ETB End of Transmit Block
240301800011000CAN Cancel
250311900011001 EM End of Medium
260321A00011010SUB Substitute
270331B00011011ESC Escape
280341C00011100 FS File Separator
290351D00011101 GS Group Separator
300361E00011110 RS Record Separator
310371F00011111 US Unit Separator

[/td][/tr][/table]
« Last Edit: July 29, 2012, 04:35:41 pm by bubzuru »
Damm it feels good to be gangsta
http://bubzuru.comule.com

Offline Zesh

  • Royal Highness
  • ****
  • Posts: 699
  • Cookies: 42
    • View Profile
Re: Project Aquatone
« Reply #9 on: July 30, 2012, 01:55:42 am »
little bit of source code (A)?

Which little bit? :P

Good job bro ^^

Thank you :D

@bubzuru - Thanks for the tip and table :D

I'm going to leave this here, I'll do a proper w/ text update in the morning * yawn *


Offline Huntondoom

  • Baron
  • ****
  • Posts: 856
  • Cookies: 17
  • Visual C# programmer
    • View Profile
Re: Project Aquatone
« Reply #10 on: July 30, 2012, 08:28:01 pm »
Which little bit? :P

Thank you :D

@bubzuru - Thanks for the tip and table :D

I'm going to leave this here, I'll do a proper w/ text update in the morning * yawn *


the secret to your powers!
the hook :3
Aslong as you are connected to the internet, you'll have no privacy

Advanced Internet Search
Clean Up!

Offline EmilKXZ

  • Peasant
  • *
  • Posts: 109
  • Cookies: 10
  • likes monies :p
    • View Profile
    • EmilKXZ
Re: Project Aquatone
« Reply #11 on: July 31, 2012, 05:40:56 am »
Oh dear lord. Doesn't all lame keyloggers get written in VisualBasic? just asking...

Agreed.

Everything that doesn't run native in the OS is lame to me. A C# keylogger would go lame too if I have the standard XP without .NET (it doesn't come by default). On the other hand, there are good pieces of malware that are framework-based, such as Managed Code Rootkits, I acknowledge the good work, it's just doesn't sound to me too real to employ a malware tool which requires the user to have installed something extra that doesn't come by default. I honestly don't know, but I think .NET comes by default in Windows 7. Enlighten me if I am wrong.  ::)

Offline bubzuru

  • Knight
  • **
  • Posts: 395
  • Cookies: 21
  • everything is contained in the data
    • View Profile
    • New School Tools
Re: Project Aquatone
« Reply #12 on: July 31, 2012, 01:00:07 pm »
Yes .NET comes by default in Windows 7 (i cant see it going anywhere in the near future)
and most people install it some reason

if you read my old posts you will see that i used to hate .NET when i was on XP.
now i love it.
Damm it feels good to be gangsta
http://bubzuru.comule.com

Offline Kulverstukas

  • Administrator
  • Zeus
  • *
  • Posts: 6627
  • Cookies: 542
  • Fascist dictator
    • View Profile
    • My blog
Re: Project Aquatone
« Reply #13 on: July 31, 2012, 03:15:36 pm »
Developing a more serious virus, you cannot rely on what people _should_ have installed in order for the malware to run. Unless you are targeting a very specific module, but that's another story.
My point is, if you are creating something that you will later have to get data from without end-user knowing and you won't have complete control over it, you cannot rely on "if" factors. It needs to be solid. And .NET, Java or anything else that takes up vital organs in an executable does not qualify as solid.
But you probably all know that already.

Offline bubzuru

  • Knight
  • **
  • Posts: 395
  • Cookies: 21
  • everything is contained in the data
    • View Profile
    • New School Tools
Re: Project Aquatone
« Reply #14 on: July 31, 2012, 05:22:04 pm »
thats why i like delphi so much
but all that unicode string bullshit in the new version got me down
(broke all my code)
Damm it feels good to be gangsta
http://bubzuru.comule.com