Sign in to follow this  
Followers 0
LewisKeith

Creating a Simple Laptop Tracker with Dropbox as C&C

16 posts in this topic

#1 ·  Posted (edited)

Scenario: My laptop will be stolen, I tried to activate prey, however it didn't work. I have my TeamViewer 7, Dropbox, and autohotkey installed. Autohotkey is monitoring a certain folder in my DP folder and will execute any executable that will appear on that folder.

NO GUI

My Script Features:

*Takes screenshot when you run it and save to dp folder

*Takes IP address and save to logfile

*Records nearby Wifi and all info on them BSSID MAC save to logfile

*Will run in teamviewer and dropbox in case it will be killed after I upload my tracker.

*Everything gathered will be copied and synced to dropbox folder.

Autohotkey: [Run in startup]

*Monitors Dropbox Specific Folder for any Executable

Dropbox:

*Have a dedicated folder [Run in startup/Registered as a service]

Teamviewer:

*In case I want to take control my pc

I want to add:

*Webcam screenshot

*Check IP and NearbyWifi every 30minutes and save to logfile.

*Registers itself on startup for every user via registry.

*Kill process like boxcryptor,keepass,chrome [incase of sensitive files]

*Clean history logs via ccleaner installed with a silent command

*Execute teamviewer minimized

*Uploads to FTP incase it dropbox is uninstalled.

*Upload to a dropbox folder with username and pass via api

Note: I know there are Legal Rats Lying around, but I want to create this one with the dependency of dropbox. :) I'm a beginner on autoit and will appreciate any kind of help. If you see your code here let me know. I don't own any code, I copied them on this forums on different threads. This is not a bot, this is a tracker which you can upload to dropbox folder synced with the computer stolen, autohotkey is waiting and will be execute exe on that folder.

It is sloppy. I know. It would be glad if someone can help me out improve this script. Thank you in advance.

#NoTrayIcon
#include
#include
#include
#include

;[GOAL1: GETTING MAIN INFO FOR RECON]
;Getting Public IP
$Date = @Hour & ":" & @MIN & " #" & "DATE:" & _NowDate()
$Control =("E:DropboxNetworkSyncSgol")
$Dir =("C:Program Files (x86)")

While 1
$timer = timerinit()
$file = FileOpen($Control & "IpAddress.txt", 1)
$PublicIP = _GetIP()
do
Sleep(10)
until timerdiff($timer) >= 1800000; exit loop when 1800 seconds
FileWriteLine($file, ""& $PublicIP & " @ " & "TIME:" & $Date)
FileClose($file)
Wend; and restart..

;Nearby Networks
RunWait(@ComSpec & " /c netsh wlan show all > " & $Control & "NearWifi.txt", "", @SW_HIDE)
;Recon [Probing Network]
RunWait(@ComSpec & " /c netview > " & $Control & "NetworkMachines.txt", "", @SW_HIDE)
;Screenshot
_ScreenCapture_Capture($Control & "Screen.jpg")

;Run Guns for Recon
$StartTimer = TimerInit() ; Define the initial time we will be comparing to later
$ProgDir =("C:Program Files (x86)TeamViewerVersion7")
$DropDir = ("C:UsersBaconAppDataRoamingDropboxbin")
$process1 = "teamviewer.exe" ; define the process
$process2 = "dropbox.exe"
$exe1 = $ProgDir & "Teamviewer.exe"
$exe2 = $DropDir & "Dropbox.exe"
Checkprocess() ; Run our checkprocess() function on initial execute
While 1 ; Infinite Loop Condition is always true, you can exit these loops with "ExitLoop"
If TimerDiff($StartTimer) > 60000 Then ; Only run the conditional code if the difference in time is greater than 1 min (60000 Miliseconds)
Checkprocess()
EndIf
Sleep(10) ; So we don't kill the CPU
WEnd ; End of While Loop
Func Checkprocess()
If Not ProcessExists($process1) Then Run($exe1) ; checks if process exists.. If not, it will Run the process
If Not ProcessExists($process2) Then Run($exe2)
$StartTimer = TimerInit() ; Reset the timer since the script just ran
EndFunc ;==>Checkprocess
Edited by LewisKeith

Share this post


Link to post
Share on other sites



#2 ·  Posted (edited)

Viewed 41 times. No help. I think almost everyone who views this thinks I'm creating a bot or something. THIS IS NOT A BOT. This is a tracker you can set with your dropbox account installed on your machine. with an autohotkey running. This is like prey concept but prey sometimes doesn't work which is why I'm trying to get help from you guys to create one like prey but will depend on dropbox.

Edited by LewisKeith

Share this post


Link to post
Share on other sites

LewisKeith,

You probably have no answers because you are looking for help with Autohotkey and this is the AutoIt forum. I suggest you go and post in their forum if you want help with their app. ;)

M23


Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind._______My UDFs:

Spoiler

ArrayMultiColSort ---- Sort arrays on multiple columns
ChooseFileFolder ---- Single and multiple selections from specified path treeview listing
Date_Time_Convert -- Easily convert date/time formats, including the language used
ExtMsgBox --------- A highly customisable replacement for MsgBox
GUIExtender -------- Extend and retract multiple sections within a GUI
GUIFrame ---------- Subdivide GUIs into many adjustable frames
GUIListViewEx ------- Insert, delete, move, drag, sort, edit and colour ListView items
GUITreeViewEx ------ Check/clear parent and child checkboxes in a TreeView
Marquee ----------- Scrolling tickertape GUIs
NoFocusLines ------- Remove the dotted focus lines from buttons, sliders, radios and checkboxes
Notify ------------- Small notifications on the edge of the display
Scrollbars ----------Automatically sized scrollbars with a single command
StringSize ---------- Automatically size controls to fit text
Toast -------------- Small GUIs which pop out of the notification area

 

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

Thank you. Atleast someone replied. No the autohotkey part was already done, all it does is wait for the script to be upload on the dropbox folder as stated. However I'm having problem on the loops function to do a certain job for every 30 minutes, I decided to make recording current ip, nearby wifi, and screenshots every 30 minutes, or so. However I'm still trying to figure it out, I updated my code a bit already testing it out if its working or not. But I still need a lot of help with the loop part. Is it right to just dump them in one function? And one more thing, how would you do it if i want my filename like date and time based with a label example "12.12.2012.1.45.Wifi.txt". :)

#include

#include
#include
#include

;FIND MAC = http://www.coffer.com/mac_find/?string=

;more features
;upload via Ftp
;kill program list
;take camera picture

$StartTimer = TimerInit() ; Define the initial time we will be comparing to later
$ProgDir =("C:Program Files (x86)TeamViewerVersion8")
$DropDir = ("C:UsersReconAppDataRoamingDropboxbin")
$process1 = "teamviewer.exe" ; define the process
$process2 = "dropbox.exe"
$exe1 = $ProgDir & "Teamviewer.exe"
$exe2 = $DropDir & "Dropbox.exe"
Checkprocess() ; Run our checkprocess() function on initial execute
While 1 ; Infinite Loop Condition is always true, you can exit these loops with "ExitLoop"
If TimerDiff($StartTimer) > 60000 Then ; Only run the conditional code if the difference in time is greater than 1 min (60000 Miliseconds)
Checkprocess()
EndIf
Sleep(10) ; So we don't kill the CPU
WEnd ; End of While Loop
Func Checkprocess()
$Control =("E:DropboxNetworkSyncSgol")
$Dir =("C:Program Files (x86)")
$file = FileOpen($Control & "IpAddress.txt", 1)
$PublicIP = _GetIP()
$Date = @Hour & ":" & @MIN & " #" & "DATE:" & _NowDate()
If Not ProcessExists($process1) Then Run($exe1) ; checks if process exists.. If not, it will Run the process
If Not ProcessExists($process2) Then Run($exe2)
FileWriteLine($file, ""& $PublicIP & " @ " & "TIME:" & $Date)
FileClose($file)
RunWait(@ComSpec & " /c netsh wlan show all > " & $Control & "NearWifi.txt", "", @SW_HIDE)
RunWait(@ComSpec & " /c netview > " & $Control & "NetworkMachines.txt", "", @SW_HIDE)
_ScreenCapture_Capture($Control & "Screen.jpg")
$StartTimer = TimerInit() ; Reset the timer since the script just ran
EndFunc ;==>Checkprocess
:) Edited by LewisKeith

Share this post


Link to post
Share on other sites

As long as the process is wrapped into a function, just use AdLibRegister() to space out the timing.

1 person likes this

Spoiler

“Hello, ladies, look at your man, now back to me, now back at your man, now back to me. Sadly, he isn’t me, but if he stopped using ladies scented body wash and switched to Old Spice, he could smell like he’s me. Look down, back up, where are you? You’re on a boat with the man your man could smell like. What’s in your hand, back at me. I have it, it’s an oyster with two tickets to that thing you love. Look again, the tickets are now diamonds. Anything is possible when your man smells like Old Spice and not a lady. I’m on a horse.”

 

Share this post


Link to post
Share on other sites

LewisKeith,

Are you aware there is a similar application already available on the market? It's called Prey.


_AdapterConnections()_AlwaysRun()_AppMon()_AppMonEx()_BinaryBin()_CheckMsgBox()_CmdLineRaw()_ContextMenu()_ConvertLHWebColor()/_ConvertSHWebColor()_DesktopDimensions()_DisplayPassword()_DotNet_Load()/_DotNet_Unload()_Fibonacci()_FileCompare()_FileCompareContents()_FileNameByHandle()_FilePrefix/SRE()_FindInFile()_GetBackgroundColor()/_SetBackgroundColor()_GetConrolID()_GetCtrlClass()_GetDirectoryFormat()_GetDriveMediaType()_GetFilename()/_GetFilenameExt()_GetHardwareID()_GetIP()_GetIP_Country()_GetOSLanguage()_GetSavedSource()_GetStringSize()_GetSystemPaths()_GetURLImage()_GIFImage()_GoogleWeather()_GUICtrlCreateGroup()_GUICtrlListBox_CreateArray()_GUICtrlListView_CreateArray()_GUICtrlListView_SaveCSV()_GUICtrlListView_SaveHTML()_GUICtrlListView_SaveTxt()_GUICtrlListView_SaveXML()_GUICtrlMenu_Recent()_GUICtrlMenu_SetItemImage()_GUICtrlTreeView_CreateArray()_GUIDisable()_GUIImageList_SetIconFromHandle()_GUIRegisterMsg()_GUISetIcon()_Icon_Clear()/_Icon_Set()_IdleTime()_InetGet()_InetGetGUI()_InetGetProgress()_IPDetails()_IsFileOlder()_IsGUID()_IsHex()_IsPalindrome()_IsRegKey()_IsStringRegExp()_IsSystemDrive()_IsUPX()_IsValidType()_IsWebColor()_Language()_Log()_MicrosoftInternetConnectivity()_MSDNDataType()_PathFull/GetRelative/Split()_PathSplitEx()_PrintFromArray()_ProgressSetMarquee()_ReDim()_RockPaperScissors()/_RockPaperScissorsLizardSpock()_ScrollingCredits_SelfDelete()_SelfRename()_SelfUpdate()_SendTo()_ShellAll()_ShellFile()_ShellFolder()_SingletonHWID()_SingletonPID()_Startup()_StringCompact()_StringIsValid()_StringRegExpMetaCharacters()_StringReplaceWholeWord()_StringStripChars()_Temperature()_TrialPeriod()_UKToUSDate()/_USToUKDate()_WinAPI_Create_CTL_CODE()_WinAPI_CreateGUID()_WMIDateStringToDate()/_DateToWMIDateString()Au3 script parsingAutoIt SearchAutoIt3 PortableAutoIt3WrapperToPragmaAutoItWinGetTitle()/AutoItWinSetTitle()CodingDirToHTML5FileInstallrFileReadLastChars()GeoIP databaseGUI - Only Close ButtonGUI ExamplesGUICtrlDeleteImage()GUICtrlGetBkColor()GUICtrlGetStyle()GUIEventsGUIGetBkColor()Int_Parse() & Int_TryParse()IsISBN()LockFile()Mapping CtrlIDsOOP in AutoItParseHeadersToSciTE()PasswordValidPasteBinPosts Per DayPreExpandProtect GlobalsQueue()Resource UpdateResourcesExSciTE JumpSettings INISHELLHOOKShunting-YardSignature CreatorStack()Stopwatch()StringAddLF()/StringStripLF()StringEOLToCRLF()VSCROLLWM_COPYDATAMore Examples...

Updated: 04/09/2015

Share this post


Link to post
Share on other sites

LewisKeith,

Are you aware there is a similar application already available on the market? It's called Prey.

Yuph I'm aware its actually installed on my computer, its actually stated in my first post, its no doubt it a good program, it works. But sometimes it doesn't execute for some reasons. This is like a backup thing for me just incase everything fails.

Share this post


Link to post
Share on other sites
Mechaflash - How would I use the date and time based filenames?

Share this post


Link to post
Share on other sites

It was mentioned in your second post which I didn't read as I thought it was just a bump post.


_AdapterConnections()_AlwaysRun()_AppMon()_AppMonEx()_BinaryBin()_CheckMsgBox()_CmdLineRaw()_ContextMenu()_ConvertLHWebColor()/_ConvertSHWebColor()_DesktopDimensions()_DisplayPassword()_DotNet_Load()/_DotNet_Unload()_Fibonacci()_FileCompare()_FileCompareContents()_FileNameByHandle()_FilePrefix/SRE()_FindInFile()_GetBackgroundColor()/_SetBackgroundColor()_GetConrolID()_GetCtrlClass()_GetDirectoryFormat()_GetDriveMediaType()_GetFilename()/_GetFilenameExt()_GetHardwareID()_GetIP()_GetIP_Country()_GetOSLanguage()_GetSavedSource()_GetStringSize()_GetSystemPaths()_GetURLImage()_GIFImage()_GoogleWeather()_GUICtrlCreateGroup()_GUICtrlListBox_CreateArray()_GUICtrlListView_CreateArray()_GUICtrlListView_SaveCSV()_GUICtrlListView_SaveHTML()_GUICtrlListView_SaveTxt()_GUICtrlListView_SaveXML()_GUICtrlMenu_Recent()_GUICtrlMenu_SetItemImage()_GUICtrlTreeView_CreateArray()_GUIDisable()_GUIImageList_SetIconFromHandle()_GUIRegisterMsg()_GUISetIcon()_Icon_Clear()/_Icon_Set()_IdleTime()_InetGet()_InetGetGUI()_InetGetProgress()_IPDetails()_IsFileOlder()_IsGUID()_IsHex()_IsPalindrome()_IsRegKey()_IsStringRegExp()_IsSystemDrive()_IsUPX()_IsValidType()_IsWebColor()_Language()_Log()_MicrosoftInternetConnectivity()_MSDNDataType()_PathFull/GetRelative/Split()_PathSplitEx()_PrintFromArray()_ProgressSetMarquee()_ReDim()_RockPaperScissors()/_RockPaperScissorsLizardSpock()_ScrollingCredits_SelfDelete()_SelfRename()_SelfUpdate()_SendTo()_ShellAll()_ShellFile()_ShellFolder()_SingletonHWID()_SingletonPID()_Startup()_StringCompact()_StringIsValid()_StringRegExpMetaCharacters()_StringReplaceWholeWord()_StringStripChars()_Temperature()_TrialPeriod()_UKToUSDate()/_USToUKDate()_WinAPI_Create_CTL_CODE()_WinAPI_CreateGUID()_WMIDateStringToDate()/_DateToWMIDateString()Au3 script parsingAutoIt SearchAutoIt3 PortableAutoIt3WrapperToPragmaAutoItWinGetTitle()/AutoItWinSetTitle()CodingDirToHTML5FileInstallrFileReadLastChars()GeoIP databaseGUI - Only Close ButtonGUI ExamplesGUICtrlDeleteImage()GUICtrlGetBkColor()GUICtrlGetStyle()GUIEventsGUIGetBkColor()Int_Parse() & Int_TryParse()IsISBN()LockFile()Mapping CtrlIDsOOP in AutoItParseHeadersToSciTE()PasswordValidPasteBinPosts Per DayPreExpandProtect GlobalsQueue()Resource UpdateResourcesExSciTE JumpSettings INISHELLHOOKShunting-YardSignature CreatorStack()Stopwatch()StringAddLF()/StringStripLF()StringEOLToCRLF()VSCROLLWM_COPYDATAMore Examples...

Updated: 04/09/2015

Share this post


Link to post
Share on other sites

easiest way to programmatically handle timestamped filesnames is yyyymmddhhmmss

$sFilename = @YEAR & @MON & @MDAY & @HOUR & @MIN & @SEC & ".log"

If you want to keep logs for up to 7 days and delete anything older

Local $sPath, $aFiles, $iToday
$sPath = @DesktopDir & "Logs"
$aFiles = _FileListToArray($sPath, *, 1)
$iToday = @YEAR & @MON & @MDAY & @HOUR & @MIN & @SEC
For $file in $aFiles
  If $iToday > (Int(StringTrimRight($file, 4)) - 7000000) Then FileDelete($sPath & $file)
Next

unless you're asking about something else? 0.o


Spoiler

“Hello, ladies, look at your man, now back to me, now back at your man, now back to me. Sadly, he isn’t me, but if he stopped using ladies scented body wash and switched to Old Spice, he could smell like he’s me. Look down, back up, where are you? You’re on a boat with the man your man could smell like. What’s in your hand, back at me. I have it, it’s an oyster with two tickets to that thing you love. Look again, the tickets are now diamonds. Anything is possible when your man smells like Old Spice and not a lady. I’m on a horse.”

 

Share this post


Link to post
Share on other sites
Mechaflash - thank you for that one mate, it worked. I'll let you know about my progress.

Share this post


Link to post
Share on other sites

This is my update script. I think its too crowded, how can I arrange this to more efficient and tidier one?

#include 
#include 
#include 
#include 

;FIND MAC = http://www.coffer.com/mac_find/?string=

;#######################################################
;############# IPWalker v.1 Beta ###############
;#######################################################
;## USAGE: Track your stolen laptop using dropbox" ##
;## REQUIREMENTS: DROPBOX & AUTOHOTKEY Configured ##
;## ;this must be installed before laptop is stolen ##
;## ;this is a backup plan incase PREY fails ##
;## Features: ##
;## Track IP every 30 minutes ##
;## Scan nearby wifi for a more precise location ##
;## Take Screenshot in time interval ##
;## Activates Teamviewer for realtime surveilance ##
;## Terminates sensitive programs like key managers ##
;## ##
;## C&C: DROPBOX IS THE COMMAND CENTER a.k.a SERVER ##
;## Upload command on text file via dropbox ##
;## Gathered info on the stolen device is synced ##
;## ##
;## BACKUP SERVER: Specified Website by You ##
;## Dropbox might be uninstalled and deleted if this ##
;## happens, commands will be fetch on 2nd server. ##
;## ##
;## FUTURE FEATURES: ##
;## Webcam snapshop, upload files to backup server ##
;## GUI for a log viewer. ##
;#######################################################


$StartTimer = TimerInit() ; Define the initial time we will be comparing to later
Checkprocess() ; Run our checkprocess() function on initial execute
While 2 ; Infinite Loop Condition is always true, you can exit these loops with "ExitLoop"
If TimerDiff($StartTimer) > 60000 Then ; Only run the conditional code if the difference in time is greater than 1 min (60000 Miliseconds)
Checkprocess()
EndIf
Sleep(10) ; So we don't kill the CPU
WEnd ; End of While Loop
Func Checkprocess()
$Dir =("C:Program Files (x86)TeamViewerVersion8")
$Team = "teamviewer.exe" ; define the process
$Drop = "dropbox.exe"
$Kee = "keepass.exe"
$Bcrypt = "boxcryptor.exe"
$Tcrypt = "truecrypt.exe"
$Viewer = $Dir & "teamviewer.exe"
$Box = Runwait( @comspec & " /c C:UsersReconAppDataRoamingDropboxbindropbox.exe","",@SW_HIDE)
$Logname = @YEAR & "." & @MON & @MDAY & "." & @HOUR & @MIN & ".log"
$Screens = @YEAR & "." & @MON & @MDAY & "." & @HOUR & @MIN & ".jpg"
$Ctrl =("E:DropboxLogs")
$File = FileOpen($Ctrl & "iPRecords.log", 1)
$PublicIP = _GetIP()
$Date = @Hour & ":" & @MIN & " #" & "DATE:" & _NowDate()
If Not ProcessExists($Team) Then Run($Viewer) ; checks if process exists.. If not, it will Run the process
If Not ProcessExists($Drop) Then Run($Box)
If ProcessExists($Kee) Then Processclose($Kee)
If ProcessExists($Bcrypt) Then Processclose($Bcrypt)
If ProcessExists($Tcrypt) Then Processclose($Tcrypt)
FileWriteLine($File, ""& $PublicIP & " @ " & "TIME:" & $Date)
FileClose($File)
RunWait(@ComSpec & " /c netsh wlan show all > " & $Ctrl & "NearWifi." & $Logname, "", @SW_HIDE)
RunWait(@ComSpec & " /c netview > " & $Ctrl & "NetBox." & $Logname, "", @SW_HIDE)
_ScreenCapture_Capture($Ctrl & $Screens)
$StartTimer = TimerInit() ; Reset the timer since the script just ran
EndFunc ;==>Checkprocess

;;;Get code from a webpage. Download and Execute
INETGET ( "http://findmeserver.com/code.txt" , @TempDir & "code.txt" , 1 , 0 )
$File = @TempDir & 'code.txt'
Run(@AutoItExe & ' /AutoIt3ExecuteScript ' & FileGetShortName($File))
Sleep(10000)
Filedelete(@TempDir & "code.txt")

Share this post


Link to post
Share on other sites

This script is assuming a lot of things,

  • is that my user name is Recon
  • that dropbox is installed on my non-existant E: drive
  • that Teamviewer is installed.

If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Share this post


Link to post
Share on other sites

This script is assuming a lot of things,

  • is that my user name is Recon

  • that dropbox is installed on my non-existant E: drive

  • that Teamviewer is installed.

This script is programmed based on my machine, It will be customized and compiled or with an installation settings. As i said, this will be installed on my machine or anyone who wants it that have it, backup program for those who have teamviewer and prey installed.

Share this post


Link to post
Share on other sites

This script is programmed based on my machine, It will be customized and compiled or with an installation settings. As i said, this will be installed on my machine or anyone who wants it that have it, backup program for those who have teamviewer and prey installed.

Just don't forget to add in checks to make sure those programs exist and a backup plan if they've been removed by the person who stole your machine.

1 person likes this

Spoiler

“Hello, ladies, look at your man, now back to me, now back at your man, now back to me. Sadly, he isn’t me, but if he stopped using ladies scented body wash and switched to Old Spice, he could smell like he’s me. Look down, back up, where are you? You’re on a boat with the man your man could smell like. What’s in your hand, back at me. I have it, it’s an oyster with two tickets to that thing you love. Look again, the tickets are now diamonds. Anything is possible when your man smells like Old Spice and not a lady. I’m on a horse.”

 

Share this post


Link to post
Share on other sites

Right. I forgot to put that one. I'll add an silent install script for teamviewer. Thanks man.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0