Pure Python Code. Its able to decrypt and set the admin passwort from Perfect Keylogger 1.6.8.2 even if you dont know the old password.
PHP Code:
#! /usr/bin/python
# ~ Perfect Keylogger Admin Password Decrypt0r & Sett0r ~
# ~~JUST FOR FUN PROJECT! ~
# First of all:
# I DONT take ANY responsibility for this code.
# You use it by YOUR OWN RISK!
# If you NOT accept it delete this file now!
# If you accept it have fun and backup your pk.bin file before editing!
# [TARGET_INFO]
# Application : Perfect Keylogger Demo\Fullversion
# Version : Tested with version 1.6.8.2
# Vendor : BlazingTools - BlazingTools.com
# [SCRIPT_INFO]
# Autor : Iman Karim
# Date : 28. Jan. 2008
# E-Mail : iman.karim \x40 smail \x2E inf \x2E fh-bonn-rhein-sieg \x2E de
# Additional : Python OS Independent Code
# Greets : SenoRita, Invisible, Exorzist, Xplosive
# [HOWTO]
# 1. Close Perfect Keylogger (Terminate it or Exit it)
# Don't forget this step because PKL is rewriting the pk.bin OnExit.
# 2. Write down where the pk.bin file is located.
# Usually its on c:\program files\bpk\pk.bin
# Of corse you can copy the file at your favorite destination.
# But dont forget to copy it back to the location if you set a new password ;)
# 3. Run this script over the pk.bin
# See USAGE for more information about this step.
# 4. Enjoy to have back the control over your System :)
# [USAGE]
# ./pkl_tool.py (decrypt|encrypt) (/path/to/pk.bin) [new_password]
# Reallife examples:
#
# **On Linux:
# ./pkl_tool.py decrypt /home/jackd/pk.bin
# - This will try to extract and decrypt the AdminPassword from your pk.bin.
# ./pkl_tool.py encrypt /home/jackd/pk.bin "I AM ADMIN"
# - This will try to open the pk.bin file and change the password to "I AM ADMIN".
#
# **On Windows:
# c:\pythonpath\python.exe pkl_tool.py decrypt "c:\program files\bpk\pk.bin"
# - This will try to extract and decrypt the AdminPassword from your pk.bin.
# c:\pythonpath\python.exe pkl_tool.py encrypt "c:\program files\bpk\pk.bin" "I AM ADMIN"
# - This will try to open the pk.bin file and change the password to "I AM ADMIN".
import sys, os
def createTable():
table = []
table.append(0xA)
table.append(0xB)
table.append(0x8)
table.append(0x9)
table.append(0xE)
table.append(0xF)
table.append(0xC)
table.append(0xD)
table.append(0x2)
table.append(0x3)
table.append(0x0)
table.append(0x1)
table.append(0x6)
table.append(0x7)
table.append(0x4)
table.append(0x5)
for i in range(0, len(table)):
table.append(table[i] + 0x10)
ret = {}
num = 0
for i in range(32, 63 +1):
ret[chr(i)] = table[num] + 0x80
num += 1
num = 0
for i in range(64, 95 +1):
ret[chr(i)] = table[num] + 0xE0
num += 1
num = 0
for i in range(96, 127 +1):
ret[chr(i)] = table[num] + 0xC0
num += 1
return(ret)
table = createTable()
def Decrypt(Ascii):
for char, value in table.items():
if Ascii == value:
return(char)
print "Undecryptable Byte: %i" %(Ascii)
return("?")
def Encrypt(Char):
for char, value in table.items():
if Char == char:
return(chr(value))
print "Uhmm! You have a strange Char in your Password! Aborting!"
sys.exit(0)
def getFileObj(path):
try:
pkbin = open(path, "r+")
except:
print "Failed to open '%s'! Aborting." %path
sys.exit(0)
size = os.path.getsize(path)
if size != 4204:
print "Your pkl.bin have an invalid filesize! The File should have 4204 bytes but have %i! Aborting." %size
sys.exit(0)
print "File seems to be OK."
return(pkbin)
if len(sys.argv) >= 3:
cmd = sys.argv[1]
if cmd == "decrypt":
path = sys.argv[2]
print "Trying to open '%s' to extract and decrypt AdminPassword..." %path
pkbin = getFileObj(path)
pkbin.seek(1812)
byte = ""
pw = ""
while byte != 0xAA:
byte = ord(pkbin.read(1))
if byte != 0xAA:
pw += Decrypt(byte)
pkbin.close()
if pw != "":
print "Admin PW is: '%s'." %(pw)
else:
print "Password not found. However, it could mean that there is no Adminpassword set."
elif cmd == "encrypt":
path = sys.argv[2]
newpw = ""
if len(sys.argv) == 4:
newpw = sys.argv[3]
if len(newpw) >= 84:
print "Your password is too long! C'Mon choose a shorter password."
sys.exit(0)
else:
print "Invalid count of params."
print "If you want to set a new password you should provide one, shouldnt you? :)"
sys.exit(0)
print "Trying to open '%s' to write the AdminPassword '%s'..." %(path, newpw)
pkbin = getFileObj(path)
pkbin.seek(1812)
pw = ""
for char in newpw:
pw += Encrypt(char)
pw += chr(0xAA) * (84-len(pw))
pkbin.write(pw)
pkbin.close()
print "Operation Done. The new password should be set!"
else:
print "Invalid count of params!"
print "Open this script with a Texteditor for more Details."
Comment