From 9eeb3dc143c3f32a0b5d733ee7a6b5538e0c5942 Mon Sep 17 00:00:00 2001
From: William Webb <william_webb@rapid7.com>
Date: Fri, 23 Jun 2017 13:11:12 -0500
Subject: [PATCH] use typical command option and TLV scheme instead of dumb
 stuff for keyscan_start

---
 .../post/meterpreter/extensions/stdapi/tlv.rb |  1 +
 .../post/meterpreter/extensions/stdapi/ui.rb  |  3 ++-
 .../console/command_dispatcher/stdapi/ui.rb   | 23 +++++++++++++++----
 3 files changed, 22 insertions(+), 5 deletions(-)

diff --git a/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb b/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb
index 2fdf369508..65f042c61c 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb
@@ -201,6 +201,7 @@ TLV_TYPE_DESKTOP_SCREENSHOT_PE32DLL_LENGTH = TLV_META_TYPE_UINT   | 3009
 TLV_TYPE_DESKTOP_SCREENSHOT_PE32DLL_BUFFER = TLV_META_TYPE_STRING | 3010
 TLV_TYPE_DESKTOP_SCREENSHOT_PE64DLL_LENGTH = TLV_META_TYPE_UINT   | 3011
 TLV_TYPE_DESKTOP_SCREENSHOT_PE64DLL_BUFFER = TLV_META_TYPE_STRING | 3012
+TLV_TYPE_KEYSCAN_TRACK_ACTIVE_WINDOW       = TLV_META_TYPE_BOOL   | 3013
 
 ##
 #
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/ui.rb b/lib/rex/post/meterpreter/extensions/stdapi/ui.rb
index 97c6e729f0..d5ab24fe50 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/ui.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/ui.rb
@@ -207,8 +207,9 @@ class UI < Rex::Post::UI
   #
   # Start the keyboard sniffer
   #
-  def keyscan_start
+  def keyscan_start(trackwindow=false)
     request  = Packet.create_request('stdapi_ui_start_keyscan')
+    request.add_tlv( TLV_TYPE_KEYSCAN_TRACK_ACTIVE_WINDOW, trackwindow )
     response = client.send_request(request)
     return true
   end
diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb
index dd7a2de892..818d7ee290 100644
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb
@@ -281,8 +281,22 @@ class Console::CommandDispatcher::Stdapi::Ui
   # Start the keyboard sniffer
   #
   def cmd_keyscan_start(*args)
-    print_line("Starting the keystroke sniffer...")
-    client.ui.keyscan_start
+    trackwin = false
+
+    keyscan_opts = Rex::Parser::Arguments.new(
+      "-v" => [ false, "Verbose logging: tracks the current active window" ]
+    )
+
+    keyscan_opts.parse( args ) { | opt |
+      case opt
+       when "-v"
+        print_line("Verbose logging selected ...")
+        trackwin = true
+       end
+    }
+
+    print_line("Starting the keystroke sniffer ...")
+    client.ui.keyscan_start(trackwin)
     return true
   end
 
@@ -301,8 +315,9 @@ class Console::CommandDispatcher::Stdapi::Ui
   def cmd_keyscan_dump(*args)
     print_line("Dumping captured keystrokes...")
     data = client.ui.keyscan_dump
-    print_line(data)
-
+    print_line(data + "\n")      # the additional newline is to keep the resulting output
+                                 # from crowding the Meterpreter command prompt, which
+                                 # is visually frustrating without color
     return true
   end