About Keyloggers
)
About Keyloggers
Hi i am have been trying to look for resourses on the net on how to make you own keylogger in C and to put a emailer into it so does anyone know any links or resources to would be helpful
-
floodhound2
- ∑lectronic counselor
- Posts: 2117
- Joined: 03 Sep 2006, 16:00
- 17
- Location: 127.0.0.1
- Contact:
How advanced are you in "C"?
I would think that the program would be somewhat simple but you're gonna need to know something. I can help but don't want to promise too much. I am one of the guys with the short attention span and starts 50 projects only to finish 2.
Start out making some loop that records the key strokes then sends a that file to your email. I think sending the file to the email server to be slightly more complex than recording the keystrokes.
*side note* Glad to see you are willing to program in C, its great for electronics i.e. microprocessors.
Keep posting up in here and hell you will see what can happen.
I would think that the program would be somewhat simple but you're gonna need to know something. I can help but don't want to promise too much. I am one of the guys with the short attention span and starts 50 projects only to finish 2.
Start out making some loop that records the key strokes then sends a that file to your email. I think sending the file to the email server to be slightly more complex than recording the keystrokes.
*side note* Glad to see you are willing to program in C, its great for electronics i.e. microprocessors.
Keep posting up in here and hell you will see what can happen.
₣£ΘΘĐĦΘŮŇĐ
well i know the basics of C and everthing about it but C is a funny language there are many ways to write in it but the reason my i asked the question is because one by knowing how a keylogger works and and how to write one will also help me improve my knowledge of C its learning for me that why i asked for link and resource.
well what i want to find out is just a the many core code for a keylogger well i have a basic understand of how it work like
fx1 // logging fx
mk char buffer
opn fle put char (nth char)
clse fle
goto fx1
fx2 //send log to email
opn mail
attch file (from kylogger)
goto fx3
fx3 //mail server info
inpt mail server info
goto fx1
well something like that i know it more complex but i can learn it
if you have any ebooks it will be nice you maybe you can be a mentor in my way to creating it
i think by doing this i will learn a lot in C and also socket programing i think its called which is for the mailer.
well what i want to find out is just a the many core code for a keylogger well i have a basic understand of how it work like
fx1 // logging fx
mk char buffer
opn fle put char (nth char)
clse fle
goto fx1
fx2 //send log to email
opn mail
attch file (from kylogger)
goto fx3
fx3 //mail server info
inpt mail server info
goto fx1
well something like that i know it more complex but i can learn it
if you have any ebooks it will be nice you maybe you can be a mentor in my way to creating it
i think by doing this i will learn a lot in C and also socket programing i think its called which is for the mailer.
There are two ways to write a keylogger for Windows, that I know of.
The first, easy, stupid way that you should avoid, is calling GetAsyncKeyState in a loop(http://msdn.microsoft.com/en-us/library ... S.85).aspx), checking which keys have been pressed in between iterations. It's noisy and stupid.
The other, right way, which is still no where near undetectable, is using Windows Hooks.
You will want to call SetWindowsHookEx(http://msdn.microsoft.com/en-us/library ... S.85).aspx) with the first parameter as either WH_KEYBOARD_LL or WH_KEYBOARD. The first is a "low level keyboard hook" and the other is not.
I think the most often used one is the low level one, but I can't recall why. I used that one in my own code, anyway.
Just look those functions up, and it'll become apparent why you can use them for keyloggers.
The first, easy, stupid way that you should avoid, is calling GetAsyncKeyState in a loop(http://msdn.microsoft.com/en-us/library ... S.85).aspx), checking which keys have been pressed in between iterations. It's noisy and stupid.
The other, right way, which is still no where near undetectable, is using Windows Hooks.
You will want to call SetWindowsHookEx(http://msdn.microsoft.com/en-us/library ... S.85).aspx) with the first parameter as either WH_KEYBOARD_LL or WH_KEYBOARD. The first is a "low level keyboard hook" and the other is not.
I think the most often used one is the low level one, but I can't recall why. I used that one in my own code, anyway.
Just look those functions up, and it'll become apparent why you can use them for keyloggers.
Hi!
Icedane: Sorry to disagree with you, windows hooks are very easily detected (as you mentioned too). While API calls such as GetAsyncKeyState() and GetKeyState() are far more stealthier. I've tested them and thus speak from a little experience. With regards to 'noise' we can always have the process sleep a few milliseconds, enough to not take up too much memory and yet not miss key-strokes.
Heres a start:
http://www.rohitab.com/discuss/index.ph ... 4e1b8afd2c
Shabs.
Icedane: Sorry to disagree with you, windows hooks are very easily detected (as you mentioned too). While API calls such as GetAsyncKeyState() and GetKeyState() are far more stealthier. I've tested them and thus speak from a little experience. With regards to 'noise' we can always have the process sleep a few milliseconds, enough to not take up too much memory and yet not miss key-strokes.
Heres a start:
http://www.rohitab.com/discuss/index.ph ... 4e1b8afd2c
Shabs.
The thing about GetAsyncKeyState is that you are constantly polling it for the keyboard state. Even with a "few millisecond sleep", it's still noticeable.shabs wrote:Hi!
Icedane: Sorry to disagree with you, windows hooks are very easily detected (as you mentioned too). While API calls such as GetAsyncKeyState() and GetKeyState() are far more stealthier. I've tested them and thus speak from a little experience. With regards to 'noise' we can always have the process sleep a few milliseconds, enough to not take up too much memory and yet not miss key-strokes.
Heres a start:
http://www.rohitab.com/discuss/index.ph ... 4e1b8afd2c
Shabs.
You are right, though - hooks are very easily detected(I think debug hooks can do it), but even so, detecting GetAsyncKeyState only requires you to hook the function call in user32.dll.. It's a tad more complex and very resource heavy, and there might be easier way to do it somewhere closer to the kernel, but even so, polling a function repeatedly is never the right way to do anything.
But yes, it might be the better choice if you wanted to actually write something malicious, but for the learning experience(Which is what it should be about) hooks are the things you should be looking at.
-
hiper
- On the way to fame!
- Posts: 49
- Joined: 19 Jan 2009, 17:00
- 15
- Location: in front of my comp
- Contact:
here is a source exempel:
Code: Select all
http://www.irongeek.com/i.php?page=security/keyloggerCode: Select all
Purpose: a stealth (somewhat) key logger, writes to a log file then sends and email to whoever is set in the
#define options at compile time.
This code is for educational uses, don't be an ass hat with it.