Basic keylogger
Hey guys,
I'm trying to write the coding for a basic keylogger, not sure where to start and how to end. I'm not looking for someone to send the code itself, im interested in learning how to create one myself and how to protect against them for the future….I had a few questions im hoping I could get help with…
1.) Would java be one of the easiest language to use?
2.) in addition to rooting, is there any other large steps required for a keylogger…backdoors, IP, etc?
3.) Would anyone recommend i make a .bat, or any other type of file for easier use?
Thats basically it, im definatly not asking for the code just a place to start, i got it from there :)
Google or articles on this site for your introductory learning as far as how to implement a keylogger. Ask FantASM for more info once he's on later this week.
-
Someone correct me if i'm wrong, but C, C++, or some ASP derivative would probably be in your best interest for ease of MS system calls and integration-wise.
-
You've got to be able to access the data collected by said keylogger somehow. Be it by some form of message to your box or entering into the system to collect it, this is something you must decide upon yourself.
-
nanananananananananananana .Bat man.
[EDIT]: I'm assuming you mean for a windows box. As far as linux goes, never looked into it.
dopeboimag1k wrote: [quote] 1.) Would java be one of the easiest language to use?
I could be wrong but I think, for security reasons, that it's not possible to capture keystrokes outside of a Java application. If you like Java though, you could write it in C# because they are extremely similar.[/quote] I believe this is true, since Java-code is executed in the sandbox of the JavaVM, it is nearly impossible to make it stealth and to interact with the rest of the computer.
C# could be a possible language. But be warned, C# and other .NET languages are very easy to decompile. In fact, I agree with Arabian, plain C is probably the easiest/most solid choice.
2)You will need: -Logging the keys, and possible combinations (i.e., capturing SHIFT to know when capitals and symbols are typed instead of lower letters resp. numbers) -Sending the logged data(possibly encrypted) trough the internet to you. -Also, you possibly would like to make the program auto-run the next time the computer is started.
- .bats are easy, (and fun animals, but that aside B) ) but iirc they are easily tracked by virusscanners.
C# could be a possible language. But be warned, C# and other .NET languages are very easy to decompile. In fact, I agree with Arabian, plain C is probably the easiest/most solid choice.
I hadn't considered that.
If you don't have any problems writing it in C/C++, I would take a look at some code in the code bank. I haven't looked at it at all, but if it works as advertised, it would be a good place to start.
http://www.hellboundhackers.org/code/simple-keylogger-1760_cplusplus.html
It's C++ by the way.
in the defence portion of keylogging, without using overly prices anti spyware/malware/adware etc…is there any advice on where to begin on how to code a removal tool or a checker for something like this being used on computers in my network?
Thinking a very simple program just to check and show "dir" of where the keylogger may be in the computers under me. That could either be always on or just an easy "open, check, shows dir of logger, closes" type of thing.
i have a feeling that kind of sounds improbable but i have a small business under me and could use the help!
thanks again for the advice above! ^^ great help
1.) Would java be one of the easiest language to use? – if you can work out how to hook things outside the JVM, I would be very surprised. – the only way i know how to make a keylogger in Java is a really shit way to do it. because you need to have the applet/frame in focus to be able to recieve KeyEvents, what you do is continually set the applet as enabled/in focus. then you need a way to send the keyEvents to the acctual program the person thinks they are controlling.
i saw a PoC somewhere, but it was shit. don;t try and make a keylogger in java.
2.) in addition to rooting, is there any other large steps required for a keylogger…backdoors, IP, etc? by rooting, I am guessing you acctually mean infection? once you infect someone with your keylogger there are many step you can take. some more difficult then others. For example, you can disable AV's, hide keylogger from the process list, add to startup(basicly required).. and a few more advnced features (Something like polymorphic code would be interesting, and make it hard to detect).
the way most keyloggers work is it emails the logs to itself (for examle, gmail… they register an email address, and send the logs using code to the same email address).
This makes whaling possible.. I quite enjoy reverse engineering poorly made keyloggers and whaling all the logs. 5 minutes work to find a decent keylogger on youtube, as apposed to 2 weeks of work making a video and spreading yourself.
3.) Would anyone recommend i make a .bat, or any other type of file for easier use? yes a batch file will make things easier of you want to install things. look into the autorun feature on windows PC's. you can make a autoinstaller with a usb drive if the feature is turned on on the PC.
at the end of the day, all the information is out there. you didn't really need to post asking these questions as all the info is out there. learn to use google efficiently =P
have fun learning. keep it legal.
kaden wrote: 1.) Would java be one of the easiest language to use? – if you can work out how to hook things outside the JVM, I would be very surprised.
JNIEXPORT void JNICALL Java_ClassName_MethodName
(JNIEnv *env, jobject obj, jstring javaString)
{
const char *nativeString = env->GetStringUTFChars(javaString, 0);
//call void method struct
env->ReleaseStringUTFChars(javaString, nativeString);
}
//JNI poll methods
//C++ methods
but this also requires another syshook def.
Java's native interface would allow you to pull it off. Far beyond anything i assume OP can do, and still dependent on JVM.
kaden wrote: 1.) Would java be one of the easiest language to use? – if you can work out how to hook things outside the JVM, I would be very surprised. – the only way i know how to make a keylogger in Java is a really shit way to do it. because you need to have the applet/frame in focus to be able to recieve KeyEvents, what you do is continually set the applet as enabled/in focus. then you need a way to send the keyEvents to the acctual program the person thinks they are controlling.
i saw a PoC somewhere, but it was shit. don;t try and make a keylogger
That is interesting but I agree that would be a waste of time. Do you remember where you saw the proof of concept by any chance?
unfortunately it was a while ago and I cant remember where I found it.
All i remember was I was researching this for myself a while ago and stumbled uppon the source. I can't remember where it was.. >.>
At the end of the day it was pretty useless.. but I guess it was an interesting read.. if your really interested, look on google.. I had a quick search but i didn't find it… you may be more lucky =P
I ended up using C# because it is a lot like java, but if i was to redo it I wouldn't use a .NET language.
And that code snippet is interesting, but if i am needing to resort to a different language just to make it possible to use java… I may as well make the entire thing in the other language =P
As this has all been Windows talk, in Linux you can hook Xlib to grab keypresses. You can even do it in a language like Python, if you at all felt like it. (Although for python I'd recommend using the pyxhook wrapper lib).
Fairly straight forward, the documentation sucks for some languages' Xlib library, but the PoC's you can find on the internet cover what's happening pretty well.
Before coding your own Key logger, first try to know working of a Trojan Horse
http://thepiratebay.ee/torrent/5511840/Hackers_Trojan_Collection___Binders_-_%5BGuruFuel%5D (Prorat is pretty good)
Then start search coding for each module such as how to run a program background how to key log how to encrypt how to screen shot desktop and so on, there is a good article in HBH for key logging.
For detection: Download the source code of Calm AV. http://www.clamav.net/lang/en/download/
Try to know how it works. Best of luck:D
XpoZed wrote: [quote]FantASM wrote: Compile - De-compile (Reversing the compiled).
Does that make sense to you? Also, everyone with the IQ above room temperature here is aware that I know more about the JIT compiler and any thing low level related than anyone on this website.
You honestly have no clue what you are talking about, and I will stop debating that. If you like to have an own interpretation of definitions then, that honestly is not my problem, but then by definition you are already wrong. Thus, not worth debating.
Happy new year. I told you, you could actually learn something here… :| Anyways, live in your imaginary world.[/quote]
hahahahaha. Oh noobs ;)
FantASM wrote: [quote]XpoZed: Why did you not use JMP instead of RET? Me: No particular reason, would work though. XpoZed: Unfortunately, it wouldnt. Me: Because? XpoZed: It pushes a new value on the stack so app will crash. Me: JMP does not push anything on the stack, only CALL does that. Or rather; it pushes the address + call instruction on the stack. XpoZed: the address + call instruction will be buffer overflow.
LOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOL OLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLO LOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOL… /DEAD. [/quote] Game Over ;)
** FantASM ** plz DON'T show those logs. It would b insulting.
** XpoZed ** plz accept it u r wrong. Don't continue this argument.
Arabian wrote: my 'lolnoobs' was in regard to Xpozed btw Arabian will b Arabian :D
i think ** Hax4jew ** got his answer, about how to create a keylogger or whatever.
it would be good if this thread get lock