Hacking and Spying Using Keylogger [Hidden Threat]

CyberPunk Maintaining Access
Last Release: 03/18/2021     Last Commit: 02/23/2022
Hacking and Spying Using Keylogger [Hidden Threat]

Introduction

A keystroke logger, also known as Keylogger,  is a hardware device or program that allows us to track what other users type on their keyboards. Once installed on a system, Keylogger will has the capability to record every single keystroke made. Since Keyloggers don’t slow down computers and it’s very hard to detect/notice them (especially software-based keyloggers), they are one of the most well-known and feared cybersecurity threats.

We’ll explain everything that you need to know about Keyloggers (what they are, their types, how they work, list of available tools for different platforms, etc.). In the last section, we’ll show how to install simple Keylogger, to see it in action (for educational and pentesting purposes only). 

What is Keystroke logging [Keylogger]?

A Keylogger, known as keystroke logging or keylogging, is a hardware device or a software (mostly malicious) program that records/monitor almost all user inputs and user’s keyboard activities, including:

  • pressed keystrokes, visited websites, messages, e-mails, running programs, login credentials (usernames and passwords), credit-card numbers, bank accounts,  and much more.

Keyloggers are one of the most popular and used spying/hacking hardware/software. You can use them to monitor employees in your company, to track your children activities, to spy on your girlfriend or boyfriend, even for personal control to make sure no one is using your machine when you’re away. Of course, both hardware and software keyloggers have their advantages and disadvantages depending on its purpose and your goals.

Keylogger Features:

  • Keystrokes Logging and Clipboard Recording : Record all the key strokes, as well as any words and texts that are copied/pasted on the clipboard (or any other text and file editing program).
  • Web-camera recording and Screen Capture: It can periodically makes web-camera pictures and stores them to log file. In addition, there are screen shot which allows see what’s going on with the target machine without logging key strokes.
  • Program/App Tracking: Since all attempts to run any program can be logged, using it you will know which user has started running specific app or program in the machine.
  • They are easy to install, and we can set them for Automatic startup.
  • Websites Tracking: Able to record all the web activity, such as: website titles, clicked links, visited web-pages URLs, etc.
  • Email log delivery: It can send you recorded logs through e-mail delivery at set times.
  • FTP delivery: It can upload recorded logs through FTP delivery.
  • Time and Date tracking: It allows you to pinpoint the exact time and date for each received a keystroke.
  • Invisible mode: It’s absolutely invisible to anyone.
  • And so much more.

How Keylogger works?

Once keylogger is installed on a target system, we can configure it to start everytime when the computer turns on. After successful installation, the target system will be actively and constantly monitored.

Hardware Keylogger

Hardware Keylogger
KeyGrabber USB Nano

Hardware Keyloggers are widely used and can be connected between the keyboard and the input/output (I/O) on the computers hardware. Some of them can be implemented via BIOS-level firmware, but most of them are based on keyboard level.

Unlike software keyloggers, hardware keyloggers can be easily spotted, but it doesn’t require any driver and it’s compatible with all Linux and Windows OSs. There are plenty of them available for online purchase, but you can check out KeyGrabber USB, a well known and inexpensive hardware keylogger.

Software Keylogger

A Software Keylogger is a type of keylogging tool that needs to be directly or remotely installed on the target machine. It’s invisible to the victim’s eye, therefore he/she won’t even imagine that someone might be spying on their actions. There are two different types of software keyloggers:

  • kernel based (e.g program that hides itself in the operating system) and
  • user based (saves all keyboard strokes for all threads and saves them in file).

There are plenty of open-source, free and pro/paid software keyloggers available online. We’ll list some of them below.

Simple Open-source

Radium-Keylogger
BeeLogger
BlackCat Keylogger
Simple Keylogger

Well-known Linux-based

lkl
THC-vlogger
PyKeylogger
logkeys

OS X & Windows

Refog Free Keylogger
Spyrix Free Keylogger
 – Revealer Keylogger
Elite Keylogger

Simple Keylogger for Linux, Windows & OS X

Simple Keylogger is standard and cross-platform keylogger that records keystrokes and saves them in a log file. It’s open source, so you can freely improve its code to suits your needs.

To all “script kiddies”: This keylogger is open source and available on the GitHub, so we strongly advice you to review Simple Keylooger’s code before use. Download/Install it on your own risk!

Install

Linux

Clone the repo and navigate to the its directory:

$ git clone https://github.com/GiacomoLaw/Keylogger
$ cd keylogger

Then install it using pip:

$ pip install keylogger

Run it with the following:

$ keylogger --log-file keylogger.log

To make it run on startup:

$ sudo make startup

OS X

Clone the repo:

$ git clone https://github.com/GiacomoLaw/Keylogger
$ cd keylogger/mac

To install, run:

$ make && make install

Then set where you want it to log recorded keystrokes: 

$ keylogger ~/logfile.txt

To uninstall, run the following:

$ sudo make uninstall

For detailed installation instructions and additional info, click on the “documentation” button below.

Documentation Box
Download Box
Keystroke logginglinuxOS XPost-exploitation