KDSniffer

a simple sniffer for event keyboard and screen desktop x11, this demon it is divided into two pieces:

bin/sniffer

(to be placed on the machine to sniff)

and

bin/receive

(this piece is not mandatory, it can need if you want to capture remote sniffer, via a vpn or as shown in the example below with a raspberry via USB otg.)

a example use with raspberry pi zero otg usb and client pc:

connect your pi-zero via USB to PC you want to monitor.

PC(sniffer) <---> ZERO(receive)

run the receive on the pi-zero and run sniffer on PC, sniffer it takes care of sending all the keyboard info to the receive.

usb otg pi-zero:

configure otg usb network on pi-zero:
edit /boot/config.txt
and add: dtoverlay=dwc2
edit /boot/cmdline.txt
and add: modules-load=dwc2,g_ether

assign static ip on pi-zero:

allow-hotplug usb0

iface usb0 inet static

        address 192.168.7.2

        netmask 255.255.255.0

        network 192.168.7.0

        broadcast 192.168.7.255

        gateway 192.168.7.1

screen sniffig:


for disable X11 capture screen edit Makefile and change value variable NO_X11=0
Example use receive and sniffer:

server receive event keyboard from sniffer

./bin/receive 11999

with network receive, sniffig keyboard by input event and capture display X11

sudo ./bin/sniffer /dev/input/event0 192.168.7.2 11999 :0.0

without network receive sniffig keyboard by input event and capture display X11

sudo ./bin/sniffer /dev/input/event0 0 0 :0.0

without x11 capture (only compile with NO_X11=0)

sudo ./bin/sniffer /dev/input/by-path/pci-0000\:00\:14.0-usb-0\:7\:1.0-event-kbd 127.0.0.1 11999

if client side ifconfig does not return USB device, try with:
ip address show
ip link set usb0 up
ifconfig usb0 192.168.7.10