Skip to content

matgrioni/keylogger

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

79 Commits

log

log

 
 

.DS_Store

.DS_Store

 
 

.gitignore

.gitignore

 
 

Makefile

Makefile

 
 

README.md

README.md

 
 

client.c

client.c

 
 

client.h

client.h

 
 

config.c

config.c

 
 

config.h

config.h

 
 

ghost.c

ghost.c

 
 

http.c

http.c

 
 

http.h

http.h

 
 

install-dev.sh

install-dev.sh

 
 

install.sh

install.sh

 
 

ip.c

ip.c

 
 

ip.h

ip.h

 
 

key_util.c

key_util.c

 
 

key_util.h

key_util.h

 
 

keylogger.sh

keylogger.sh

 
 

main.c

main.c

 
 

process.c

process.c

 
 

process.h

process.h

 
 

server.c

server.c

 
 

timed_logger.c

timed_logger.c

 
 

timed_logger.h

timed_logger.h

 
 

uninstall.sh

uninstall.sh

 
 

util.h

util.h

 
 

Repository files navigation

Keylogger

This is a keylogger and network sniffer created for malware purposes for the Final Project of the Systems II course at OSU during Autumn 16. This malware consists of a client-side program and a server-side program. The client-side program is to be installed on the victim's computer and will then automatically run on startup. The client-side program has two processes: main and ghost. main does all the network sniffing and keylogging, and ghost is there simply to keep main running. If the victim discovers main and kills it, ghost will start it up, and vice versa. Only on identifying both processes can the victim completely stop the malware.

Install

To install the keylogger there is a bash script, install.sh which prompts to install the needed dependencies, makes the source, and moves the startup script, keylogger.sh to /etc/init.d/ and registers it with update-rc.d. Further, the startup script creates the program in /.keylogger. Run the following command to install:

sudo ./install.sh

Note however, that if you are going to be testing on your own system this is not preferred. Instead use the install-dev.sh install script.

Uninstall

To uninstall the keylogger, run the bash script, uninstall.sh which deletes the folder /.keylogger and removes the startup script from /etc/init./d and removes it with update-rc.d. Run the following command to uninstall:

sudo ./uninstall.sh

Use

After running the install script, the keylogger should start automatically on each subsequent bootup of the system. Note that if ./server is not run before hand, the keylogger, will not reconnect later. Therefore, if you wish to capture the victim's data, make sure there is a server program running before the victim starts their computer. If you are testing on your system, then run the following commands to start the keylogger:

cd /.keylogger
sudo ./server &
sudo ./main &

This will start the server and the main keylogging process.

Notes

  • Make sure before hand that the client.c code has the ip address you want to send the information to, which will be where the server is running.
  • server will save two log files every three minutes in the folder in which it is running called keylog_received.txt and network_received.txt.
  • server does not have to be run from /.keylogger' or with sudo` access. The binary can stand on its own.

Notes

This has only been tested with Ubuntu 16.04.

-- Matias Grioni and John Siracusa

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages