How To Make a Simple XSS Keylogger?

What Is a Keylogger? 

A keylogger (also known as a keystroke logger and keylogging software) is a tool that records all keystrokes used by the monitored user. Nowadays, there’ a variety of ways to record keys pressed on the target device. In particular, you can catch one’s keystrokes with one of the following tools:

1. hardware keyloggers;
2. program keyloggers;
3. acoustic keyloggers;
4. XSS keyloggers.

In this article, I’m going to tell you a bit about each type of keylogger and to show you how a typical XSS keylogger works. The article is mostly based on Geeksforgeeks, DZone, and Spyrix blog articles and is written especially for HackerNoon. 

Hardware Keyloggers

A hardware keylogger is a kind of device connected somewhere in between the target computer and its keyboard. Modern hardware keyloggers are so tiny that the end user can’t notice them. Such a tool doesn’t require any special software and starts recording keystrokes as soon as it’s attached to the monitored device. You even don’t need to turn on your computer to start tracking user activities. Hardware keyloggers can work for an unlimited period of time since they don’t need any additional power source. However, they usually record a limited number of keystrokes, meaning that you should access them when there is not enough memory to capture new activities. 

Software Keyloggers

A program keylogger was initially designed to record keystrokes like hardware solutions. But now they are more complex and offer many additional features. For instance, they can be used to capture mouse clicks, screenshots, clipboard events, chats in social networks, emails, multimedia files, USB and printer usage, and more.

In other words, program keyloggers can record any kind of user activity. As a rule, such keyloggers should be installed manually on the target device but sometimes they can be even installed remotely by entering the user’s credentials (many iPhone keyloggers work in this way) or sending a malicious file via an email, etc. 

Program keyloggers support remote log delivery, providing you with the recorded data wherever you’re located. Keystrokes are usually stored in a small folder on the target device and then are provided to you via email, FTP, LAN, or online account. Software keyloggers are invisible to the user since they offer a hidden mode and are undetectable by anti-virus software. Creating your own software keylogger is pretty simple and doesn’t require any special knowledge except С# and Win32API. 

Acoustic Keyloggers 

Acoustic keyloggers are used to record sound a keyboard makes when every key is pressed by the end user. According to various research, every key produces a subtly different sound when struck. Further, each keystroke sound is analyzed and identified with the pressed key. This monitoring method isn’t widely used because it’s not convenient and is rather time-consuming. 

XSS Keylogger

XSS Keylogger is a simple way to record a webpage visitor’s data. It’s used to record one’s passwords, to capture private messages, and to leak personal information. In most cases, intruders steal cookie session to identify the target user. However, sometimes the cookie session isn’t enough and an intruder may need to know what keys the website’s visitor presses.

• HTTP only cookie;
• non-session based authentication;
• a password necessary for activities with higher privileges.

Creating Your Own XSS Keylogger

Below you can see a Javascript keylogger. This keylogger stores all keystrokes with timestamps in the array and sends them to the server controlled by a hacker via HTTP every 2 hundred milliseconds. 

If you want to test this keylogger on a PHP server, use the following code:

This tutorial is a simple example of what you can record with Javascript backdoor. It’s also possible to record mouse movements and clicks and a DOM element and to view the recorded data in live mode.

Image source: Pexels