Key Logger
Overview
A keylogger is a special type of software that captures keys pressed by the users and can record them to a file. In a normal situation when you're interacting with an application such as google chrome, the keys you type on the keyboard and the buttons you press get sent directly to the user. Whenever you click your mouse or press a key on the keyboard something called an event is raised in the background within the operating system. Built into windows is the ability to programmatically capture that event and perform some action. In the case of the keylogger that would be recording the key that was pressed before sending it to the destination application. In order to do this, we need to programmatically create something called a hook, specifically designed to capture all the key press events. Once an event has been raised that matches the parameter, such as a key down event will have the ability to perform some sort of action such as recording the key. All other events will be ignored.
Install
In order to follow along with this, visual studio code needs to be installed along with the .NETDesktop Development extension.
The source code will be available at my GitHub here. Also your windows antivirus might flag this as a trojan - because its doing it's job. Just make sure you allow it onto the device.
If you start running the code it will populate an exe which tracks your keystrokes.
Explanation of Variables
private const stringLOG_FILE_NAME = @"C:\ProgramData\mylog.txt";
The way this keylogger is made. As you type the text gets logged into text files. When the file size reaches 300 characters, the file gets archived and then sent to you in your email
I chose program data because normal users can write to this directory and it is fairly innocuous. The bytes can be adjusted to your liking.
Setting up Gmail
When setting up your Gmail you have to allow less secure applications.
This has to be on to allow the program to send emails on your Gmail's behalf.
Running Program in Background
To fix that, right click Project > Properties and change output type to windows application. Go to Build > Clean Solution > Build and run it. Now, even though the keylogger is running you don't have the key log screen. You can tell because when you go to the my log file the bytes increase with key
How to get the executable
Right click project and click "Open Folder in File Explore". From there, go to bin >Debug > mykeylogger01.
How to automatically run on Login.
You can use Task Scheduler for this.
From there go to Task Scheduler Library > Create a Task. The trigger would be "At logon" and the action would be start a program, then selectmykeylogger01.exe.
VirusTotal and Malware
This application can be considered malicious. It can be cost by Heuristics or Behavior analysis. If you go to Virustotal.com, you can upload this and the file will be ran. This will tell you whether the file is malicious or not.
