Click here to Skip to main content
Click here to Skip to main content

Tagged as

Go to top

SpyNet - An Application Specific Keylogger.

, 14 Nov 2008
Rate this:
Please Sign up or sign in to vote.
An Application Specific Keylogger.

Introduction

The Following Article is About Using Global Hooks and Code Injection to create an Application Specific keylogger.

Background

You must know basic C++. Windows Programming, Global Hooks (for dll injection). You Must know, what's a Keylogger?

Disclaimer

Though The program is well tested i have to include this disclaimer. By Executing/Compiling The Program you agree that The author nor the site hosting this article shall not be held responsible for any damages occurred due to the this program. This Program Comes with NO WARRANTY. USE AT YOUR OWN RISK!! If this scares you, you probably shouldn't run this Program. The Author Hereby disclaims himself. This article may not be re-published elsewhere without the permission of the author.

Using the code

Download the Binaries, Extract them into the same directory. Run the DllTester.exe, Hit Load.

Warning

Your Anti-Virus will (should) Flag This Application Hostile. To Test it you'll need to disable your AV. No Autorun capability has been added so to Clean your system perform a Cold Reboot. The Application has Malware Characteristics and IS Intended to Compromise Security. The Dll is Injected into Multiple Processes and may cause the system to slow down or de-stabilize. If This Scares You should Delete The Source Code and Binaries right now.

What The Code Does?

Most keyloggers log almost all keys typed including stuff you type while playing games,writing school report,etc mostly irrelevant stuff...

SpyNet Can be Configured to Log Only "Iexplore.exe", "Firefox.exe","Opera.exe", "msdev.exe", "ypager.exe",etc so you don't need to worry about other "useless" crap people type...
Only relevant information like Every Email, Login, Chat Session, etc will be logged.

You'll need to modify bits of the code to make it full-stealth...Just a Precaution to prevent abuse...

DLL injection

The Dll injection method is based of Ivo Ivanov's Code. A Million Thanks to Him. Search This Site For it.

Working

The Dll exports 2 Functions that return Boolean. (True on Success, False on Fail)

  1. InstallHook - Creates Callwnd Hook to Inject Ourselves into other Processes
  2. UninstallHook - Stops Process Injection although The Already Injected Instances will remain.
Note : If the Original process which hooked the callwnd is terminated the injection hook is also terminated. but the Keylogger will still run.

SpyNet Main Procedure (DllMain)

  1. If Process is not in Attack List, Unload self.
  2. Establish a WH_KEYBOARD Hook
  3. Have Callback Function Log All Key's and active Window Title's.

Features

  1. SpyNet is Invisible to the Task Manager (it's dll.)
  2. Logs only "Relevant" Keystrokes.
  3. Logs Time, Current Username.

Drawbacks

  1. Does not Affect Console Programs (Because they don't have Message Queue's)

TODO

  1. "Recognise" Password Textboxes.
  2. Auto-Email/FTP Upload the Log File.
  3. Host Log File on Pseudo Http Server.

Acknowledgement

The Keylogger Code is "inspired" from 2 Sources

  1. Pranay Kanwar's Keylogger (warl0ck) (link) The Search for "Shift" Codes and Capslock...the rest is recycled code of my other keylogger.
  2. BO2K (Back Orifice 2000) (Everything you'll need to know about C++.)

Authors Notes

--

History

22 Feb 08 : Original Draft

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

st0le
Other Student
India India
No Biography provided

Comments and Discussions

 
Questionon compilation with Dev C++ it gives an error Pinmemberaakash.me23-Sep-13 21:22 
GeneralMy vote of 5 Pinmembergndnet20-Jul-12 1:24 
Generalinjection method Pinmemberdekl5-Oct-09 2:21 
GeneralRe: injection method Pinmemberst0le5-Oct-09 7:08 
GeneralRe: injection method Pinmemberst0le5-Oct-09 7:13 
QuestionBug? Pinmemberst0le22-Jul-09 21:13 
QuestionMemory leak?? Pinmemberplaskey22-Jul-09 13:17 
AnswerRe: Memory leak?? Pinmemberst0le22-Jul-09 21:09 
GeneralWM_PAINT PinmemberFISH78623-Jun-09 2:44 
GeneralRe: WM_PAINT Pinmemberst0le24-Jun-09 21:26 
GeneralRe: WM_PAINT PinmemberFISH78625-Jun-09 2:07 
GeneralRe: WM_PAINT Pinmemberst0le26-Jun-09 1:10 
GeneralRe: WM_PAINT PinmemberFISH78626-Jun-09 2:20 
GeneralRe: WM_PAINT Pinmemberst0le26-Jun-09 19:05 
Generalarticle content PinmemberHarold Bamford17-Nov-08 4:50 
GeneralRe: article content Pinmemberst0le17-Nov-08 19:21 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Mobile
Web02 | 2.8.140916.1 | Last Updated 15 Nov 2008
Article Copyright 2008 by st0le
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid