Last active
April 29, 2020 10:13
-
-
Save gronono/ac2f95f0426ea66d8b32b96b3ab40194 to your computer and use it in GitHub Desktop.
Linux KeyLogger
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
# -*- coding: utf-8 -*- | |
# Inspiré de https://dzone.com/articles/how-to-create-a-keylogger-for-linux-using-python | |
# Pour comprendre la structure des events: | |
# https://stackoverflow.com/a/16695758/2909535 | |
# https://www.kernel.org/doc/Documentation/input/input.txt | |
# https://pubs.opengroup.org/onlinepubs/7908799/xsh/systime.h.html | |
from datetime import datetime | |
import re | |
import struct | |
import sys | |
DEVICE="SpringCard H663/RDR" | |
CARD_NUMBER_LENGTH=16 | |
LOGFILE="/home/pi/keylog.log" | |
# Correspondance entre les codes et le caractère | |
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/include/uapi/linux/input-event-codes.h | |
KEYS = { | |
2: "1", 3: "2", 4: "3", 5: "4", 6: "5", 7: "6", 8: "7", 9: "8", 10: "9", 11: "0", | |
16: "A", 17: "Z", 18: "E", 19: "R", 20: "T", 21: "Y", 22: "U", 23: "I", 24: "O", 25: "P", | |
30: "Q", 31: "S", 32: "D", 33: "F", 34: "G", 35: "H", 36: "J", 37: "K", 38: "L", 39: "M", | |
44: "W", 45: "X", 46: "C", 47: "V", 48: "B", 49: "N", | |
71: "7", 72: "8", 73: "9", 75: "4", 76: "5", 77: "6", 79: "1", 80: "2", 81: "3", 82: "0" | |
} | |
def lookupForDevice(): | |
with open("/proc/bus/input/devices") as devices: | |
found = False | |
for line in devices: | |
line = line.rstrip() | |
if line == "N: Name=\"" + DEVICE + "\"": | |
found = True | |
if found and line.startswith("H: Handlers="): | |
pattern = re.compile("event[0-9]+") | |
device = pattern.search(line).group(0) | |
return "/dev/input/" + device | |
sys.exit("Device " + DEVICE + " not found") | |
def listen(deviceFile): | |
eventFormat = "llHHI" | |
eventSize = struct.calcsize(eventFormat) | |
with open(deviceFile, "rb") as f: | |
event = f.read(eventSize) | |
cardNumber = "" | |
while event: | |
(_, _, type, code, value) = struct.unpack(eventFormat, event) | |
if code != 0 and type == 1 and value == 1: | |
if code in KEYS: | |
cardNumber += KEYS[code] | |
if len(cardNumber) == CARD_NUMBER_LENGTH: | |
processCard(cardNumber) | |
cardNumber = "" | |
event = f.read(eventSize) | |
def processCard(cardNumber): | |
now = datetime.now() | |
print(now, cardNumber, "!") | |
with open(LOGFILE, "a") as log: | |
log.write(now.strftime("%d/%m/%Y %H:%M:%S") + " " + cardNumber + "\n"); | |
def main(): | |
deviceFile = lookupForDevice() | |
print(DEVICE, " found on file ", deviceFile) | |
print("Listening...") | |
listen(deviceFile) | |
if __name__ == "__main__": | |
main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Exemple de KeyLogger permettant de lire le numéro d'un badge UNC à partir d'un lecteur fonctionnant comme un clavier.