Picture this scenario. You are at your desk at work. While you are productively working away, you get a thought about the product you saw on the Internet last night. You spontaneously decide to purchase the product on Amazon during your lunch break. You look around and see no one near you as you whip out your credit card to type away the numbers and pin. However, even with no one around you, you feel like someone is still watching you. Do you feel safe? Well those eerie feelings might be right. You may not be as safe as you think, your device may be susceptible to eavesdropping. Keyloggers are a type of technology, hardware or software, that is designed to record user input that is typed by a user on the computer keyboard. User input can include letters, numbers, symbols, and even mouse clicks. The keylogger’s general purpose is to gather as much information as possible from what the user is typing into their keyboard.
Keylogging can be used for both malicious and legitimate purposes. A company may use it as part of their policy to monitor user activity on their network. However, an attacker might use a keylogger maliciously for data exfiltration on a network or simply collect sensitive information about a target including their SSN, credit card numbers, and other PII information. There are a variety of methods and steps that you or an organization can take to prevent keyloggers (both software and hardware). A company can have multiple DLP (data loss prevention) methods set in play to prevent user’s workstations from having any unauthorized hardware devices accessing company owned equipment. Some examples include,
To understand attacks on users vulnerable to these eavesdropping/sniffing attacks, I wanted to create my own version of a hardware keylogger that can be transmitted through a USB port. To start, I worked on the scripts that will be responsible for logging the keystrokes and saving these inputs into your local machine. I first created a keylogger function. Using the pynput library, I pulled two different functions from it “Key” and “Listener”. These classes helped me with creating functions and variables that would listen for and handle these events. The script will stop executing if the user had pressed the escape key. Next, I created a script that would be responsible for the users workstation to save the keylog file into a text file that is legible for the user. Using the os library, I was able to interact with my operating system’s in a platform-independent way. With the module os.path.join and os.path.expanduser, I was able to create a file called keylog.txt and save the file underneath the ~/Desktop path. This module was helpful in making sure that the path is resolved to the correct home directory on the users local machine. Lastly, I imported both these scripts into my main.py file which ran both functions keylogger() and savefile().
Throughout this project, my main focus was to understand the different modules and libraries that python has to offer. As an avid programmer, I wanted to expand my understandings of scripting in a language like python to help broaden my capabilities of having it in my arsenal. Additionally, I wanted to showcase my understandings of how sniffing tools leave users vulnerable to attacks and how a malcious actor may create one to do such that. Attackers are often looking to steal personal information. Recording key strokes can expose a lot about a user including websites they visit, accounts they access, and personal information. Some next steps I want to take in order to expand upon my project and work on improving the capabilities of the keylogger include:
The purpose of this project is to conduct ethical hacking to identify vulnerabilities in my local system and to help understand security. The project will be conducted under my own home lab that I have setup under my network, on my local machine. All information obtained during the project will be kept confidential and will only be shared with authorized parties.