Warning! Python Remote Keylogger (this is really too easy!)
Vložit
- čas přidán 8. 07. 2024
- Create your own virtual machine on Linode with a 60-day $100 credit: davidbombal.wiki/linode
If that link doesn't work for you, try this link: www.linode.com/lp/youtube-vie...
Please note: Credits expire in 60 days. Big thanks to Linode for sponsoring this video!
I wrote a Python program that saves keystrokes to a cloud server. I compiled the script to run on a Windows 11 computer with anti-virus enabled. May this be a warning to both you and your family. Don't download software that you don't trust. Only download software from reputable software developers and those you trust.
Disclaimer: This video is for educational purposes only. I own all equipment used for this demonstration. No actual attack took place.
// MENU //
00:00 - Be careful what you download
00:07 - Intro
00:16 - How to capture keystrokes with Python
00:41 - Keylogger demo
03:30 - How to setup the keylogger
10:34 - Conclusion
// Code //
Keylogger: github.com/davidbombal/python...
Server: github.com/davidbombal/expres...
// Video mentioned //
Python keylogger bypasses Windows 11 Defender: • Python keylogger bypas...
// SOCIAL //
Discord: / discord
Twitter: / davidbombal
Instagram: / davidbombal
LinkedIn: / davidbombal
Facebook: / davidbombal.co
TikTok: / davidbombal
CZcams: / davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
python
keylogger
python keylogger
windows 11
windows 11 keylogger
pyinstaller
py to exe
py exe
python py to exe
python exe
compile python
python compile
python exe
python convert to exe
python convert py to exe
python py exe
python code
windows
windows 10
anti virus
real time protection
windows anti virus
windows real time protection
windows 11 protection
windows 11 python
python compile
compile python code
compile python
python windows
windows python
Disclaimer: This video is for educational purposes only. I own all equipment used for this demonstration. No actual attack took place on any websites.
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
#python #keylogger #wifi - Věda a technologie
Great tutorial David! Please keep them coming!
Awesome video, thank you David 😊! Those PoCs are really good for us to build countermeasures to that kind of stuff. I got curious about python compilation actually, I've did some Python install before but never compiled it as a binary, will give it a try later.
Create your own virtual machine on Linode with a 60-day $100 credit: davidbombal.wiki/linode
If that link doesn't work for you, try this link: www.linode.com/lp/youtube-viewers/?ifso=davidbombal
Please note: Credits expire in 60 days. Big thanks to Linode for sponsoring this video!
I wrote a Python program that saves keystrokes to a cloud server. I compiled the script to run on a Windows 11 computer with anti-virus enabled. May this be a warning to both you and your family. Don't download software that you don't trust. Only download software from reputable software developers and those you trust.
Disclaimer: This video is for educational purposes only. I own all equipment used for this demonstration. No actual attack took place.
// MENU //
00:00 - Be careful what you download
00:07 - Intro
00:16 - How to capture keystrokes with Python
00:41 - Keylogger demo
03:30 - How to setup the keylogger
10:34 - Conclusion
// Code //
Keylogger: github.com/davidbombal/python-keylogger
Server: github.com/davidbombal/express-server-basic
// Video mentioned //
Python keylogger bypasses Windows 11 Defender: czcams.com/video/qaZ-IbssPDI/video.html
// SOCIAL //
Discord: discord.com/invite/usKSyzb
Twitter: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
CZcams: czcams.com/users/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Dear David, I'm telling your her 🖐🏻😡.
i think you forgot to pin this
But what if I don't have a python download??
thank you very much for this content, i love how you explain so good and simple to knowledge!
Always great content! I've done something similar using SMTP to shoot over emails of the logged keystrokes on a timed interval. Love the use of a js server approach! About to jump into the code and have a look around. Keep up the amazing work and for making people aware of the real dangers that hide in plain site.
Thank you Dustin!
@@davidbombal of course! Keep up the amazing work and keep inspiring people to learn!
Thanks Sir David for the knowledge on how we can secure our devices. Can this also be done on mobile devices?
@@wingit7335 how can it be like the deployment on windows, so that it is not easily detect as malicious software or how can it be deploy as an apk file?
@@davidbombal David great content thanks what about the update for the Kali Linux on Android
Amazing content David I like that you bring us the best reputable personalities in their speciality field so we can learn from the best no need for fancy botcamps😄 ✅🖥️🙏
Great video man. Love the server
Great content again. Reading the comments and your responses is very helpful in educating us, thanks!
You're welcome!
Thank you for this informative and educational video!
thanks for the awesome content David
Thank you for demonstrating this.
Hey David, thanks for sharing this! I don’t suppose you could maybe consider a pivot into voice ? Enough material with that to keep you occupied. Could maybe lead back into security related items (wire shark and RTP streams).
I know network engineers tend to grimace at voice, but steel yourself and think about it ;)
Awesome video David !
Thank you Jonny!
This keylogger scripting technique through other scripting mediums has been around for years. Dave, you just made it worldwide for Python. Well done.
FFI and ctypes, it has been available for ages :)
@@dmail00it dosent work for me 😕
one of the few channels that show content of relevance!!!!!! I wish you were my mentor... I managed to reproduce another keylogger on the desktop! it also prints every click along with a notepad with text captures and creates folders separated by date!!! finally I managed to reproduce your code and forward the log file to a server... thank you very much for sharing your knowledge!!!!!! I am a Programming and Information Security enthusiast🇧🇷
Thank you for your continued commitment to education.
Thank you Desmond. You're welcome!
I created a python key-logger like this couple years ago sending it to my free web hosting server. Awesome video.
Thank you! So many ways to do this.... it should really not be possible today, but is unfortunately.
can you teach me how to do it?
Awesome. Well done sir
Bad Mr Bombal Bad, keep the videos coming thank you learned alot!!
Glad you learned something David
Great video...thanks David.
Thank you Lance!
I started to smile after I saw the first thumbnail of this video. It was like Saurons Eye from the Lord of the Rings is watching you. And now it's like a Ringwraith.
whoop!
Thanks David
I've once used python on my PC to give a demo to my friends that how getting passwords is easy and asked them to avoid using internet cafes, as getting the key strokes is pretty easy. That was way back in 2015.
This seems complicated it’s not working for me
what about how to stop remote keyloggers? what antivirus or app can detect them?
This is awesome, it's more effective If the keylogger run as a daemon in the background and it is start running on system boot up
This is only a proof of concept and can improved in many ways. We didn't show everything here because of CZcams rule.
@@davidbombal Now I’m curious: what didn’t you show (besides compile steps)?
@@davidbombalWhere can I learn and see everything, I am into python development. How do people like you learn? Everything nowadays is hidden either for going into courses and spending money or just people not to see and analise.
Worked , thanks a lot!
What would happen if the target is typing in another layout or language
Hello, what program do you use to record the windows desktop?
Are the sample softs there when you open the software or do you have to download them from sowhere
Things that can be improved, make the script work like a blind shell, like not including the ip address in the program itself, instead we will initiate a call to the program via some authentication, also encrypted data transfer is necessary to avoid AV detection.
Probably just meant to be an example of something super simple.
This is one of the most complex python keyloger ever. I can do the same with aprox 20 lines of code without any extra software or anything.
So how’s it complex lmao
Haha I love this content David! I am doing the 30 day challenge of networkchuck right now the juniper ccna
Nice. How is the Juniper cert program?
@@tehczavier It's good so far I scored 100% on module 1, but to be fair I already have a network background:). It's great for people who are starting out
I like this vid. Good insight.
Rather than outputting to a text file, you could use a nosql db and output the processes running at the time of the key logging to have a better picture of what the target is using at the time they are typing.
We decided against doing that here to keep things simple. This is a proof of concept and can be improved in many ways. We can code in many other options, but this is for educational purposes only and not to build malware.
@@davidbombal agreed. I actually like the simple poc. It leaves alot of potential open that could be touched on or brainstormed or discussed in general. Especially if talking about major nation state adversaries and their toolsets to gain access to sensitive western critical infrastructure systems. Or general minor ransomware criminal groups with their initial access brokers.
Hello Mr Bombal it seems that python is great langage to learn thx for u re constant effort God bless u
You're welcome Majid!
finally great video
Thank you so much you really help me :)
Great video sir :)
Thank you Aniket!
More videos like this but easy one's please for beginners.
awesome tutorial!
Glad you liked it!
Wow thx for warning us about that :)
Thanks for this. Ill fire up a demo for our monthly meeting.
Hopefully they learn from this video 😀
I am ok with python code but I have no idea about C code. When you say you used a C compiler to compile it does that mean you can compile python code in C compilers or did you have to use C code to make it work? Thanks for the video.
Nice video, if i was do it this i would use sockets for real time communication and a common port such as 443 + inject a binary blob into memory for a listener to setup a shell, that the program can load using a pointer. easy web c&c.
More than perfect 👍
Really nice sir
Hi David, just wondering if there's a way to encrypt the keylogged traffic / passwords as I'm sending them to my linode. Maybe I want to test this with my own passwords but I don't want the connection to be readable by eavesdroppers.
It works! Thanks a lot.
Hi did you use a server
Amazing stuff
Thank you Max
Just the title!! Hahaa this is why I joined your army
Awesome video David, but, how can we prevent our machines from these tools?
Will this program run on nay windows version or it is specified only for windows 11 ?
Spyware are shown in procexplorer? like sketchy process running. Or they are just not visible?
We dont deserve you David. Thank you so much!
Thank you Richie!
Ive tried to do it. Only one issue: when I run the compiled keylogger.exe it opens an empty command prompt, when I close it, it will close the keylogger as well. Idk how to make it so it opens stealthy as yours.
You need to set compiler flag "-mwindows" to remove the UI element of your application. Other ways include setting the main window handle hidden on init.
Awesome👍
How can i send the keylogging data to my own server. Do i just open a port on my server like 8080 shown in the scipt and add my server ip in the scipt too?
Can this be done within windows and to keylog another windows machine? I don't really want to spin up a entire Linux vm just for logging.
YO THANK YOU SO MUCH
I need an example file of someone who wrote a longer text (a story or a masters thesis) - is there any such public repository?
Do you have any recommendations on books in Computer Science? I want to learn Computer Science before JavaScript and Python.
it is not books but you can easily find resources on harvard CS50 and Freedcodecamp channel.
@@hartatociptajaya Thank you, I know some of the Free courses require a text book. Have to look into this one, because a couple people recommend this course.
You’re probably putting the horse before the cart if you do that… if you want a bit of an overview on some computer science, there’s a vid called ‘the art of code’ on CZcams.
Learning a simple language like python is much easier than learning computer science. Walk before you run!
@@catatafish22 Wouldn't it be the other way around? I want to learn the basics of computer science in order to have the fundamentals and when I go to learn a language I'll know how the computer functions, instead of just following examples that I have no idea why I'm doing what I'm doing.
I'm new. What does he mean when he says we? Is there a team who worked on this?
Dave could you create a GNS3 topology for key logging?
in other words this can also bypass a separate firewall? wow this is crazy stuff.
Brilliant. (As usual).
Thank you Mal!
sir can you please tell me if i need to NAT port to sending logs through WAN?
Can this keylogger program be put in non executable files like PDF files, pictures, videos etc?
i m from india ....your content is great ...... really
UAC doesn't popup at all when you execute?
sir why dont you create a structured course on various language which is in demad in copporate sector....beleive me your channel will boom
Big fan
Thank U Sir !
Make a video to show us how to create own server to save the data without Linode, please??
Thank you David for the fantastic videos!!
just run the javascript code on your machine and forward the ports from your router
set up a raspberry pi running ubuntu or whatever locally.
@@lewisheath364 okay, thanks
@@Foiliagegaming okay, thanks
Can you make this on replit online code editor
I started making soft recently, I was wondering if you wanna do any features.
may add -y to the install script in the install lines (and merge the lines)
Thank you!
You're welcome!
Thanks for all.
You are most welcome
Great Content! I am a big fan. I did all of this and windows defender did not detected it but when i sent it to my friend to check it out by uploading it to google drive. When he downloaded it windows defender picked it up. Is there something i can do to avoid this?
Please how did you get it to run in the background
does it uniquely work on windows 11? what about other versions of windows?
set up a small local server that is running on cellular network and have it set up on the local network then forward the traffic from there.
Will clean reeboot help?
if you want you can also create a python scripting course on youtube
Thanks David!
This is great content as usual.
since 'this' runs on the background would it probably make the PC a bit slower and hence call the attention of the user to something wrong with the pc operation
Since its only text the overhead should be minimal
@@fyzzlefry okay
that's cool!
Hey what server do u use, i can't find one
Hi, David. What would you recommend for scanning pdf's and images for rats and loggers? These day's many of us download quite a number of pdf's for education and images for our own curating.
Comments like this from , text me "@ the official blah blah blah" seem like a game best played later. ; - )
what if we run this file as a script on the AD .... and it will automatically run right? fun but scarry ...
So recompiling PyInstaller bypasses Defender, but wouldn't SmartScreen block the EXE as it is unknown (if it was real malware and actually was downloaded from the Internet by "your victim")?
David, you said you were going to show us how to capture a handshake with Kali Linux installed on our android phones.
you cant. android dosnt surport monator mode also you need to send a deauth packet to the target to catch the handshake. and the handshake uses encryption. use a laptop and a 64bit version of kali
Should I use the public IP in order to connect to the server?
Does this detectable in a mcAfee endpoint security
Very nice video i did this with a mail.
do you have to use a virtual machine?
will it always add space EX: you log into one site then another theres and theres no space input
Will EDR not detect this kind of activity? since EDR is based on anamolies I'm pretty sure it will catch as suspicious no?
Hey, I'm new here and building this project for my own working but I need help the files that he mentioned and the steps are updated and now I'm stuck can anyone here help me out?
How would you detect this
Someone said this virus is undetectable ! So funny maybe they are recently using windows 7 !
Windows Defender can detect it now,
@davidbombal Hey, I'm new here and building this project for my own working but I need help the files that he mentioned and the steps are updated and now I'm stuck can anyone here help me out?