3.3 Writing a Keylogger in Python Part 3

00:00

Hello and welcome to this lesson on ethical hacking tools with python.

00:04

The agenda for today is actually testing the key logger we've written in the previous two lessons. So if you don't know what I'm talking about, please go ahead and watch the previous two lessons to get you back on track.

00:15

Now we want the dust, this key logger in a safe environment, Which is why I'm going to be using a virtual machine called Man Exploitable too.

00:24

To have it up and running on your system, you need virtual box. And you also need two medics. Plausible to image

00:31

in the resource is document accompanying these video. You have further instructions on how to install them. So please make sure to check it out before moving on with this video.

00:41

Now, I already have Ah, med explainable to up and running here.

00:46

So, um, I'm logged in with the user MSF admin and the password MSF badman now well, actually doing if conflict to make sure the I pee in the key logger code matches this machine's society. So if conflict

01:00

and we can see that the e th zeros is Annette address or I P is one I need to 1 68 0103 And I believe that's not the one that we have here in the code. So yeah, it's not.

01:15

And we have to modify here in the cold 01 or three.

01:19

So 01 or three and then actually saved a coat. Let's also do an l s minus a over here

01:29

to see all the files and folders that are in the present directory of not exportable to now going back to my Windows machine. Let's open up a command, prompt

01:41

and start the key logger. So I'll navigate to its location,

01:46

which is on the desktop. And then it's in scripts and it's in key Logger. Okay? And if we do a dirt command here, we can see that it's key Logger minus b two

01:57

dot t y and I'm gonna actually started. So Python

02:01

Key logger minus two p. Y.

02:05

And we can see that it says started listening.

02:08

Now let me open up one note that and start writing stuff toe, actually, make sure that, um,

02:16

it's logging key presses or key events, so I'll just say my

02:23

the password is secret. Doctor thought

02:27

Okay, let's minimize this. And then we'll go back to the key logger and hit the escape key.

02:34

And we immediately see the awkward messages that it connected to the FTP and sent a locked file. Well, let's see if that's true. So first will check the present folder here in Windows to see if the locked files is there. So we'll say there and we can see that

02:53

we do have a kilt. K log miners rests that t x t and using the more command

03:00

on this file,

03:02

we can look into it

03:05

and you can see the commands breast. So this is where I opened the note bad. And then I hit Enter,

03:13

and then ah,

03:14

I just said my password is

03:17

secret. So

03:21

secret.

03:23

Okay, Doctor thought and then I hit the escape key.

03:30

All right, so we also see so we see the key presses and we also see the time stamp. Now let's go to our FTP servers or the Medicis playable machine over here

03:39

and, uh,

03:42

see if the ft be sending work, will do on l s minus a again. And lo and behold, you can see the K log minus rest of t X t there and we can look into it with the cat command. So Cat Kellogg, rest up t X t and it's just about the same thing

04:02

s o The fall was uploaded correctly.

04:05

Now, a good way to check the integrity of a file or to check if to foul match precisely is by looking at their nd five some So on Windows here To do that, we can just use the command certain you do minus

04:21

hash file K log, rest of t x t. And we need an MD five hash. So here it created an MD five hash. And we do. Ah, we run basically similar command in Lenox.

04:36

Um, well, say

04:39

MD five some

04:41

que la grassed on t x t

04:44

and we can see that it generated an MD five.

04:46

Um, and we can look at the 1st 4 So eight e a e

04:51

eight e eight e over here and then the last 4 95 7 95 7 So looking at the 1st 4 in the last four to see if they match is actually a good rule of Tom so

05:04

in this case are false. Could respond all right. So this is how to write a key logger and python and send the the output to an FTP server.

05:15

Now let's do a quick knowledge check before we finish this lesson.

05:19

What Lennox commend lets us perform MD five check sums. Is it a MD five Check some B M 85 check or CMB five. Some,

05:30

and this should be really freshen your memory because we've disgusted about a few minutes ago now to the one MD five checks. Um, in Lennox, we've typed an MD five some and then the file name. Thus the correct answer is a Psi MD five, some

05:46

so in review today we did the actual testing of our by phone key logger, and it performed correctly. The key logger was very basic simplistic, and it only took a few lines of code to write it. But you can get really creative with building scripts like this. However,

06:02

on Lee used them in situations in which you have been given specific permission for testing

06:09

up. Next, we're going to start building a zip best word brute force, sir, and by Thorne.