174 lines
6.1 KiB
Plaintext
174 lines
6.1 KiB
Plaintext
===============================================================================
|
|
logkeys - a GNU/Linux keylogger that works!
|
|
===============================================================================
|
|
|
|
0. Licence
|
|
1. Description
|
|
2. Installation
|
|
3. Usage how-to
|
|
4. Further information
|
|
|
|
===============================================================================
|
|
|
|
|
|
+------------------------------------------------
|
|
0. Licence
|
|
===============================================================================
|
|
logkeys is dual licenced under the terms of either GNU GPLv3 or later, or
|
|
WTFPLv2 or later. It is entirely your choice! See COPYING for further
|
|
licencing information.
|
|
|
|
|
|
+------------------------------------------------
|
|
1. Description
|
|
===============================================================================
|
|
logkeys is a linux keylogger. It is no more advanced than other available linux
|
|
keyloggers, notably lkl and uberkey, but is a bit newer, more up to date, it
|
|
doesn't unreliably repeat keys and it shouldn't crash your X. All in all, it
|
|
just seems to work. It relies on event interface of the Linux input subsystem.
|
|
Once completely set, it logs all common character and function keys, while also
|
|
being fully aware of Shift and AltGr key modifiers.
|
|
|
|
|
|
+------------------------------------------------
|
|
2. Installation
|
|
===============================================================================
|
|
Provided your GNU/Linux distribution doesn't include logkeys package in its
|
|
repositories, manual installation of logkeys from source is as easy as:
|
|
|
|
$ tar xvzf logkeys-0.1.0.tar.gz # to extract the logkeys archive
|
|
|
|
$ cd logkeys-0.1.0/build # move to build directory to build there
|
|
$ ../configure # invoke configure from parent directory
|
|
$ make # make compiles what it needs to compile
|
|
( become super↙user now ) # you need root to install in system dir
|
|
# make install # installs binaries, manuals and scripts
|
|
|
|
That's it. If everything went through fine (as it mostly should, I think), you
|
|
can probably skip ahead to the next section now.
|
|
|
|
To ever uninstall logkeys, remove accompanying scripts and manuals, issue
|
|
|
|
# make uninstall # in the same logkeys-0.1.0/build dir from before
|
|
|
|
To install the binaries in path other than /usr/local/bin, use configure with
|
|
--prefix switch, for example:
|
|
|
|
$ ../configure --prefix=/usr
|
|
|
|
Along with other standard configure options, you can also use:
|
|
|
|
$ ../configure --enable-evdev-path=PATH
|
|
|
|
to have logkeys look for input event devices in PATH ( $(PATH)/eventX ) instead
|
|
of preconfigured default /dev/input (/dev/input/eventX), and
|
|
|
|
$ ../configure --enable-evdev=DEV
|
|
|
|
to have logkeys define static event device DEV (i.e. /dev/input/eventX) instead
|
|
of looking for it in default /dev/input path or custom evdev-path.
|
|
|
|
The input event device we are referring to, here, is the kernel event interface
|
|
echoing keyboard events. If using either of these two --enable-evdev*
|
|
switches, make sure you provided correct PATH/DEV.
|
|
|
|
A copy of these instructions is in the accompanying INSTALL file.
|
|
|
|
|
|
+------------------------------------------------
|
|
3. Usage how-to
|
|
===============================================================================
|
|
|
|
logkeys is simple. You can either invoke it directly, by typing full command
|
|
line, or use the provided scripts. There are two scripts in this package:
|
|
|
|
bin/lkl , which starts the logkeys daemon, and
|
|
bin/lklk , which kills it.
|
|
|
|
You can use these two scripts for starting and stopping the keylogger quickly
|
|
and covertly. You can modify the scripts as you like.
|
|
Note that logkeys is installed setuid, so the root password need not be
|
|
provided at runtime.
|
|
|
|
Default log file /var/log/logkeys.log and is not readable by others.
|
|
|
|
I suggest you first test the program manually with
|
|
|
|
$ touch test.log
|
|
$ logkeys --start --output test.log
|
|
|
|
and in the other terminal follow it with
|
|
|
|
$ tail --follow test.log
|
|
|
|
and see if the pressed keys match to those noted. If you use a US keyboard
|
|
layout, use -u switch. Make sure your terminal character locale is set to UTF-8
|
|
|
|
$ locale
|
|
LANG=xx_YY.UTF-8
|
|
LC_CTYPE="xx_YY.UTF-8"
|
|
...
|
|
|
|
otherwise you will only see odd characters (like ꑶ) when pressing character
|
|
keys.
|
|
|
|
It is very likely that you will see only some characters recognized, without
|
|
any hope for Shift and AltGr working even slightly correct, especially when
|
|
starting logkeys in X. In that case it is better to switch to virtual terminal,
|
|
e.g. tty4 (Ctrl+Alt+F4), and there execute:
|
|
|
|
$ logkeys --export-keymap my_lang.keymap
|
|
|
|
Then open my_lang.keymap in UTF-8 enabled text editor and manually repair any
|
|
missing or incorrectly determined mappings. From then on, execute logkeys by
|
|
|
|
$ logkeys --start --keymap my_lang.keymap
|
|
|
|
Again, see if it now works correctly (character keys appear correct when you
|
|
are viewing the log file in editor), and opt to modify bin/lkl starter script.
|
|
|
|
logkeys acts as a daemon, and you stop the running logger proccess with
|
|
|
|
$ logkeys --kill
|
|
|
|
(or bin/lklk provided script).
|
|
|
|
For more information about logkeys log file format, logkeys keymap format, and
|
|
command line arguments, read the application manual,
|
|
|
|
$ man logkeys
|
|
|
|
or see the wiki at project website: http://code.google.com/p/logkeys/
|
|
|
|
If you create full and completely valid keymap for your particular language,
|
|
please upload it to website or send it to me by e-mail. Thanks.
|
|
|
|
Abuse the output of this software wisely.
|
|
|
|
|
|
+------------------------------------------------
|
|
4. Further information
|
|
===============================================================================
|
|
|
|
Read the man page.
|
|
|
|
Refer to troubleshooting and FAQ sections on the project website,
|
|
|
|
http://code.google.com/p/logkeys/ ,
|
|
|
|
for currently known issues, ways to resolve them, and any other information.
|
|
|
|
Report any bugs and request reasonable features on the issues list page
|
|
|
|
http://code.google.com/p/logkeys/issues .
|
|
|
|
Always provide descriptively keyworded summary and description.
|
|
|
|
You are more than welcome to implement unreasonable features yourself, as well
|
|
as hack the program to your liking.
|
|
|
|
If you are a pr0, please answer the few questions I commented in the source.
|
|
Thanks.
|
|
|
|
~
|