How to Make Your Own USB Keylogger Hardware
Keyloggers are a must-have tool in your arsenal. Hardware keyloggers have the advantage of being undetectable through anti-virus or other protection programs. They also capture keystrokes before the OS even boots up, so they are pretty handy tools.
The only issue with these tools are the price tags. Most of them cost more than $80 USD to purchase. In today's Null Byte, let's make one for (almost) free. There are tons of electronic component stores online that will send us small parts for free!
- PIC 12F1822 (SOIC) and EEPROM chips (Free sample here)
- EEPROM 24XX1025 (SOIC) (Free sample here)
- (x2) 4k7 resistor 1/8 W. Get it from your local Radio Shack.
- Pickit 2 / 3. Also can be found at Radio Shack.
- A USB to PS/2 converter
- Low wattage soldering iron
- Steady soldering hand
Step 1 Circuitry
The adapter, which connects the GND and VCC pin of the PS/2 connector with their respective pins on the USB Connector and CLK and DAT, pin to, respectively, D+ and D- pins. The other zone is composed by the PIC and the EEPROM. The PIC takes care of detecting incoming raw signals from the PS/2 port, decodes them, and then writes it to the EEPROM, which we will then read from.
Step 2 Open the USB to PS/2 Adapter
Open it up and simply connect pins from the USB female connector to the PS/2 male connector. Just join them at these points:
VCC -> VCC
D+ -> CLK
D- -> DAT
Solder each wire to a pin on the USB, as shown above. Solder the PIC to the EEPROM, with the resistors properly soldered. After soldering, re-assemble the device and connect it to the keyboard that you want to test it on.
When data has been captured, you must read the EEPROM. If you have soldered the SDA and SCL pin to the two N/C pins of the PS/2 adapter, as it was shown in the circuit diagram, you can now build a simple converter PS/2 to ICSP connector to read your EEPROM or use the Pickit 2.
See the documentation of your programmer to see exactly how to build it.
After you read the EEPROM, you need to open it in a hex editor to view the logs and convert them by code. It's quite easy from this point. I would think there are even programs floating around on the web to convert them, and if not, the codes are easy enough to convert, in which you could make a script yourself...any takers?
Be a Part of Null Byte!