Cause I've searched a lot for a project like this, and I haven't find anything around the Web, I would share my experience of my personal USB Keylogger.
It's not really a pure "USB" Keylogger (cause USB HID protocol is much more difficult than PS/2 protocol), but it adapt an USB Keyboard to PS/2 port, while (of course) recording the keys pressed.
In this way, even if it's discovered by anybody, it should be confused with a normal PS/2 Adapter.
That's the final result:

It need just a few component (SOIC PIC and EEPROM can be freely ordered as a sample from http://www.microchip.com/samples/ ):
-PIC 12F1822  (SOIC Version)
-EEPROM 24XX1025 (Any 1Mb version will be ok)  (SOIC Version)
-2 * 4k7 Resistor 1/8 W (Or any resistor of the same value as small as you can solder in the adaptor)
-Pickit 2 / 3 (For programming the pic and reading the eeprom)
-An USB to PS/2 Adapter that can be opened.

And, very important:
-A GOOD solder and VERY GOOD soldering abilities.

Let's Start.

EDIT (in reply to comments):
Some weeks ago, a friend of mine asked me to help him, cause his computer seamed blocked, indeed, he couldn't either type his password to login with his account..
I know that he is almost a novice and couldn't just change the keyboard instead of asking me help, anyway, i changed his keyboard, but I wanted to know why it wasn't working, I tried it on another computer without any result, except that the keyboard's leds blinked, so, I wanted to go deeper; I take a Logic Analyzer and i have analyzed the PS/2 protocol, I have discovered that the keyboard was switching off whenever the PC sends 0xFF (Reset) command.. I then solved it simply replacing a capacitor that has blown up.

This is WHY I build it (for any similar case), I'm NOT responsible of ANY aim you use this Keylogger.
Illegal is the WAY you use a Keylogger, not the Keylogger by itself.
I didn't want to make anything "immoral" or "illegal"


Step 1: Circuit

This is the complete circuit of the Keylogger, it can seems complex, but in real, it isn't.. we'll see why..
It is divided into two "zones":
One is the Adapter, which connect GND and VCC pin of PS/2 connector with their respective pins on the USB Connector and CLK and DAT pin to, respectively, D+ and D- pins.
The other zone is composed by the PIC and the EEPROM (and the I2C required pull-up resistors). The PIC take care of detecting incoming Data from PS/2, decode, and then writing it to the EEPROM.

One great use for a hardware Key logger is for additional backup during a big writing project. Can save a lot of time after a big crash.
Wow. Controversy! ;P<br><br>I'm not a paranoid crazy who wants to ban kitchen knives and prescription drugs. I'm even fine with jump ropes and aspirin.<br><br>I realize there are legitimate uses for such technology, but some (employee/child monitoring, etc.) do not require any covert operation, and therefore can simply be done using software... and others (police use, etc.) would have their official ways of doing such things, and wouldn't be looking around the internet for a solution to their problem.<br><br>I'm not entirely sure why people are giving reasons for legitimacy including things like &quot;making sure my children's internet browsing is safe&quot;, or &quot;emergency back up of your work in case of hardware failure&quot;. These things can be done very easily with numerous software suites out there. A keylogger is to log a computer's activity, and not much else. Software on the other hand, can backup files, stop a user browsing unwanted sites, and all number of things - none of which require any secrecy or underhandedness in any way.<br><br>And the &quot;it's only illegal if you don't ask the victim's permission&quot; makes no sense. The whole point of making this kind of hardware is to log secretly, with the victim being any the wiser.<br><br>I think we all know this kind of tech is used for illegal acts far more often than legal ones. Whilst the people commenting on this item may not be interested in it for hacking/cracking purposes, there's a lot of people out there who would use it that way.<br><br>Which brings me onto &quot;freedom of speech&quot;. People have commented that it's like going onto a gun forum and telling the people on there to not post stuff on guns, which is an interesting point. However, if someone posted a &quot;how-to&quot; on building your own bomb, how would you react? Whilst bombs may be used to stop terrorism, or save lives in some way, there are lots of people out there wanting to just make bombs. And kill people. Innocent people. If someone has a legitimate use for a bomb, then they would presumably be in the army, etc., and so have authorization to use such things. People looking on the internet for ways to make bombs aren't going to be making them for the army. They're going to be making it for themselves - to use it for their ends, which is usually not a good thing.<br><br>Now a keylogger isn't a bomb. I am aware of this. But I hope you can see the parellels. People looking online for how to make a keylogger aren't usually going to be the kind-hearted concerned about a friend type. They're the hackers and crackers who want to steal your information, passwords, etc., or to hack into your system.<br><br>Let's go back to the guns analogy for a moment. Gun sales and distribution is heavily regulated and monitored. Anyone who wants to carry a gun must be certified and each gun they purchase must be registered to the owner. If someone put up a &quot;how to make your own 9mm hand gun&quot; on instructables, then this system would be completely disrupted. Anyone could make their own gun, and therefore, anyone, no matter how trustworthy or mature, would be able to fire a weapon at whatever the like, whenever they like. &quot;But it's freedom of speech. It's the usage of it that's illegal.&quot; I'm fairly sure the police would disagree.<br><br>For these reasons, it's not a good idea to post things of this nature on the internet. If you have a case for legitimately monitoring a PC's activity, then look into the wide array of other, less dubious options, or if it's serious, talk to the police or someone of authority abot it. I'm sure you can find another option.<br>
Some weeks ago, a friend of mine asked me to help him, cause his computer seamed blocked, indeed, he couldn't either type his password to login with his account..<br>I know that he is almost a novice and couldn't just change the keyboard instead of asking me help, anyway, i changed his keyboard, but I wanted to know why it wasn't working, I tried it on another computer without any result, except that the keyboard's leds blinked, so, I wanted to go deeper; I take a Logic Analyzer and i have analyzed the PS/2 protocol, I have discovered that the keyboard was switching off whenever the PC sends 0xFF (Reset) command.. I then solved it simply replacing a capacitor that has blown up.<br><br>This is WHY I build it (for any similar case), I'm NOT responsible of ANY aim you use this Keylogger.<br>Illegal is the WAY you use a Keylogger, not the Keylogger by itself.<br>I didn't want to make anything &quot;immoral&quot; or &quot;illegal&quot;<br><br>Regards,<br>Jamby
<p>can this be made with a usb connector?</p>
<p>bro how to make usb to usb hardware keylogger . because i want to spy my sis computer which uses usb keyboard</p>
<p>THANKS! I made it! But seriously, did you need to get the chips as a free sample? The PIC is <strong>&pound;0.81</strong> on RS (free delivery) :D</p>
Can I use a PIC12F508?
I don't have big knowledge about PIC12F508, but at first sight it lacks an I2C interface and the LtoH/HtoL interrupts that are used in this project. You could write your own procedure to communicate with the EEPROM with software implementation of I2C or other sort of communication but you should be very careful since it will require lot of precision due to the internal oscillator (I don't even think that the internal 4Mhz oscillator can handle I2C properly); the same is for LtoH/HtoL interrupts, you could check the values in a periodic timer but you will probably lose some bits if not calibrated correctly with the speed of the PS2 protocol.<br>So the final answer is &quot;maybe, but it will require for sure some work to adapt this solution&quot;.
<p>I like the idea but how would the chip fit into the ps/2 adaptor.</p><p>And how would you read the keys pressed after the key logger is dine</p>
<p>Cool. I still prefer software keyloggers though.</p>
<p>Software keylogger like Micro keylogger is easy to use.</p><p>http://download.cnet.com/Micro-Keylogger/3000-2162_4-75375292.html</p>
<p>very good information about keylogger.</p><p>for more cool tips visit techentires.com</p>
<p>hi, I'm trying to use proteus, but it seems that my library isn't complete, the eeprom and the pic is different or doesn't have it...do somebody know what can i do, like download the library folder or someone could make available there own folder...<br>thanks...=)</p>
<p>Cool!</p><p>I don't have a pic or a pic programmer, so I might try this on attiny85.</p>
<p>It seems strange to me that noone noticed - 4 years now - the other 2 little mistakes on the circuit (along with ematiss' comment on the 2 Vcc chip pins that should be connected to connector Vcc line):</p><p>The pin numbers from pin 5 to pin 8 are shown wrong... For U1: SDA is pin 5, SCL is pin 6, WP is pin 7 and Vcc is pin 8. </p><p>Same for U2: RA2 is pin 5, RA1 is pin 6, RA0 is pin 7 and GND is pin 8.</p><p>My congrats to Jamby: Simple and elegant</p>
Hi! I'm wondering if it is possible to replace PIC 12F1822 with avr unit like an ATTiny85 or something similar. Thanks!
<p>The ATtiny85 is good, but is not very good at storing information as it has limited space. Other ATtinys have more space and can even store to miniSD cards.</p>
Oh, yes! I think it should work without problem.<br>Unfortunately, I've very few experiences with AVR, so I can't indicate you the best AVR (while ATTiny85 looks indeed really nice). The only particular feature I've used for this project is the interrupt on low-to-high transitions, in order to easily sync with the PS2 protocol; btw, it could be done even with correctly timed timers with little effort.
Thank you for replying and those tips! I'll try it, maybe I'll find the way to make it working :)
I want to present their implementation of USB keylogger. In contrast to the presented here is a pure USB keylogger that analyzes the protocol USB. Unfortunately, this is only the layout, not the final product. And unfortunately article in Russian. http://obruboff.ru/usb-keylogger-avr/
In the schematic vcc is connected between the chips, but not to vcc itself. Is this connection implied?
Yeah! You're right! Congrats to have discovered that huge mistake. UC VCCs must be connected to USB VCC.
Thanks for sharing your project. The schematic looks nice and clear, but.. what code did you program your PIC microcontroller with? I would think this is incomplete without the code that drives the microcontroller, no?
Source code can be found in step 4.
There are many reasons that this keylogger would need to be disguised....<br><br>Example A: A parent wanting to know what their children are doing online and don't want their child to discover said keylogger....<br><br>Example B: That pesky room mate always on your computer? Yeah well now you know what they are doing on your stuff...<br><br>Example C: A cheating spouse???? <br><br>I can do this all day, and with an equal number of illegal reasons on might need such a keylogger.....<br><br>The point is, Not everything is or should be illegal.. There are many instances where ownership of an item is NOT illegal...<br><br>Example A: It is COMPLETELY LEGAL, to make and own your own gun, (called garage guns), yep legal.....<br><br>Example B: Did you know you can buy a grenade launcher? http://www.autoweapons.com/products/destructivedevices.html, yep legal..<br><br>There are numerous items that CAN do serious damage to anyone with the right person using them... And are completely legal to get or make yourself....<br><br>That being said, this small keylogger, yeah it could be used to steal your personal information in the right hands, and it could also be used to protect yourself from that pesky room mate using your computer to find kiddy porn....<br><br>And on that Note, Jamby I give you props for this awesome idea...<br><br>And all the critical people bashing on this cause it conceals itself, get with the times, this is the last thing I am worried about in my life.... Try worrying more about your neighbor and his grenade launcher.........
also on the grenade launcher (common household item right?.... well in my house at least) tactical gear commando, check the site out i found a mounted fifty cal machine gun for sale, lol sooo on my christmas list.
Guess I made it quite obvious, the wonderful things I take interest in, haha... Thanks man, I will check it out...
And also I would like to add, you can &quot;BUY&quot; keyloggers that conceal themselves.... Yep totally legal......
Thank you for sharing the knowledge. Honestly I sell USB products for around 3 years (<a href="http://www.hkcolordigital.com/" rel="nofollow">hkcolordigital</a>) but it is my first time to see this kind of product here. I would recommend our manager to consider adding the keylogger into our store.
actually as a remark to tgiles comment there are perfectly legal reasons to use these, my friends dad used it on his home computer to prevent tampering on his computer. he had it so that if anyone tried to log into his computer it would record anything that was typed so he knew what they where after. he did &quot;important code writing stuff&quot; so he was pretty paranoid.
wow.. i would have never guessed that this would have gotten those responses. not that i agree or disagree.. back to the logger, i need one for work and that's a great build. thanks..<br><br>just a comment on the gun thing, i can buy a gun via a classified without showing id. i can buy from a gun store with just a driver license, no waiting period. i would need a course to carry concealed but i have a gun rack in the truck, not concealed, but loaded. an armed community is not only safe, but tends to be polite. it seems that if the bad guys know who's armed, they tend to pick on someone else..
too complicated and not completely free
well, that would be illegal in my country to use that kind of hardware.
is it illegal if i use it in school computer? :D
Which country is that? They are legal in the UK and US as a means of ensuring no inappropriate use of computers at work. However, these are normally replaced these days by keylogging at the server.
great job man...
Good links to USB and PS/2 information. Easy to see you've done your research!
Everything can be misused<br>A kitchen knife can cut the bread but can also stab a man with it<br>Used responsibly and it shouldn't be illegal.
Personally, I think that it is perfectly fine to have something like this. and even though it's mainly all been said already, and I can't stand to perpetuate arguements, I have a few new points. <br> <br>owning something isn't a crime. a criminal act with the item is. <br>But accusing someone of the capability to do something is ridiculous. It would be like Orwell's &quot;Thought Police&quot; <br> <br>More so, it IS like some non-fictitious historical groups that were unjust. <br>for example, the Gestapo*, the Red guards, and the Soviet Era internal KGB. <br> <br>these were not the nicest people to be around. Okay? <br> <br>*Nazi secret police, often mistaken as gazpacho, a tomato soup.
Actually there are many instances where ownership of an object is a crime. Certain drugs being one of them. Also the possession of certain weaponry or when a weapon is possessed by a convicted felon. Possession of certain types of explosives is also illegal. Possession of a stolen object is generally illegal. <br> <br>I agree that accusing someone of the capability to do something does sound rather ridiculous but capability of commiting a crime will be a key portion of evidence if someone is being investigated or tried for the comission of a crime. <br> <br>The problem I see in this instructable is that it is designed to pass for something other than what it is. The true nature of the device is disguised, intentionally disguised. If it was for one's own use there would be no need to disguise its true function. For one's use the device enclosed in a black box would serve the same purposes of backup or testing the system. <br> <br>Use of this device on computers other than on one's own may be legal or not depending on the circumstance but I think in most cases use of this device without the knowledge of the computer user on whose computer it is installed is dishonest.
I actually agree with you on that. I must admit I didn't quite make my own opinion clear on this one, and you generally summed up the rest of it. thanks.
@tgiles<br><br>Your points are well stated and well received.<br><br>My point of view, however, is something different.<br><br>To block discussion of nefarious tools we would do a disservice to two important groups of people.<br><br>1) There are plenty of people who wish to learn and hack and use this knowledge for themselves. Turns out, these people come up with plenty of legit uses for nefarious devices all the time. <br><br>2) The people who need to protect themselves from people who would make such a device. Where would you send these 'white hats' - to the hacker underground with the black hats?<br><br>Another way to state that - If we close our ears to this topic, it does not make the topic go away, it simply makes us dumb about this topic.<br><br>You can say freedom of speech, blah, etc (which is all very true and very important) - but there's something more important, which is the freedom of information (not price). Stop people from knowing how to build a bomb, a keyboard logger, or anything else, and suddenly we have a black list of &quot;things [someone] says you can't know how to do&quot; -- thought crimes are currently not crimes and I'd prefer to keep it that way. Knowledge is always power and restricting knowledge is always evil. <br><br>
Would this configuration of the microcontroller/eeprom still work if you used a usb to usb instead of ps/2 to usb? Obviously you would need to figure out a new way to dump the memory but would that still work to capture the data?
Unfortunately No. USB HID protocol is different (Maybe I'll analyze in another instructable). Just think for example that PS/2 protocol is Open-Collector-Protocol (so it needs pull-up resistors) while USB does not.
What program did you use to make that very nice circuit diagram?
I've used ISIS, from Proteus (LabCenter Electronics)
Somebody said the Freedom of Information Act protects keylogging other people's computers? That's like saying the NRA protects international terrorism.<br>The FOI Act is for the people to obtain requested documents about the proceedings of our Federal Government. The Privacy Act of 1974 expressly confines the FOI to government records (wikileaks kinda stuff) and NOT personal information about individuals. Employers have the right to track web activity and email. Employers do not have the rights to keylog employee passwords, by the way. That's the employee's property, and is the &quot;electronic signature&quot; of the employee and can be used for electonic forgery and fraud.
That would be incorrect. My employee manual clearly states that you agree to monitoring of any and all activities on company property. There is no password on the property that belongs to you if you enter it into company property. If you don't like it, you are welcome to find other employment. We've had it tested several times and it holds up just fine.<br><br>The computers are company property. The connectivity is company property. The phone is company property. If you're doing something personal on company property, then you're either stealing resources from me or it belongs to me. Your choice.<br><br>[Where &quot;You&quot; is the &quot;Royal You&quot;, not &quot;You&quot; specifically...]
If you were on ebay at work, you should just be fired for being on ebay. Your employer does not need to go on a spree with your paypal account!<br><br>In any case, where the company has a person create a password to do financial transactions such as deposits, bills, and cutting of checks, the password is an electronic signature, and IT does NOT have access to passwords. <br><br>If you worked somewhere with adequate password security, you would find that IT or Help Desk can ONLY RESET passwords - they cannot ask you for your password, nor can they give you your password if you forget it. <br><br>This is basic security for the company. If the password is company property, there is no proof who embezzled monies or made errors with the password. It is a legal signature and an audit tool.<br><br>Maybe you don't work in a large organization where monies are handles with a secure computer system. The government also has laws regulating the ownership or passwords for those who are in banking and medical fields.<br>If you are on ebay at work, that is your problem, if your boss steals your password to embezzle monies, that is a serious problem for the organization as a whole.

About This Instructable




More by Jamby:How to build your own USB Keylogger 
Add instructable to: