How to Build Your Own USB Keylogger

629,721

399

137

Posted

Introduction: How to Build Your Own USB Keylogger

Cause I've searched a lot for a project like this, and I haven't find anything around the Web, I would share my experience of my personal USB Keylogger.
It's not really a pure "USB" Keylogger (cause USB HID protocol is much more difficult than PS/2 protocol), but it adapt an USB Keyboard to PS/2 port, while (of course) recording the keys pressed.
In this way, even if it's discovered by anybody, it should be confused with a normal PS/2 Adapter.
That's the final result:

It need just a few component (SOIC PIC and EEPROM can be freely ordered as a sample from http://www.microchip.com/samples/ ):
-PIC 12F1822  (SOIC Version)
-EEPROM 24XX1025 (Any 1Mb version will be ok)  (SOIC Version)
-2 * 4k7 Resistor 1/8 W (Or any resistor of the same value as small as you can solder in the adaptor)
-Pickit 2 / 3 (For programming the pic and reading the eeprom)
-An USB to PS/2 Adapter that can be opened.

And, very important:
-A GOOD solder and VERY GOOD soldering abilities.

Let's Start.

EDIT (in reply to comments):
Some weeks ago, a friend of mine asked me to help him, cause his computer seamed blocked, indeed, he couldn't either type his password to login with his account..
I know that he is almost a novice and couldn't just change the keyboard instead of asking me help, anyway, i changed his keyboard, but I wanted to know why it wasn't working, I tried it on another computer without any result, except that the keyboard's leds blinked, so, I wanted to go deeper; I take a Logic Analyzer and i have analyzed the PS/2 protocol, I have discovered that the keyboard was switching off whenever the PC sends 0xFF (Reset) command.. I then solved it simply replacing a capacitor that has blown up.

This is WHY I build it (for any similar case), I'm NOT responsible of ANY aim you use this Keylogger.
Illegal is the WAY you use a Keylogger, not the Keylogger by itself.
I didn't want to make anything "immoral" or "illegal"

Regards,
Jamby

Step 1: Circuit

This is the complete circuit of the Keylogger, it can seems complex, but in real, it isn't.. we'll see why..
It is divided into two "zones":
One is the Adapter, which connect GND and VCC pin of PS/2 connector with their respective pins on the USB Connector and CLK and DAT pin to, respectively, D+ and D- pins.
The other zone is composed by the PIC and the EEPROM (and the I2C required pull-up resistors). The PIC take care of detecting incoming Data from PS/2, decode, and then writing it to the EEPROM.

Step 2: Open Up

Open up your USB to PS/2 Adapter, it should look like this.
It simply connect pins from USB female to the PS/2 male connector.
All the wires are glued together with some kind of silicone or something similar, so you have to carefully remove that with a diagonal pliers or anything similar.
You should remain with the separated Female USB and the Male PS/2 connector and the plastic holder.

Step 3: Solder First "Zone"

This shouldn't be too hard, just join:
VCC -> VCC
GND-> GND
D+    -> CLK
D-     -> DAT

See here  for USB Pinout.
See here  for PS/2 Pinout

It will look like this:

Step 4: Solder PIC and Program It

You need to temporarily solder your PIC onto a small piece of surface-mount board or by solder a wire to each pin, one by one.
No matter which way you have chosen, you need to be able to connect your PIC to Pickit 2 or any other PIC programmers that support PIC 12F1822.
I've written the code using PCW from CCS, so, if you want to modify the code, feel free to modify or distribute it as you wish, just mention this guide if you want to redistribute it :)
I've attached also the .hex if you want to simply copy what I've done :)
I don't i enter into details of programming, because I expect that you already know how to do that.

Step 5: Solder PIC and EEPROM

Here the bad step.
Here you need to take all you soldering abilities to correctly solder the PIC with the EEPROM, and the two Pull-Up resistors..
It's REALLY not so easy, so, if you aren't an expert of soldering, I advice you to leave this project, or to ask a friend of you to make that for you.. 
After some days of working, this is my result:

Step 6: Read EEPROM After Logged

After the soldering process and re-assemble you Keylogger, you should connect to the keyboard that you want to log and wait for the information, "legal" data, or anything you want to get from this Keylogger..
Then, unplug the Keylogger and re-plug the keyboard ;)
Now, you have to read from the eeprom, so, If you have soldered also the SDA and SCL pin to the two N/C pin of PS/2 (like it was on the circuit) you can now build a simple converter from PS/2 to ICSP connector of your EEPROM-reader (In my case, Pickit 2).
See the documentation of your programmer to see exactly how to build it.
Mine, look like this.
After read the eeprom memory, you should save it to a file for better usage. You can do this with a simple Hex Viewer.
Remember that the data collected from PIC are pure "keyboard scancodes", so you need to convert to a readable version.
You can do this by hand, basing your conversion process to this link .
Another way is to use my homemade program, made for make this process easier.
I've attached it, but BE AWARE, IT'S A ALPHA VERSION, it's FULL of bug and REALLY not optimized.
By the way, it make his work quite well..
It's an Italian Version 'cause I'm Italian ;)

Step 7: Conclusion

Here we are. 
I don't know how many will have the bad idea of make this Keylogger, but, if you really want an homemade (and almost free) solution to log a keyboard, this is what you're searching!
Feel free to comment and ask question about this project :)
Here's a summary video of this project:

Share

    Recommendations

    • Spotless Contest

      Spotless Contest
    • Space Challenge

      Space Challenge
    • Trash to Treasure

      Trash to Treasure
    user

    We have a be nice policy.
    Please be positive and constructive.

    Tips

    Questions

    128 Comments

    One great use for a hardware Key logger is for additional backup during a big writing project. Can save a lot of time after a big crash.

    Wow. Controversy! ;P

    I'm not a paranoid crazy who wants to ban kitchen knives and prescription drugs. I'm even fine with jump ropes and aspirin.

    I realize there are legitimate uses for such technology, but some (employee/child monitoring, etc.) do not require any covert operation, and therefore can simply be done using software... and others (police use, etc.) would have their official ways of doing such things, and wouldn't be looking around the internet for a solution to their problem.

    I'm not entirely sure why people are giving reasons for legitimacy including things like "making sure my children's internet browsing is safe", or "emergency back up of your work in case of hardware failure". These things can be done very easily with numerous software suites out there. A keylogger is to log a computer's activity, and not much else. Software on the other hand, can backup files, stop a user browsing unwanted sites, and all number of things - none of which require any secrecy or underhandedness in any way.

    And the "it's only illegal if you don't ask the victim's permission" makes no sense. The whole point of making this kind of hardware is to log secretly, with the victim being any the wiser.

    I think we all know this kind of tech is used for illegal acts far more often than legal ones. Whilst the people commenting on this item may not be interested in it for hacking/cracking purposes, there's a lot of people out there who would use it that way.

    Which brings me onto "freedom of speech". People have commented that it's like going onto a gun forum and telling the people on there to not post stuff on guns, which is an interesting point. However, if someone posted a "how-to" on building your own bomb, how would you react? Whilst bombs may be used to stop terrorism, or save lives in some way, there are lots of people out there wanting to just make bombs. And kill people. Innocent people. If someone has a legitimate use for a bomb, then they would presumably be in the army, etc., and so have authorization to use such things. People looking on the internet for ways to make bombs aren't going to be making them for the army. They're going to be making it for themselves - to use it for their ends, which is usually not a good thing.

    Now a keylogger isn't a bomb. I am aware of this. But I hope you can see the parellels. People looking online for how to make a keylogger aren't usually going to be the kind-hearted concerned about a friend type. They're the hackers and crackers who want to steal your information, passwords, etc., or to hack into your system.

    Let's go back to the guns analogy for a moment. Gun sales and distribution is heavily regulated and monitored. Anyone who wants to carry a gun must be certified and each gun they purchase must be registered to the owner. If someone put up a "how to make your own 9mm hand gun" on instructables, then this system would be completely disrupted. Anyone could make their own gun, and therefore, anyone, no matter how trustworthy or mature, would be able to fire a weapon at whatever the like, whenever they like. "But it's freedom of speech. It's the usage of it that's illegal." I'm fairly sure the police would disagree.

    For these reasons, it's not a good idea to post things of this nature on the internet. If you have a case for legitimately monitoring a PC's activity, then look into the wide array of other, less dubious options, or if it's serious, talk to the police or someone of authority abot it. I'm sure you can find another option.

    Some weeks ago, a friend of mine asked me to help him, cause his computer seamed blocked, indeed, he couldn't either type his password to login with his account..
    I know that he is almost a novice and couldn't just change the keyboard instead of asking me help, anyway, i changed his keyboard, but I wanted to know why it wasn't working, I tried it on another computer without any result, except that the keyboard's leds blinked, so, I wanted to go deeper; I take a Logic Analyzer and i have analyzed the PS/2 protocol, I have discovered that the keyboard was switching off whenever the PC sends 0xFF (Reset) command.. I then solved it simply replacing a capacitor that has blown up.

    This is WHY I build it (for any similar case), I'm NOT responsible of ANY aim you use this Keylogger.
    Illegal is the WAY you use a Keylogger, not the Keylogger by itself.
    I didn't want to make anything "immoral" or "illegal"

    Regards,
    Jamby

    Hi! If I build this and then get a PS/2 to USB adapter, so that i can connect a USB keyboard to the keylogger, keylogger to adapter, adapter to USB port, would it still work?

    can this be made with a usb connector?

    bro how to make usb to usb hardware keylogger . because i want to spy my sis computer which uses usb keyboard

    THANKS! I made it! But seriously, did you need to get the chips as a free sample? The PIC is £0.81 on RS (free delivery) :D

    Can I use a PIC12F508?

    I don't have big knowledge about PIC12F508, but at first sight it lacks an I2C interface and the LtoH/HtoL interrupts that are used in this project. You could write your own procedure to communicate with the EEPROM with software implementation of I2C or other sort of communication but you should be very careful since it will require lot of precision due to the internal oscillator (I don't even think that the internal 4Mhz oscillator can handle I2C properly); the same is for LtoH/HtoL interrupts, you could check the values in a periodic timer but you will probably lose some bits if not calibrated correctly with the speed of the PS2 protocol.
    So the final answer is "maybe, but it will require for sure some work to adapt this solution".

    I like the idea but how would the chip fit into the ps/2 adaptor.

    And how would you read the keys pressed after the key logger is dine