Introduction: How to Build Your Own USB Keylogger
Cause I've searched a lot for a project like this, and I haven't find anything around the Web, I would share my experience of my personal USB Keylogger.
It's not really a pure "USB" Keylogger (cause USB HID protocol is much more difficult than PS/2 protocol), but it adapt an USB Keyboard to PS/2 port, while (of course) recording the keys pressed.
In this way, even if it's discovered by anybody, it should be confused with a normal PS/2 Adapter.
That's the final result:
It need just a few component (SOIC PIC and EEPROM can be freely ordered as a sample from http://www.microchip.com/samples/ ):
-PIC 12F1822 (SOIC Version)
-EEPROM 24XX1025 (Any 1Mb version will be ok) (SOIC Version)
-2 * 4k7 Resistor 1/8 W (Or any resistor of the same value as small as you can solder in the adaptor)
-Pickit 2 / 3 (For programming the pic and reading the eeprom)
-An USB to PS/2 Adapter that can be opened.
And, very important:
-A GOOD solder and VERY GOOD soldering abilities.
EDIT (in reply to comments):
Some weeks ago, a friend of mine asked me to help him, cause his computer seamed blocked, indeed, he couldn't either type his password to login with his account..
I know that he is almost a novice and couldn't just change the keyboard instead of asking me help, anyway, i changed his keyboard, but I wanted to know why it wasn't working, I tried it on another computer without any result, except that the keyboard's leds blinked, so, I wanted to go deeper; I take a Logic Analyzer and i have analyzed the PS/2 protocol, I have discovered that the keyboard was switching off whenever the PC sends 0xFF (Reset) command.. I then solved it simply replacing a capacitor that has blown up.
This is WHY I build it (for any similar case), I'm NOT responsible of ANY aim you use this Keylogger.
Illegal is the WAY you use a Keylogger, not the Keylogger by itself.
I didn't want to make anything "immoral" or "illegal"
Step 1: Circuit
This is the complete circuit of the Keylogger, it can seems complex, but in real, it isn't.. we'll see why..
It is divided into two "zones":
One is the Adapter, which connect GND and VCC pin of PS/2 connector with their respective pins on the USB Connector and CLK and DAT pin to, respectively, D+ and D- pins.
The other zone is composed by the PIC and the EEPROM (and the I2C required pull-up resistors). The PIC take care of detecting incoming Data from PS/2, decode, and then writing it to the EEPROM.
Step 2: Open Up
Open up your USB to PS/2 Adapter, it should look like this.
It simply connect pins from USB female to the PS/2 male connector.
All the wires are glued together with some kind of silicone or something similar, so you have to carefully remove that with a diagonal pliers or anything similar.
You should remain with the separated Female USB and the Male PS/2 connector and the plastic holder.
Step 3: Solder First "Zone"
Step 4: Solder PIC and Program It
You need to temporarily solder your PIC onto a small piece of surface-mount board or by solder a wire to each pin, one by one.
No matter which way you have chosen, you need to be able to connect your PIC to Pickit 2 or any other PIC programmers that support PIC 12F1822.
I've written the code using PCW from CCS, so, if you want to modify the code, feel free to modify or distribute it as you wish, just mention this guide if you want to redistribute it :)
I've attached also the .hex if you want to simply copy what I've done :)
I don't i enter into details of programming, because I expect that you already know how to do that.
Step 5: Solder PIC and EEPROM
Here the bad step.
Here you need to take all you soldering abilities to correctly solder the PIC with the EEPROM, and the two Pull-Up resistors..
It's REALLY not so easy, so, if you aren't an expert of soldering, I advice you to leave this project, or to ask a friend of you to make that for you..
After some days of working, this is my result:
Step 6: Read EEPROM After Logged
After the soldering process and re-assemble you Keylogger, you should connect to the keyboard that you want to log and wait for the information, "legal" data, or anything you want to get from this Keylogger..
Then, unplug the Keylogger and re-plug the keyboard ;)
Now, you have to read from the eeprom, so, If you have soldered also the SDA and SCL pin to the two N/C pin of PS/2 (like it was on the circuit) you can now build a simple converter from PS/2 to ICSP connector of your EEPROM-reader (In my case, Pickit 2).
See the documentation of your programmer to see exactly how to build it.
Mine, look like this.
After read the eeprom memory, you should save it to a file for better usage. You can do this with a simple Hex Viewer.
Remember that the data collected from PIC are pure "keyboard scancodes", so you need to convert to a readable version.
You can do this by hand, basing your conversion process to this link .
Another way is to use my homemade program, made for make this process easier.
I've attached it, but BE AWARE, IT'S A ALPHA VERSION, it's FULL of bug and REALLY not optimized.
By the way, it make his work quite well..
It's an Italian Version 'cause I'm Italian ;)
Step 7: Conclusion
I don't know how many will have the bad idea of make this Keylogger, but, if you really want an homemade (and almost free) solution to log a keyboard, this is what you're searching!
Feel free to comment and ask question about this project :)
Here's a summary video of this project: