1
00:00:00,690 --> 00:00:06,960
So in this video we are in the keylogger functionality promising to clean before but maybe running the

2
00:00:07,140 --> 00:00:08,490
python plugin code.

3
00:00:08,820 --> 00:00:11,700
So I have already written this one, so don't worry.

4
00:00:11,700 --> 00:00:14,340
We'll be writing again in our client.

5
00:00:15,390 --> 00:00:18,020
So we'll be using the module companion.

6
00:00:18,060 --> 00:00:21,030
But it does not come before the python.

7
00:00:21,030 --> 00:00:24,600
By this you need to start from pooping, start by input.

8
00:00:25,080 --> 00:00:31,270
So this should do fine when installing this module on the victim machine.

9
00:00:31,300 --> 00:00:39,720
If pain is not the so we can show it using, we can send the company start by input from our server

10
00:00:39,720 --> 00:00:48,300
and clean will get that command executable and will be starting software installation.

11
00:00:48,660 --> 00:00:54,360
We can import the key and not from the cable we should.

12
00:00:54,690 --> 00:01:03,360
That is the resonator function and this function goes on and whenever there is an event that is like

13
00:01:03,360 --> 00:01:04,290
a key pressing.

14
00:01:04,890 --> 00:01:11,370
If you press any key on the keyboard, the function corresponding to this on press gets executed.

15
00:01:11,730 --> 00:01:17,000
And when you release the key, the function corresponding to this under is gets executed.

16
00:01:17,340 --> 00:01:26,970
So whenever I press the key, we can see here the key is the variable as possible in the press function.

17
00:01:27,300 --> 00:01:33,960
And this key can be you can write it in the red flag, dirty exterior condition, abandon this input

18
00:01:34,410 --> 00:01:34,800
any of.

19
00:01:35,400 --> 00:01:39,750
So let's go and run this and then we can see this in my trading.

20
00:01:40,170 --> 00:01:45,660
Generally, if you write a single programmer with this keylogger, we need to use the ledger in.

21
00:01:47,100 --> 00:01:53,850
But here we were using we were creating a thread for this kind of function and it may be starting for

22
00:01:53,850 --> 00:01:54,150
the key.

23
00:01:54,480 --> 00:02:07,830
And you can see in the background, let's go over and over and over that the trade logs are these keystrokes.

24
00:02:08,220 --> 00:02:12,580
And at the same time you can see here the main thread is waiting for the user input.

25
00:02:12,950 --> 00:02:20,370
Red circled whenever I see it and we can see all of the keys I have printed, including from our bring

26
00:02:20,390 --> 00:02:20,580
them.

27
00:02:22,170 --> 00:02:28,230
So you can see this is a very nice printer, so we'll be implementing this one.

28
00:02:41,360 --> 00:02:43,910
So we need to import enough clean.

29
00:02:55,700 --> 00:02:59,200
So first we need to decide which commands will activate the key.

30
00:02:59,840 --> 00:03:06,200
So what we're going to do is we're going to see a live command input after the index.

31
00:03:06,200 --> 00:03:08,720
That is the input, the interface.

32
00:03:10,950 --> 00:03:17,340
The question is equal to the letter he dug on, so they should start.

33
00:03:17,340 --> 00:03:18,600
But he's not good on that.

34
00:03:19,800 --> 00:03:21,180
So be sending this.

35
00:03:26,170 --> 00:03:31,090
So we need to send this broadband connection, not send, must come and then go.

36
00:03:32,140 --> 00:03:35,950
And in the end say let's go and call the keylogger.

37
00:03:37,960 --> 00:03:45,340
So before that, copying the entire message to this phone, I say before we are going to spread the

38
00:03:45,340 --> 00:03:51,520
command so the message contents can log on and we can return normal.

39
00:03:51,520 --> 00:03:58,010
And if my standard of zero is recourses equals to keylogger.

40
00:03:58,030 --> 00:04:03,640
So that means we have received the command from the server stating that I should start the pivot.

41
00:04:04,570 --> 00:04:11,020
So we're going to be run as equals to creating the.

42
00:04:14,160 --> 00:04:14,850
Brad Duff.

43
00:04:16,110 --> 00:04:18,320
Target is a letter killer.

44
00:04:20,760 --> 00:04:22,380
And then 31 did start.

45
00:04:25,220 --> 00:04:29,600
So we need to define the function that is in a defined key role.

46
00:04:33,860 --> 00:04:38,900
And here we can say medical school is not off on purpose.

47
00:04:40,070 --> 00:04:51,200
Whenever the user presses any key, we dedicate a function press release list and we can say Let's start.

48
00:04:51,440 --> 00:04:53,000
So that is not dead started.

49
00:04:53,600 --> 00:04:55,400
You need to find other functions.

50
00:04:55,700 --> 00:04:57,180
Those are preserved and resist.

51
00:04:57,560 --> 00:05:06,570
So what action we need to perform whenever the key is pressing press sort of key so we can say, well,

52
00:05:06,800 --> 00:05:11,720
we can define in here keys to check our keys.

53
00:05:14,570 --> 00:05:22,370
And we should declare this as global and global markets.

54
00:05:23,120 --> 00:05:28,870
Now, these are things that happened last spring off key.

55
00:05:28,880 --> 00:05:32,600
So we took this one in the spring and we are running the.

56
00:05:39,050 --> 00:05:41,930
And their function remains sort of key.

57
00:05:41,930 --> 00:05:44,270
So we are not creating anything in this function.

58
00:05:44,270 --> 00:05:45,410
We can just say pass.

59
00:05:51,640 --> 00:05:53,650
So the trend has been started.

60
00:05:53,880 --> 00:06:01,660
Now what we can do is we can send a message to key logging has started something like this.

61
00:06:02,020 --> 00:06:04,580
So we're going to send the message then.

62
00:06:06,370 --> 00:06:13,120
Now, this message should be received by our client to say, I'm going to message the request to connection.

63
00:06:13,120 --> 00:06:17,560
Log in 02048 bytes.

64
00:06:20,140 --> 00:06:20,970
Not bigger.

65
00:06:21,370 --> 00:06:28,130
So we are the with the message and we know we should share common output of trade index.

66
00:06:28,130 --> 00:06:31,330
So we are updating now the question message.

67
00:06:32,170 --> 00:06:36,970
So this will be showing in the web interface.

68
00:06:40,350 --> 00:06:42,330
So that is about this one.

69
00:06:42,540 --> 00:06:44,790
Now, after updating the message.

70
00:06:51,360 --> 00:06:52,110
Let's.

71
00:06:54,670 --> 00:06:55,530
We need to.

72
00:06:56,410 --> 00:06:56,800
Okay.

73
00:06:56,800 --> 00:07:00,790
We need to make been put together in the spring.

74
00:07:00,820 --> 00:07:01,930
So let's go and do this.

75
00:07:03,070 --> 00:07:04,180
I am for that one.

76
00:07:13,820 --> 00:07:24,110
Now we need to write another function that is on the record, that is if the input is is given off.

77
00:07:24,140 --> 00:07:30,530
So that means we are tending of the we are stopping the keylogger and this time we will receive the

78
00:07:30,650 --> 00:07:33,770
output of our that is a provider user.

79
00:07:34,460 --> 00:07:42,110
So we can say we can go with this one connection, that's enough.

80
00:07:44,660 --> 00:07:47,660
So I'm presenting that during off the record.

81
00:07:49,280 --> 00:07:54,320
So I'm presenting this to again, going to the receiving model.

82
00:08:08,270 --> 00:08:13,130
Now we have to see what the key run off come in from the server.

83
00:08:13,260 --> 00:08:18,950
Now, this time, we need to stop this spread, and we need to send out this way.

84
00:08:20,150 --> 00:08:21,410
So let's go and do this.

85
00:08:21,860 --> 00:08:25,220
Now, to start the trading again, simplicity on that joint.

86
00:08:25,310 --> 00:08:27,380
So they should stop the trade.

87
00:08:29,300 --> 00:08:31,250
And we are the.

88
00:08:34,240 --> 00:08:39,200
We are diligently to global artists.

89
00:08:42,320 --> 00:08:46,560
And we can says he is not enough off our keys.

90
00:08:46,980 --> 00:08:47,810
Not ankle.

91
00:08:51,230 --> 00:08:55,310
And not presenting that morning in and receiving more.

92
00:09:00,720 --> 00:09:02,010
Mary Kennedy's in recovery.

93
00:09:02,010 --> 00:09:06,510
This one just receiving the message.

94
00:09:09,020 --> 00:09:13,310
And updating this command output of threat index.

95
00:09:14,540 --> 00:09:15,950
So let's go ahead and run this one.

96
00:10:39,760 --> 00:10:41,540
Now let's keep on.

97
00:10:43,340 --> 00:10:43,540
So.

98
00:10:44,890 --> 00:10:46,180
So we got there.

99
00:10:46,840 --> 00:10:48,400
So trading is not defined.

100
00:10:51,440 --> 00:10:52,280
Sorry for that.

101
00:11:16,640 --> 00:11:16,850
Now.

102
00:11:16,850 --> 00:11:21,500
Let's go and buy some words.

103
00:11:33,860 --> 00:11:36,020
This project has been called.

104
00:11:50,620 --> 00:11:50,890
Okay.

105
00:11:51,140 --> 00:11:54,760
What we're going to do is we're going to make this as a spring.

106
00:12:03,850 --> 00:12:05,380
And our kids go to school.

107
00:12:05,500 --> 00:12:06,610
We are an industry.

108
00:12:10,160 --> 00:12:13,220
Now after sending the message we need to.

109
00:12:14,120 --> 00:12:17,390
Are our kids close to ambush to.

110
00:12:24,410 --> 00:12:27,230
So it's like flashing dashboard keys.

111
00:12:48,470 --> 00:12:49,800
I know you can see me.

112
00:12:49,820 --> 00:12:50,640
Got the keys.

113
00:12:51,920 --> 00:12:54,650
Now, let's also try again to run.

114
00:13:03,180 --> 00:13:07,140
And now we can see we get the latest book by working.

115
00:13:12,480 --> 00:13:16,080
And we can see there are some those are reporting.

116
00:13:16,080 --> 00:13:17,370
So it's going to start.

117
00:13:17,910 --> 00:13:19,380
I don't know why they are repeating.

118
00:14:43,020 --> 00:14:44,790
So it's a weird line.

119
00:14:45,300 --> 00:14:52,240
I don't know why we are getting repeated once, so let's stop this horror.

120
00:15:03,780 --> 00:15:05,240
It's a global one.

121
00:15:39,590 --> 00:15:40,700
Let's go and run this.

122
00:16:52,440 --> 00:16:55,200
So I have successfully fix a big problem.

123
00:16:55,410 --> 00:17:04,840
So the problem is here so whenever that starting simply be when they join the is not causing the spread

124
00:17:04,860 --> 00:17:11,480
because that is already one as the data has been started to, but it is not before starting over.

125
00:17:12,090 --> 00:17:12,810
So that's right.

126
00:17:13,230 --> 00:17:16,060
The simple modification is for this electrical.

127
00:17:16,350 --> 00:17:17,490
So this should be fine.

128
00:17:18,900 --> 00:17:22,380
So let's go and run our server.

129
00:17:30,410 --> 00:17:32,360
And that's going on.

130
00:17:33,950 --> 00:17:37,580
And now they're saying A, B, C, D, and then cooling off.

131
00:17:38,870 --> 00:17:43,700
And again, C, obviously not at school and looking around again.

132
00:17:47,550 --> 00:17:47,660
Now.

133
00:17:47,870 --> 00:17:54,590
This time the previous thread has been successfully sponsored and now you submit this and you can see

134
00:17:54,590 --> 00:17:54,610
it.

135
00:17:54,640 --> 00:17:57,630
We only get this one point spread on that.

136
00:17:58,900 --> 00:18:02,340
So, uh, that's all you need to do.

137
00:18:03,640 --> 00:18:10,590
You can also put something like this, uh, key logging, underscore more.

138
00:18:10,600 --> 00:18:12,520
So this is just simply a flag.

139
00:18:14,190 --> 00:18:18,190
Uh, it indicates whether we are in the training mode or not.

140
00:18:19,060 --> 00:18:25,150
So, whereas if you're being killed and lost without typing that you don't run first, then you might

141
00:18:25,150 --> 00:18:26,130
get some errors.

142
00:18:26,500 --> 00:18:28,210
So that's why I write this address.

143
00:18:28,780 --> 00:18:34,090
Uh, would be using this flag killing underscore moment.

144
00:18:36,040 --> 00:18:42,520
Now, what we're going to do is whenever we are starting this one, we are going to share that.

145
00:18:45,050 --> 00:18:46,850
You are getting more dizzy cause to run.

146
00:18:47,150 --> 00:18:50,720
So that means that more has been started.

147
00:18:52,160 --> 00:18:56,240
And we can say you are getting more easy questions equals to one.

148
00:18:56,780 --> 00:19:00,470
Then generally we are going to stop this.

149
00:19:02,450 --> 00:19:09,030
That means this indicates that there is a thread running the brain, but it is another.

150
00:19:09,050 --> 00:19:10,370
And we can stop that.

151
00:19:10,370 --> 00:19:18,470
And we can also stop the trend if it is more questions because zero know.

152
00:19:18,470 --> 00:19:24,750
So that means there is no trend reasoning further keystrokes than what we can be used against.

153
00:19:24,750 --> 00:19:27,560
The message key logging

154
00:19:31,010 --> 00:19:33,440
should be started first.

155
00:19:33,590 --> 00:19:35,450
So this should be the message.

156
00:19:41,120 --> 00:19:47,570
So we can send that to the server and we can proceed for the next comment.

157
00:19:48,950 --> 00:19:50,510
Now let's go and run this one.

158
00:19:53,480 --> 00:19:55,400
No, that's a.p on our first.

159
00:19:56,480 --> 00:19:58,820
And if you send me this, you should get that clear again.

160
00:19:58,820 --> 00:19:59,600
You should be able.

161
00:20:09,370 --> 00:20:09,530
Can.

162
00:20:09,840 --> 00:20:11,040
We got some ideas?

163
00:21:03,330 --> 00:21:03,980
I'm sorry.

164
00:21:03,990 --> 00:21:05,220
We need to take this one.

165
00:21:05,340 --> 00:21:06,970
We're not sending our kids.

166
00:21:06,990 --> 00:21:08,190
We are sending a message.

167
00:21:10,230 --> 00:21:11,040
Sorry, Father.

168
00:21:13,830 --> 00:21:21,650
So you do observe what we are copying and pasting and giving each of those targets?

169
00:21:22,320 --> 00:21:22,950
No one.

170
00:21:27,930 --> 00:21:28,500
And give a.

171
00:21:29,970 --> 00:21:33,840
And you can see the output.

172
00:21:34,020 --> 00:21:36,360
And again one now this time.

173
00:21:38,890 --> 00:21:39,400
This time.

174
00:21:39,490 --> 00:21:48,760
It's a busy day and we should get only the single and a census of each other.

175
00:21:49,870 --> 00:21:51,640
Yes, you can see they're busy.

176
00:21:52,480 --> 00:21:57,320
So this is how you do the Mardi Gras.

177
00:21:57,900 --> 00:22:01,270
It can also be this one pinched by pay and put.

178
00:22:01,930 --> 00:22:03,070
This should work fine.

179
00:22:08,390 --> 00:22:09,810
They've got some real.

180
00:22:56,550 --> 00:22:57,420
And what you see.

181
00:22:57,690 --> 00:23:00,390
So it sometimes happens.

182
00:23:00,630 --> 00:23:04,650
So that's where the, uh, the thing that we've.

183
00:23:05,160 --> 00:23:12,360
Uh, is very, you know, and in, in this meantime, the client is decoding the people and we are asking

184
00:23:12,360 --> 00:23:14,880
for the, uh, this recorded index.

185
00:23:14,880 --> 00:23:16,200
So that's why we get there.

186
00:23:16,470 --> 00:23:21,840
Now, if you want to execute some commands that take some time.

187
00:23:22,020 --> 00:23:26,160
So we need to increase this by three other areas for normal comments.

188
00:23:26,460 --> 00:23:27,720
Uh, they should define.