November 26, 2011 at 11:57

X Neural Switcher - The Cookbook (Part 3). Keylogger

    imageGreetings.

    Today, continuing a series of articles about setting up and using X Neural Switcher (a program for automatically switching layouts), I will tell you about one important and even controversial feature of the program.

    This feature is the ability to write typed text to a log file .

    A brief analysis of keylogers for linux I gave in the previous article of the X Neural Switcher cycle - Cookbook (Part 1). Forerunners and analogues

    In general, I’ll scoff if I say that I didn’t think of introducing such functionality into the program from the very beginning. Punto Switcher already had a keylogger functionality called "Diary", so why should xneur be deprived of such a function? And it’s stupid not to do such a simple thing in a program that is designed to intercept a keyboard, after all!

    From personal experience I’ll say that I never thought that the keylogger’s functionality could be useful to me personally. And this option was turned on in my config because of forgetfulness - it remained after testing the program. However, at one far from perfect moment, this function allowed me to expose one bad person who used my computer to discredit me. So it turned out that you never know where to "lay straws."

    Attention! X Neural Switcher is not a spyware program, and is not intended for unauthorized use (theft of information, access to other people's correspondence, theft of passwords, etc.)!



    Purpose of use as a keylogger


    In general, the purpose of the application does not shine with originality, and are quite standard for programs of the "keylogger" class.
    • track the typing on the keyboard of phrases or words, the transfer of which to third parties will lead to material or moral damage
    • recover information after a computer crash
    • have a typing log for all programs, and not just those supporting typing history
    • to control the use of a personal computer by unauthorized persons
    Of course, this list is not complete, and you yourself can come up with a dozen more options for what to use a keylogger for.

    General Logging Capabilities


    At the moment, the program has the following features:
    • save the text typed on the keyboard into an html file indicating the program in which it was typed and indicating the date and time of writing to the log
    • determine the size of the uncompressed log file, beyond which the log will be archived
    • send a log archive to the specified email through the SMTP server (the server must be without authorization)
    Yes, xneur does not know how to take screenshots, intercept mail, record video from a camera and sound from a microphone, rob robbers and call a genie. Well, what can I do, xneur is not for that!

    Program Options for Logging


    Below I will give the configuration file options that are directly responsible for the keylogger function.
    • LogSave - can be either Yes or No. If No, then the other options do not matter.
    • LogSize - accepts the size of the log file in bytes. After reaching this size, the program will archive the magazine and try to send it to the email.
    • LogMail - here you specify the mail address to which the log archive will be sent. If the address is not specified, then an attempt to send will not occur.
    • LogHostIP - specify the smtp server of outgoing mail. This server will send. The argument can be either IP or the domain name of the server.
    • LogPort - port on smtp-server.
    In general, the list of options is short and should not cause confusion.

    Configuration file example


    Next, I will give a specific configuration file in which all options that are not related to the keylogger are disabled.

    The automatic switching mode is disabled, all hot keys are disabled, all notification about the program’s operation is disabled, problematic applications are included in the exclusion list - in general, everything that does not apply to the keylogger is disabled.

    In the ideal case, the program will not show its presence in any way, and will only write a journal and send it to e-mail. Significant options are shown in bold.

    # It's a X Neural Switcher configuration file by XNeur
# All values writted XNeur
# Config version
Version 0.15.0
# Work in manual mode
ManualMode Yes
# Level of messages program will write to output
#LogLevel Error
#LogLevel Warning
#LogLevel Log
#LogLevel Debug
#LogLevel Trace
LogLevel Error
# Define unused languages
# Example:
#ExcludeLanguage de
# Define initial keyboard layout for all new applications
DefaultXkbGroup 0
# Add Applications names to exclude it from procces with xneur
# Xneur will not process the input for this applications
# Example:
#ExcludeApp Gaim
ExcludeApp Krdc
ExcludeApp Remmina
ExcludeApp Unity-2d-launcher
ExcludeApp Unity-2d-places
ExcludeApp VirtualBox
ExcludeApp Wine
ExcludeApp rdesktop
# Use this parameter to force set work mode in current application to Auto.
# Example:
#SetAutoApp Gedit
# Use this parameter to force set work mode in current application to Manual.
# Example:
#SetManualApp Anjuta
# Binds hotkeys for some actions
AddBind ChangeWord 
AddBind TranslitWord 
AddBind ChangecaseWord 
AddBind PreviewChangeWord 
AddBind ChangeString 
AddBind ChangeMode 
AddBind ChangeSelected 
AddBind TranslitSelected 
AddBind ChangecaseSelected 
AddBind PreviewChangeSelected 
AddBind ChangeClipboard 
AddBind TranslitClipboard 
AddBind ChangecaseClipboard 
AddBind PreviewChangeClipboard 
AddBind EnableLayout1 
AddBind EnableLayout2 
AddBind EnableLayout3 
AddBind EnableLayout4 
AddBind RotateLayout 
AddBind RotateLayoutBack 
AddBind ReplaceAbbreviation 
AddBind AutocompletionConfirmation 
AddBind BlockKeyboardAndMouseEvents 
AddBind InsertDate 
# This option add user action when pressed key bind
# Example:
#AddAction Control Alt f Firefox Browser firefox
# Word Replacing
# Ignore keyboard layout for abbreviations list
# Example:
#ReplaceAbbreviationIgnoreLayout No
ReplaceAbbreviationIgnoreLayout No
# Abbreviations list
# Example:
#ReplaceAbbreviation xneur X Neural Switcher
# This option enable or disable sound playing
# Example:
#PlaySounds No
PlaySounds No
# This option defined sound playing volume percent
# Example:
#SoundVolumePercent 10
SoundVolumePercent 15
# Binds sounds for some actions
AddSound XneurStart 
AddSound XneurReload 
AddSound XneurStop 
AddSound PressKeyLayout1 
AddSound PressKeyLayout2 
AddSound PressKeyLayout3 
AddSound PressKeyLayout4 
AddSound EnableLayout1 
AddSound EnableLayout2 
AddSound EnableLayout3 
AddSound EnableLayout4 
AddSound AutomaticChangeWord 
AddSound ManualChangeWord 
AddSound ManualTranslitWord 
AddSound ManualChangecaseWord 
AddSound ManualPreviewChangeWord 
AddSound ChangeString 
AddSound ChangeSelected 
AddSound TranslitSelected 
AddSound ChangecaseSelected 
AddSound PreviewChangeSelected 
AddSound ChangeClipboard 
AddSound TranslitClipboard 
AddSound ChangecaseClipboard 
AddSound PreviewChangeClipboard 
AddSound ReplaceAbbreviation 
AddSound CorrectIncidentalCaps 
AddSound CorrectTwoCapitalLetter 
AddSound CorrectTwoSpaceWithCommaAndSpace 
AddSound CorrectTwoMinusWithDash 
AddSound CorrectCWithCopyright 
AddSound CorrectTMWithTrademark 
AddSound CorrectRWithRegistered 
AddSound ExecuteUserAction 
AddSound BlockKeyboardAndMouseEvents 
AddSound UnblockKeyboardAndMouseEvents 
# This option enable or disable self education of xneur
# Example:
#EducationMode No
EducationMode No
# This option enable or disable layout remember for each window
# Example:
#LayoutRememberMode No
LayoutRememberMode No
# Use this parameter to force enable layout remember for each application, not window.
# Option "LayoutRememberMode" must be enabled.
# Example:
#LayoutRememberModeForApp Gaim
# This option enable or disable saving selection text
# Example:
#SaveSelectionMode No
SaveSelectionMode No
# This option enable or disable rotating layout after convert selected text
# Example:
#RotateLayoutAfterChangeSelectedMode No
RotateLayoutAfterChangeSelectedMode No
# This option define delay before sendind events to application (in milliseconds between 0 to 50).
SendDelay 0

    # This option enable or disable logging keyboard
# Example:
#LogSave No
LogSave Yes
# This option set max size of log file (bytes).
# Example:
#LogSize 1048576
LogSize 1048576
# This option define e-mail for send log file, if it's size greater then max size.
# Example:
#LogMail your.mail@your.server.com
LogMail example@xneur.ru
# This option define host to send e-mail without login and password.
# Example:
#LogHostIP 127.0.0.1
#LogHostIP mail.example.com
LogHostIP mail.example.com
# This option define port to send e-mail without login and password.
# Example:
#LogPort 25
LogPort 25
    # This option enable or disable correction of iNCIDENTAL CapsLock
# Example:
#CorrectIncidentalCaps Yes
CorrectIncidentalCaps No
# This option enable or disable correction of two CApital letter
# Example:
#CorrectTwoCapitalLetter Yes
CorrectTwoCapitalLetter No
# This option enable or disable correction of small letter to capital letter after dot
# Example:
#CorrectCapitalLetterAfterDot Yes
CorrectCapitalLetterAfterDot No
# This option enable or disable correction of two space with a comma and a space
# Example:
#CorrectTwoSpaceWithCommaAndSpace Yes
CorrectTwoSpaceWithCommaAndSpace No
# This option enable or disable correction of two minus with a dash
# Example:
#CorrectTwoMinusWithDash Yes
CorrectTwoMinusWithDash No
# This option enable or disable correction of (c) with a copyright sign
# Example:
#CorrectCWithCopyright Yes
CorrectCWithCopyright No
# This option enable or disable correction of (tm) with a trademark sign
# Example:
#CorrectTMWithTrademark Yes
CorrectTMWithTrademark No
# This option enable or disable correction of (r) with a registered sign
# Example:
#CorrectRWithRegistered Yes
CorrectRWithRegistered No
# This option enable or disable flushing internal buffer when pressed Escape
# Example:
#FlushBufferWhenPressEscape Yes
FlushBufferWhenPressEscape No
# This option enable or disable flushing internal buffer when pressed Enter or Tab
# Example:
#FlushBufferWhenPressEnter Yes
FlushBufferWhenPressEnter No
# This option disable or enable processing word when pressed Enter or Tab
# Example:
#DontProcessWhenPressEnter Yes
DontProcessWhenPressEnter No
# This option disable or enable show OSD
# Example:
#ShowOSD Yes
ShowOSD No
# This option set font for OSD
# Example:
#FontOSD -*-*-*-*-*-*-32-*-*-*-*-*-*-u
FontOSD -*-*-*-*-*-*-32-*-*-*-*-*-*-u
# Binds OSDs for some actions
AddOSD XneurStart
AddOSD XneurReload
AddOSD XneurStop
AddOSD PressKeyLayout1
AddOSD PressKeyLayout2
AddOSD PressKeyLayout3
AddOSD PressKeyLayout4
AddOSD EnableLayout1
AddOSD EnableLayout2
AddOSD EnableLayout3
AddOSD EnableLayout4
AddOSD AutomaticChangeWord
AddOSD ManualChangeWord
AddOSD ManualTranslitWord
AddOSD ManualChangecaseWord
AddOSD ManualPreviewChangeWord
AddOSD ChangeString
AddOSD ChangeSelected
AddOSD TranslitSelected
AddOSD ChangecaseSelected
AddOSD PreviewChangeSelected
AddOSD ChangeClipboard
AddOSD TranslitClipboard
AddOSD ChangecaseClipboard
AddOSD PreviewChangeClipboard
AddOSD ReplaceAbbreviation
AddOSD CorrectIncidentalCaps
AddOSD CorrectTwoCapitalLetter
AddOSD CorrectTwoSpaceWithCommaAndSpace
AddOSD CorrectTwoMinusWithDash
AddOSD CorrectCWithCopyright
AddOSD CorrectTMWithTrademark
AddOSD CorrectRWithRegistered
AddOSD ExecuteUserAction
AddOSD BlockKeyboardAndMouseEvents
AddOSD UnblockKeyboardAndMouseEvents
# This option disable or enable show popup messages
# Example:
#ShowPopup Yes
ShowPopup No
# This option defines popup expiration interval in milliseconds
# Example:
#PopupExpireTimeout 1000
PopupExpireTimeout 1000
# Binds popup messages for some actions
AddPopup XneurStart
AddPopup XneurReload
AddPopup XneurStop
AddPopup PressKeyLayout1
AddPopup PressKeyLayout2
AddPopup PressKeyLayout3
AddPopup PressKeyLayout4
AddPopup EnableLayout1
AddPopup EnableLayout2
AddPopup EnableLayout3
AddPopup EnableLayout4
AddPopup AutomaticChangeWord
AddPopup ManualChangeWord
AddPopup ManualTranslitWord
AddPopup ManualChangecaseWord
AddPopup ManualPreviewChangeWord
AddPopup ChangeString
AddPopup ChangeSelected
AddPopup TranslitSelected
AddPopup ChangecaseSelected
AddPopup PreviewChangeSelected
AddPopup ChangeClipboard
AddPopup TranslitClipboard
AddPopup ChangecaseClipboard
AddPopup PreviewChangeClipboard
AddPopup ReplaceAbbreviation
AddPopup CorrectIncidentalCaps
AddPopup CorrectTwoCapitalLetter
AddPopup CorrectTwoSpaceWithCommaAndSpace
AddPopup CorrectTwoMinusWithDash
AddPopup CorrectCWithCopyright
AddPopup CorrectTMWithTrademark
AddPopup CorrectRWithRegistered
AddPopup ExecuteUserAction
AddPopup BlockKeyboardAndMouseEvents
AddPopup UnblockKeyboardAndMouseEvents
# This option disable or enable checking language on input process
# Example:
#CheckOnProcess Yes
CheckOnProcess No
# This option disable or enable CapsLock use
# Example:
#DisableCapsLock Yes
DisableCapsLock No
# This option disable or enable correction spaces befor punctuation
# Example:
#CorrectSpaceWithPunctuation No
CorrectSpaceWithPunctuation No
# This option disable or enable pattern mining and recognition (autocompletion)
# Example:
#Autocompletion No
Autocompletion No
# This option disable or enable adding space after autocompletion
# Example:
#AddSpaceAfterAutocompletion No
AddSpaceAfterAutocompletion No
# Add Applications names to exclude it from autocompletion process
# Xneur will not process the autocompletion for this applications
# Example:
#AutocompletionExcludeApp Gnome-terminal
# Use next options for troubleshoot on autoswitching
# Disable autoswitching if pressed backspace
TroubleshootBackspace No
# Disable autoswitching if pressed left arrow
TroubleshootLeftArrow No
# Disable autoswitching if pressed right arrow
TroubleshootRightArrow No
# Disable autoswitching if pressed up arrow
TroubleshootUpArrow No
# Disable autoswitching if pressed down arrow
TroubleshootDownArrow No
# Disable autoswitching if pressed delete
TroubleshootDelete No
# Disable autoswitching if layout switched
TroubleshootSwitch No
# Disable autoswitching for full screen apps
TroubleshootFullScreen No
# Work-arround for compatibility with the completion
CompatibilityWithCompletion No
# Disabling this option will add any application to the list of excluded applications.
TrackingInput Yes
# Disabling this option will disable mouse tracking.
TrackingMouse No
# Disable send KeyRelease event
DontSendKeyRelease No
# Modules list
# Example:
#LoadModule libxntest.so
# That's all


    Thus, you just have to register your email, outgoing mail server and its port instead of fake ones, and go - the keylogger is ready!

    What where When


    The configuration file for the user of the program is here - ~ / .xneur / xneurrc.
    The log file is located here - ~ / .xneur / xneurlog.html
    The log files are located here - ~ / .xneur /, and have the form "xneurlog.html 06/23/2010 09: 08: 36.gz" Logging

    occurs at the time of resetting the internal program buffers, usually when changing the active window.

    If you build the program from source yourself, you can completely disable the keylogger functionality by using the build configurator option --without-keylogger.

    Previous parts


    X Neural Switcher - The Cookbook (Part 0). Introduction Build and configure
    X Neural Switcher - The Cookbook (Part 1). The Forerunners and Analogs of
    X Neural Switcher - The Cookbook (Part 2). Algorithms

    In the preparation of the article, the icons from the set of free icons “Aroma” were used .
    Tags:

    Also popular now: