mirror of https://github.com/hak5/omg-payloads.git
1.7 KiB
1.7 KiB
About:
- Title: OMGLogger
- Description: Key logger which sends each and every key stroke of target remotely/locally.
- AUTHOR: drapl0n
- Version: 1.0
- Category: Credentials
- Target: Unix-like operating systems with systemd.
- Attackmodes: HID
OMGLogger: OMGLogger is a Key Logger which captures every key stroke of traget and send them to attacker.
Features:
- Live keystroke capturing.
- Detailed key logs.
- Persistent
- Autostart payload on boot.
Workflow:
- Encoding payload and injecting on target's system.
- Checks whether internet is connected to the target system.
- If internet is connected then it sends raw keystrokes to attacker.
- Attacker processes raw keystrokes.
Changes to be made in payload:
- Replace ip(0.0.0.0) and port number(4444) with your servers ip address and port number on line no
43
. - Increase/Decrease time interval to restart service periodically (Default is 15 mins), on line no
59
.
Usage:
- Encode payload.txt and inject into target's system.
- Start netcat listner on attacking system:
nc -lvp <port number> > <log filename>
use this command to create new logfile with raw keystrokes.nc -lvp <port number> >> <log filename>
use this command to append raw keystrokes to existing logfile.
- Process raw keystrokes using OMGLoggerDecoder utility:
./OMGLoggerDecoder
OMGLoggerDecoder is used to decode raw key strokes acquired by OMGLogger.
Usage:
Decode captured log: [./OMGLoggerDecoder -f <Logfile> -m <mode> -o <output file>]
Options:
-f Specify Log file.
-m Select Mode(normal|informative)
-o Specify Output file.
-h For this banner.