omg-payloads

History

drapl0n 776f917fd7 replacing systemd target		2022-05-19 19:58:13 +05:30
..
OMGLoggerDecoder	Uploading OMGLoggerDecoder	2022-05-18 21:03:29 +05:30
README.md	Uploading OMGLogger	2022-05-18 21:00:53 +05:30
payload.txt	replacing systemd target	2022-05-19 19:58:13 +05:30

README.md

About:

Title: OMGLogger
Description: Key logger which sends each and every key stroke of target remotely/locally.
AUTHOR: drapl0n
Version: 1.0
Category: Credentials
Target: Unix-like operating systems with systemd.
Attackmodes: HID

OMGLogger: OMGLogger is a Key Logger which captures every key stroke of traget and send them to attacker.

Features:

Live keystroke capturing.
Detailed key logs.
Persistent
Autostart payload on boot.

Workflow:

Encoding payload and injecting on target's system.
Checks whether internet is connected to the target system.
If internet is connected then it sends raw keystrokes to attacker.
Attacker processes raw keystrokes.

Changes to be made in payload:

Replace ip(0.0.0.0) and port number(4444) with your servers ip address and port number on line no 43.
Increase/Decrease time interval to restart service periodically (Default is 15 mins), on line no 59.

Usage:

Encode payload.txt and inject into target's system.
Start netcat listner on attacking system:

nc -lvp <port number> > <log filename> use this command to create new logfile with raw keystrokes.
nc -lvp <port number> >> <log filename> use this command to append raw keystrokes to existing logfile.

Process raw keystrokes using OMGLoggerDecoder utility:

./OMGLoggerDecoder
OMGLoggerDecoder is used to decode raw key strokes acquired by OMGLogger.

Usage: 
Decode captured log:    [./OMGLoggerDecoder -f <Logfile> -m <mode> -o <output file>]

Options:
-f      Specify Log file.
-m      Select Mode(normal|informative)
-o      Specify Output file.
-h      For this banner.

Support me if you like my work:

https://twitter.com/drapl0n