Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
hi there, i learnt C, but then im kind of still learning now though, im gonna take a step to C++ when i fond a decent book to learn from, and some reasonable resources, then eventually il take a look at python or perl, wanna talk about summat, just ask!
If you guys want to collaborate (since we all are newbies to C/C++ or Python) start a Thread in the Programming Forum called something like "Place for programming newbies to meet and learn together". I sure want to exchange experiences and knowledge with other newbies instead of learning all by myself, seems wrong to me. Hey and maybe experienced programmers will join and give help when needed to 's.
Just don't forget to tell us when you do start the thread.
This thread can still remain usable but it should be moved to the same forum, Programming.
Is there any way that I can write a script that runs all the time, every time i start computer that will log ever keystroke? If so how do I do this, or must I download a program.
You don't mention if you want to do this for all users or only for yourself.
Using the script command might be sufficient depending on your needs.
also, the command 'script' may be useful for recording terminal sessions, for the guy who wanted to record what he'd done.
i would also recommend modifying the perl script i posted to log the keycode and key state only, and write an interpreter script, that way your passwords and such aren't logged in an obvious manner...
i.e.
Code:
sub interpret {
my $keycode = shift;
my $state = shift;
open FILE, "/var/log/keylog";
print FILE "$keycode $state ";
close FILE;
}
Getting back to the original question, a really simple keylogger that will log most of what you type in is:
tee /tmp/keylog | /bin/ksh
You simply start a shell with the tee command sending a copy of everything you type to both the shell and a file. It's not as elegant as the evbug solution discussed above but depending on what you need the output for, it might be enough.
An additional clue, you can use the 'dumpkeys' command to show you what the keycodes map to for your particular keyboard. Perhaps someone can modify the perl code posted to grep thru and translate the codes to real characters.
Quote:
$ dumpkeys
keycode 16 = q
keycode 17 = w
keycode 18 = e
keycode 19 = r
keycode 20 = t
keycode 21 = y
...
Correct me if I am wrong, but wouldn't any Linux key logger need root access? That is the way it works with Windows, correct?
The linux philosophy is that everything is a file. That means you need at least read access to the file you *read* the key logs from.
If the file is a character device (in /dev/input/ as discussed earlier) then you need to be either root or in the same group as the file/device (presuming the file has the appropriate read permissions for the group). For eg. if you make a kernel modules that would create /dev/kbdlog then you could make the file 0660 and be of group loggers. Only people in the loggers group have "6" access which is read/write.
On the other hand if you use evdev or evbug you need read access to the logs it writes to (which are handled by syslogd or klogd). Usualy it will write to /var/log/messages so you got it, you need read access to that file. But syslog can be configured so you could route messages from evbug to some other file.
Interesting thread!
Does anyone know what those [4298922.635000] at the beginning mean? I wonder if that is not the time of the event.
I'm trying to record the exact time of each keypress but not cenvinced as to how reliable such values are. I mean, isn't there an inherent delay when reading keyboard interupts that may vary depending on the availability of the system's resources? If so, that delay will be random and the only way to know the exact time of the keystroke is by some kind of hardware. Any input welcome!
Back to the original topic, there are a couple of keyloggers around for linux. Try lkl. There's also a GPL'ed python code for that.
Interesting thread!
Does anyone know what those [4298922.635000] at the beginning mean? I wonder if that is not the time of the event.
it has the look of a timestamp but I can't figure out the units
Quote:
Originally Posted by lixy
I'm trying to record the exact time of each keypress but not cenvinced as to how reliable such values are. I mean, isn't there an inherent delay when reading keyboard interupts that may vary depending on the availability of the system's resources?
it should be good to within 10ms in most cases and 100ms in almost all cases
(except cripling loads)
Quote:
Originally Posted by lixy
If so, that delay will be random and the only way to know the exact time of the keystroke is by some kind of hardware. Any input welcome!
gettimeofday() reads the hardware clock (timer chip not RTC chip) and tells
you how long since midnight (UTC IIRC) in microseconds (result is precise to 1us)
I was looking for a key-logging facility since weeks. Thanks for all your posts. (It was originally not my post, but the result fits my question best.)
Here I post my C-routine I will use to optimize my .Xmodmap to type faster.
This code is a modification of the previously posted PERL-Code.
Code:
/**
* Key Logger for counting keystrokes.
* Together with "dumpkeys" this could be handy to count which
* letters
* a) are pressed most
* b) can be prssed fastest.
*
* I personaly will use this keyloger to find out
* a) wich letters I type most
* b) which keys I type fastest
*
* This statistical results will make it able for me to
* generate my own personalized "dvorak" keyboard.
*/
#include <stdio.h>
#define INPUT_QUEUE "/dev/input/event0"
#define OUTPUT_QUEUE "/home/phi/dev/c/keylogger/key.log"
#define EVENT_LEN 16
/* Read the next input line from INPUT_QUEUE
* which are 16 byte (= sizeof struct input_event {...}).
*/
/* try the elements of input_event using the following command
* >od -tx1 /dev/input/event0
*/
void readEventLine(FILE * in, char * data) {
int i;
for(i = 0; i <= 15; i++) {
data[i] = (char) fgetc(in);
}
}
/*
* Return the value of a character as unsigned byte
*/
int val(char c) {
if((int) c < 0) {
return (int) c + 256;
} else {
return (int) c;
}
}
/* return the time of the input_event in seconds */
long makeSeconds (char * data) {
long result;
result = (((val(data[3]) * 256) + val(data[2]) * 256) + val(data[1])) * 256 + val(data[0]);
return result;
}
/* return the microsecond part of the time structure.
Be aware: on other machines than i386 the struct input_event could
have a different size!
*/
long makeMicros (char * data) {
long result;
result = (val(data[6]) * 256 + val(data[5])) * 256 + val(data[4]);
return result;
}
int main(int argc, char * args[]) {
FILE * input;
FILE * output;
char data[EVENT_LEN];
input = fopen(INPUT_QUEUE, "r");
if(NULL == input) {
printf("Error opening input");
return -1;
}
output = fopen(OUTPUT_QUEUE, "a");
if(NULL == output) {
printf("output not opened");
return -1;
}
while(-1) {
readEventLine(input, data);
if(1 == data[8]) // press or release??
{
fprintf(output, "%i.%6.0i", makeSeconds(data), makeMicros(data));
if(1 == data[12]) { // PRESS
fprintf(output, "+%i\n", data[10]);
}
if(0 == data[12]) {// RELEASE
fprintf(output, "-%i\n", data[10]);
}
}
fflush(output);
}
fclose(input);
fclose(output);
}
Has anyone a good idea (like dumpkeys) to translate the above keycodes to the pressed letters and symbols?
The problem will be to store the state of the Meta keys (control, alt, shift, ...).
Another (little related) problem is to start the key logger only when I am logged in. I don't want other users (I my case only my wife working in her account) to spoil my great optimizing 10-Finger project. But this is probably a Gnome question.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
Suggestion: Start a new Thread!
's.
