BackupGGCode / logkeys

a GNU/Linux keylogger that works!
Other
0 stars 0 forks source link

Probably, extracting input device parsing from /proc/bus/input/devices not working #81

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1.I am providing keyboard device as parameter but still comes with error "Error 
opening input event device '/dev/input/event0': No such file or directory"
2. I've looked the source code, at line 328(determine_input_device() function 
not working 
expected)[http://code.google.com/p/logkeys/source/browse/trunk/src/logkeys.cc] 
I didn't debug but I think so.
3. I've attached the /proc/bus/input/devices file.

What is the expected output?
It should parse the -d(--device) parameter correctly.

What do you see instead?
"Error opening input event device '/dev/input/event0': No such file or 
directory"

What version of the product are you using (`logkeys --help`)?
logkeys version: 0.1.1a

On what operating system?
debian squeeze

Please provide any additional information below.
If applicable, also attach contents of /proc/bus/input/devices, the output
of command `dumpkeys -n > dumpkeys.output`, and any
other relevant files.

Original issue reported on code.google.com by deneme.t...@gmail.com on 30 Jan 2012 at 9:28

Attachments:

GoogleCodeExporter commented 9 years ago
You are running it with: logkeys -s -d event0 ?
In either case, with regard to your devices file, /dev/input/event0 is the only 
input device available. If you inspect manually, does that file exists? Can you 
print it:
$ sudo cat /dev/input/event0
and you see a bunch of strange characters while you press keys?

Dunno. The function determine_input_device() is not an issue, as it is not even 
run if a --device argument is supplied 
(http://code.google.com/p/logkeys/source/browse/trunk/src/logkeys.cc#407).

Resolution: WorksForMe

Original comment by kernc...@gmail.com on 30 Jan 2012 at 9:48

GoogleCodeExporter commented 9 years ago
I haven't a "/dev/input/event0" device. At line 340: line.find("event") try to 
find event line but as you see attached device file before, it doesn't have any 
"event" line.

At line 407: if we didn't provide -d(--device) switch it should parse 
"/proc/bus/input/devices" file but it couldn't parse devices file correctly I 
think.

And at line 356: if it couldn't fetch the input device correctly, I must see 
error line but I couldn't see error line too.

error(0, 0, "Couldn't determine keyboard device. :/");
error(EXIT_FAILURE, 0, "Please post contents of your /proc/bus/input/devices 
file as a new bug report. Thanks!");"

Original comment by deneme.t...@gmail.com on 31 Jan 2012 at 1:59

GoogleCodeExporter commented 9 years ago
well, the problem is you don't have a /dev/input/event0 file.
that's a situation I haven't considered at all.

can you please provide output of:
$ ls -la /dev/input/

Original comment by kernc...@gmail.com on 31 Jan 2012 at 2:10

GoogleCodeExporter commented 9 years ago
This is the the output of /dev/input/
$ls -la /dev/input/
drwxr-xr-x  2 root root     60 Jan 31 13:19 .
drwxr-xr-x 10 root root  14220 Jan 31 13:20 ..
crw-------  1 root root 13, 63 Jan 31 13:19 mice

Original comment by deneme.t...@gmail.com on 31 Jan 2012 at 2:57

GoogleCodeExporter commented 9 years ago
yes, and this is why logkeys doesn't work: there is no device logkeys could 
read from (e.g. /dev/input/event0). this is not a logkeys problem, but instead 
your linux distribution problem.

what is the output of
$ uname -a
and what distribution are you on?

Original comment by kernc...@gmail.com on 31 Jan 2012 at 3:39

GoogleCodeExporter commented 9 years ago
At boot there is output about input:
input: AT Translated Set 2 keyboard as /devices/serio0/input/input0

but /devices/seria0/input/input0 file doesn't exist.

And this is the output of $uname -a:
Linux debian 2.6.33.7-co-0.7.9 #1 PREEMPT Sat Apr 9 20:30:51 UTC 2011 i686 
GNU/Linux

It is coLinux: debian squeeze

Original comment by deneme.t...@gmail.com on 31 Jan 2012 at 10:40

GoogleCodeExporter commented 9 years ago
well, it's a coLinux. get a windows keylogger then.
sorry but there's nothing I can do to make it work, but to suggest you install 
Linux Mint (Debian Edition - LMDE) natively, and then run Windos in a 
VirtualBox when needed. :-)

Regards,

Original comment by kernc...@gmail.com on 31 Jan 2012 at 10:50

GoogleCodeExporter commented 9 years ago
Just, I want to use coLinux as Honeynet(sandbox) by installing keylogger and 
for security purposes. If one intruder get in and try to execute commands, just 
I want to see what commands the intruder executed. Could you please assist 
another keylogger or program so I can see keystrokes?

Original comment by deneme.t...@gmail.com on 1 Feb 2012 at 12:14

GoogleCodeExporter commented 9 years ago
I don't know. likely, you need a keylogger that doesn't rely on the event 
subsytem as that seems to be missing. perhaps try with lkl or uberkey, which 
are more low-level, but IMHO more trouble than they're worth. There's also 
pyKeylogger that uses X. if they don't work, sorry, you'll have to figure out a 
different setup.

Original comment by kernc...@gmail.com on 1 Feb 2012 at 1:03