search

EmpireProject / Empire

Empire is a PowerShell and Python post-exploitation agent.
http://www.powershellempire.com/
BSD 3-Clause "New" or "Revised" License
7.4k stars 2.81k forks source link

osx prompt and keylogger lang issue #1175

Open euri10 opened 6 years ago

euri10 commented 6 years ago

the osx prompt and keylogger work fine, except one important thing which is the following: the keyboard layout isn't taken into account so while the key pressed returned might be correct on a default US keyboard I presume, on another one it isn't It's quite easy to "translate" for simple key like a > q but some combos like @ on some keyboards are very different. that command return the layout used but I fail to find a way to properly translate what Empire returns given the layout any idea ?

defaults read /Library/Preferences/com.apple.HIToolbox.plist  AppleEnabledInputSources
(
        {
        InputSourceKind = "Keyboard Layout";
        "KeyboardLayout ID" = 251;
        "KeyboardLayout Name" = "ABC-AZERTY";
    }
)
xorrior commented 6 years ago

@euri10 I don't have the slightest idea how we would be be able to account for a non-US layout.

euri10 commented 6 years ago

I read quite extensively about that in my holidays, it's a tricky subject.

It seems to me that the below library solves the issue, in particular here where it maps the key codes to the layout https://github.com/boppreh/keyboard/blob/master/keyboard/_darwinkeyboard.py#L136

But I need to test it a little before I could have a definite judgment.