Encrypt output file

[wicked]

Feature request for the binary to encrypt output for security and can be later decrypted with assigned key or passphrase.

[GiacomoLaw]

I'm not sure how to do this, any help would be appreciated. :smile:

[93aef0ce4dd141ece6f5]

Disclaimer: I am not an expert on cryptography so take what I have stated with caution.

Depends on how you want to do it using whichever ciphering method. For example:

1. Encrypt the key press and directly append it to the file (probably using some sort of stream cipher),
2. Read the entire file, decrypt it, append the key press, re-encrypt the contents, write it back to disk.

Problem: Confidentiality of the Key

1. Using asymmetric keys; generate a symmetric key to encrypt the key presses, then encrypt the symmetric key with the public key. This, in turn, creates some more problems:
   • You encrypt the symmetric key and send it to yourself to decrypt once all operations are completed but when does a keylogger complete its job?
   • Once you encrypt the symmetric key, you will not be able to decrypt it unless you also provide the private key on the victim's machine (which defeats the entire purpose of this type of method).
2. Using a non-asymmetric method; Since the key will be lying somewhere either in memory or on disk to constantly encrypt (or decrypt), what's stopping the victim from accessing it? If you encrypt the symmetric key with something else, that key is still openly available and hence is just another iteration of the same problem. Of course, the assumption which could be made is that the victim is not competent enough to compromise this system, and if any of these instances do occur, it is not too significant as to damage your initial intentions.

Possible Solution

There could be ways to deal with such problems which would involve moving the stored data off the machine when a condition is met. A simple example, store the next key presses in memory until X keys have been pressed, encrypt the data using a public key (not really the best way to use the key like this but for the circumstances, it could suffice), send the data to yourself to decrypt using the private key.

Again, this stems yet more problems:

• If the application is suddenly aborted (shutdown of the machine, killing of process, etc.), the data stored in memory may not make it out safely,
• Too much traffic might be suspicious unless the data is somehow disguised under some discreet packets such as ICMP or by using HTTPS. We could assume that the victim will not have a decent firewall and ignore this.

But these are entirely different issues.

[GiacomoLaw]

I closed this as I want to keep the keylogger simple, and I don't see the need for encyrptoin. Feel free to keep commenting and updating, and even make a PR about it.

However I'm closing this as I won't implement it, and it's a little to advanced for the simple keylogger I had in mind when I wrote the thing in the first place 😄

Thanks for the awesome comment @93aef0ce4dd141ece6f5!