search

kernc / logkeys

:memo: :keyboard: A GNU/Linux keylogger that works!
Other
758 stars 253 forks source link

Error running as service #250

Open icaroerasmo opened 1 year ago

icaroerasmo commented 1 year ago

When my PC boots there's a message saying that logkeys failed running. Looking to syslog I see these messages:

dez 30 15:01:56 Ryzen logkeys[698]: /usr/bin/logkeys: Couldn't determine keyboard device. :/
dez 30 15:01:56 Ryzen logkeys[698]: /usr/bin/logkeys: Please post contents of your /proc/bus/input/devices file as a new bug report. Thanks!
dez 30 15:01:56 Ryzen audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=logkeys comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
dez 30 15:01:56 Ryzen systemd[1]: logkeys.service: Control process exited, code=exited, status=1/FAILURE
dez 30 15:01:56 Ryzen systemd[1]: logkeys.service: Failed with result 'exit-code'.
dez 30 15:01:56 Ryzen systemd[1]: Failed to start Keylogger daemon.

Here is /proc/bus/input/devices content:

I: Bus=0019 Vendor=0000 Product=0001 Version=0000
N: Name="Power Button"
P: Phys=PNP0C0C/button/input0
S: Sysfs=/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0C:00/input/input0
U: Uniq=
H: Handlers=kbd event0 
B: PROP=0
B: EV=3
B: KEY=10000000000000 0

I: Bus=0019 Vendor=0000 Product=0001 Version=0000
N: Name="Power Button"
P: Phys=LNXPWRBN/button/input0
S: Sysfs=/devices/LNXSYSTM:00/LNXPWRBN:00/input/input1
U: Uniq=
H: Handlers=kbd event1 
B: PROP=0
B: EV=3
B: KEY=10000000000000 0

I: Bus=0010 Vendor=001f Product=0001 Version=0100
N: Name="PC Speaker"
P: Phys=isa0061/input0
S: Sysfs=/devices/platform/pcspkr/input/input2
U: Uniq=
H: Handlers=kbd event2 
B: PROP=0
B: EV=40001
B: SND=6

I: Bus=0000 Vendor=0000 Product=0000 Version=0000
N: Name="HDA NVidia HDMI/DP,pcm=3"
P: Phys=ALSA
S: Sysfs=/devices/pci0000:00/0000:00:03.1/0000:07:00.1/sound/card0/input3
U: Uniq=
H: Handlers=event3 
B: PROP=0
B: EV=21
B: SW=140

I: Bus=0000 Vendor=0000 Product=0000 Version=0000
N: Name="HDA NVidia HDMI/DP,pcm=7"
P: Phys=ALSA
S: Sysfs=/devices/pci0000:00/0000:00:03.1/0000:07:00.1/sound/card0/input4
U: Uniq=
H: Handlers=event4 
B: PROP=0
B: EV=21
B: SW=140

I: Bus=0000 Vendor=0000 Product=0000 Version=0000
N: Name="HDA NVidia HDMI/DP,pcm=8"
P: Phys=ALSA
S: Sysfs=/devices/pci0000:00/0000:00:03.1/0000:07:00.1/sound/card0/input5
U: Uniq=
H: Handlers=event5 
B: PROP=0
B: EV=21
B: SW=140

I: Bus=0000 Vendor=0000 Product=0000 Version=0000
N: Name="HDA NVidia HDMI/DP,pcm=9"
P: Phys=ALSA
S: Sysfs=/devices/pci0000:00/0000:00:03.1/0000:07:00.1/sound/card0/input6
U: Uniq=
H: Handlers=event6 
B: PROP=0
B: EV=21
B: SW=140

I: Bus=0000 Vendor=0000 Product=0000 Version=0000
N: Name="HDA NVidia HDMI/DP,pcm=10"
P: Phys=ALSA
S: Sysfs=/devices/pci0000:00/0000:00:03.1/0000:07:00.1/sound/card0/input7
U: Uniq=
H: Handlers=event7 
B: PROP=0
B: EV=21
B: SW=140

I: Bus=0000 Vendor=0000 Product=0000 Version=0000
N: Name="HDA NVidia HDMI/DP,pcm=11"
P: Phys=ALSA
S: Sysfs=/devices/pci0000:00/0000:00:03.1/0000:07:00.1/sound/card0/input8
U: Uniq=
H: Handlers=event8 
B: PROP=0
B: EV=21
B: SW=140

I: Bus=0000 Vendor=0000 Product=0000 Version=0000
N: Name="HD-Audio Generic Front Mic"
P: Phys=ALSA
S: Sysfs=/devices/pci0000:00/0000:00:08.1/0000:09:00.4/sound/card1/input9
U: Uniq=
H: Handlers=event9 
B: PROP=0
B: EV=21
B: SW=10

I: Bus=0000 Vendor=0000 Product=0000 Version=0000
N: Name="HD-Audio Generic Rear Mic"
P: Phys=ALSA
S: Sysfs=/devices/pci0000:00/0000:00:08.1/0000:09:00.4/sound/card1/input10
U: Uniq=
H: Handlers=event10 
B: PROP=0
B: EV=21
B: SW=10

I: Bus=0000 Vendor=0000 Product=0000 Version=0000
N: Name="HD-Audio Generic Line"
P: Phys=ALSA
S: Sysfs=/devices/pci0000:00/0000:00:08.1/0000:09:00.4/sound/card1/input11
U: Uniq=
H: Handlers=event11 
B: PROP=0
B: EV=21
B: SW=2000

I: Bus=0000 Vendor=0000 Product=0000 Version=0000
N: Name="HD-Audio Generic Line Out"
P: Phys=ALSA
S: Sysfs=/devices/pci0000:00/0000:00:08.1/0000:09:00.4/sound/card1/input12
U: Uniq=
H: Handlers=event12 
B: PROP=0
B: EV=21
B: SW=40

I: Bus=0000 Vendor=0000 Product=0000 Version=0000
N: Name="HD-Audio Generic Front Headphone"
P: Phys=ALSA
S: Sysfs=/devices/pci0000:00/0000:00:08.1/0000:09:00.4/sound/card1/input13
U: Uniq=
H: Handlers=event13 
B: PROP=0
B: EV=21
B: SW=4

I: Bus=0003 Vendor=0d8c Product=0012 Version=0100
N: Name="C-Media Electronics Inc. USB Audio Device"
P: Phys=usb-0000:09:00.3-3.3/input3
S: Sysfs=/devices/pci0000:00/0000:00:08.1/0000:09:00.3/usb5/5-3/5-3.3/5-3.3:1.3/0003:0D8C:0012.0001/input/input14
U: Uniq=
H: Handlers=kbd event14 
B: PROP=0
B: EV=13
B: KEY=e000000000000 0
B: MSC=10

I: Bus=0003 Vendor=320f Product=5000 Version=0111
N: Name="Evision RGB Keyboard"
P: Phys=usb-0000:09:00.3-3.1.3/input0
S: Sysfs=/devices/pci0000:00/0000:00:08.1/0000:09:00.3/usb5/5-3/5-3.1/5-3.1.3/5-3.1.3:1.0/0003:320F:5000.0002/input/input15
U: Uniq=
H: Handlers=sysrq kbd leds event15 
B: PROP=0
B: EV=120013
B: KEY=1000000000007 ff9f207ac14057ff febeffdfffefffff fffffffffffffffe
B: MSC=10
B: LED=1f

I: Bus=0003 Vendor=320f Product=5000 Version=0111
N: Name="Evision RGB Keyboard"
P: Phys=usb-0000:09:00.3-3.1.3/input1
S: Sysfs=/devices/pci0000:00/0000:00:08.1/0000:09:00.3/usb5/5-3/5-3.1/5-3.1.3/5-3.1.3:1.1/0003:320F:5000.0003/input/input16
U: Uniq=
H: Handlers=kbd event16 
B: PROP=0
B: EV=10001f
B: KEY=3f000307ff 0 0 483ffff17aff32d bfd4444600000000 1 130ff38b17d000 ffe77bfad941dfed 81beffcd01cfffff febffbffdffffffe
B: REL=1040
B: ABS=100000000
B: MSC=10

I: Bus=0003 Vendor=320f Product=5000 Version=0111
N: Name="Evision RGB Keyboard"
P: Phys=usb-0000:09:00.3-3.1.3/input1
S: Sysfs=/devices/pci0000:00/0000:00:08.1/0000:09:00.3/usb5/5-3/5-3.1/5-3.1.3/5-3.1.3:1.1/0003:320F:5000.0003/input/input17
U: Uniq=
H: Handlers=event17 
B: PROP=0
B: EV=9
B: ABS=10000000000

I: Bus=0003 Vendor=04d9 Product=fc30 Version=0110
N: Name="USB Gaming Mouse"
P: Phys=usb-0000:09:00.3-3.1.4/input0
S: Sysfs=/devices/pci0000:00/0000:00:08.1/0000:09:00.3/usb5/5-3/5-3.1/5-3.1.4/5-3.1.4:1.0/0003:04D9:FC30.0004/input/input18
U: Uniq=
H: Handlers=event18 mouse0 
B: PROP=0
B: EV=17
B: KEY=ffff0000 0 0 0 0
B: REL=1943
B: MSC=10

I: Bus=0003 Vendor=04d9 Product=fc30 Version=0110
N: Name="USB Gaming Mouse"
P: Phys=usb-0000:09:00.3-3.1.4/input1
S: Sysfs=/devices/pci0000:00/0000:00:08.1/0000:09:00.3/usb5/5-3/5-3.1/5-3.1.4/5-3.1.4:1.1/0003:04D9:FC30.0005/input/input19
U: Uniq=
H: Handlers=sysrq kbd event19 
B: PROP=0
B: EV=100013
B: KEY=1000000000007 ff9f207ac14057ff febeffdfffefffff fffffffffffffffe
B: MSC=10

I: Bus=0003 Vendor=04d9 Product=fc30 Version=0110
N: Name="USB Gaming Mouse Consumer Control"
P: Phys=usb-0000:09:00.3-3.1.4/input2
S: Sysfs=/devices/pci0000:00/0000:00:08.1/0000:09:00.3/usb5/5-3/5-3.1/5-3.1.4/5-3.1.4:1.2/0003:04D9:FC30.0006/input/input20
U: Uniq=
H: Handlers=kbd event20 
B: PROP=0
B: EV=1f
B: KEY=3f000307ff 0 0 483ffff17aff32d bfd4444600000000 1 130ff38b17d000 677bfad9415fed 19ed68000004400 10000002
B: REL=1040
B: ABS=100000000
B: MSC=10

I: Bus=0003 Vendor=04d9 Product=fc30 Version=0110
N: Name="USB Gaming Mouse"
P: Phys=usb-0000:09:00.3-3.1.4/input2
S: Sysfs=/devices/pci0000:00/0000:00:08.1/0000:09:00.3/usb5/5-3/5-3.1/5-3.1.4/5-3.1.4:1.2/0003:04D9:FC30.0006/input/input21
U: Uniq=
H: Handlers=event21 
B: PROP=0
B: EV=9
B: ABS=10000000000

I: Bus=0003 Vendor=1b3f Product=2247 Version=0100
N: Name="GENERAL WEBCAM: GENERAL WEBCAM"
P: Phys=usb-0000:09:00.3-3.1.1/button
S: Sysfs=/devices/pci0000:00/0000:00:08.1/0000:09:00.3/usb5/5-3/5-3.1/5-3.1.1/5-3.1.1:1.0/input/input22
U: Uniq=
H: Handlers=kbd event22 
B: PROP=0
B: EV=3
B: KEY=100000 0 0 0
kernc commented 1 year ago

What version are you using? Please try with one of the more recent releases or even git master.

Otherwise, amend your service file with flags logkeys -d event15 through event17, if one of those works.

icaroerasmo commented 1 year ago

I have installed it through aurman in arch linux and I could verify it's the most recent version: 0.2.0. When you say I should amend, you mean I have to put those flags in my logkeys.conf?

icaroerasmo commented 1 year ago

I have tried all of those and this is the message I receive:

jan 01 00:56:23 Ryzen systemd[1]: Starting Keylogger daemon...
jan 01 00:56:23 Ryzen logkeys[709]: /usr/bin/logkeys: Error opening input event device '/dev/input/event17': No such file or directory
jan 01 00:56:23 Ryzen systemd[1]: logkeys.service: Control process exited, code=exited, status=1/FAILURE
jan 01 00:56:23 Ryzen systemd[1]: logkeys.service: Failed with result 'exit-code'.
jan 01 00:56:23 Ryzen systemd[1]: Failed to start Keylogger daemon.

when I run ls -la /dev/input/event15; ls -la /dev/input/event16 or ls -la /dev/input/event17 all of these are created. I think that the service is being run before it should. Maybe before all of these devices are created.

icaroerasmo commented 1 year ago

Setting type as "idle" made logkeys work as it delays its execution until the last service starts, but it finished right after startup. Do you have any guess on what service should logkeys wait to execute?

EDIT: Remember that logkeys works perfectly if I run it after startup through "llk"

kernc commented 1 year ago

Do you have any guess on what service should logkeys wait to execute?

Just a guess, since most of /dev is handled by udev, maybe systemd-udevd.service?

icaroerasmo commented 1 year ago

I was able to make it run as a daemon following this guide: https://www.vivaolinux.com.br/dica/rclocal-no-Arch-Linux

It's in portuguese. Try to translate it using google or something else. In summary what it does is activate local.rc script and you can put logkeys startup comand there.