-
Notifications
You must be signed in to change notification settings - Fork 0
/
README
198 lines (132 loc) · 6.92 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
===============================================================================
logkeys - a GNU/Linux keylogger that works!
===============================================================================
0. Licence
1. Description
2. Installation
3. Usage how-to
4. Troubleshooting
5. Further information
===============================================================================
+------------------------------------------------
0. Licence
===============================================================================
logkeys is dual licensed under the terms of either GNU GPLv3 or later, or
WTFPLv2 or later. It is entirely your choice! See COPYING for further
information about licensing.
+------------------------------------------------
1. Description
===============================================================================
logkeys is a linux keylogger. It is no more advanced than other available linux
keyloggers, notably lkl and uberkey, but is a bit newer, more up to date, it
doesn't unreliably repeat keys and it shouldn't crash your X. All in all, it
just seems to work. It relies on event interface of the Linux input subsystem.
Once completely set, it logs all common character and function keys, while also
being fully aware of Shift and AltGr key modifiers.
+------------------------------------------------
2. Installation
===============================================================================
Provided your GNU/Linux distribution doesn't include logkeys package in its
repositories, manual installation of logkeys from source is as easy as:
$ tar xvzf logkeys-0.1.1.tar.gz # to extract the logkeys archive
$ cd logkeys-0.1.1/build # move to build directory to build there
$ ../configure # invoke configure from parent directory
$ make # make compiles what it needs to compile
( become super↙user now ) # you need root to install in system dir
# make install # installs binaries, manuals and scripts
That's it.
To ever uninstall logkeys, remove accompanying scripts and manuals, issue
# make uninstall # in the same logkeys-0.1.1/build dir from before
A copy of these instructions is in the accompanying INSTALL file.
+------------------------------------------------
3. Usage how-to
===============================================================================
logkeys is simple. You can either invoke it directly, by typing full command
line, or use the provided scripts. There are two helper programs in this
package:
bin/llk , which is intended to start the logkeys daemon, and
bin/llkk , which is intended to kill it.
bin/llk runs etc/logkeys-start.sh, and bin/llkk runs etc/logkeys-kill.sh.
You can use these two setuid root programs (llk and llkk) for starting and
stopping the keylogger quickly and covertly. You can modify the .sh scripts as
you like. As the two programs are installed with setuid bit set, the root
password need not be provided at their runtime.
Default log file is /var/log/logkeys.log and is not readable by others.
I suggest you first test the program manually with
$ touch test.log
$ logkeys --start --output test.log
and in the other terminal follow it with
$ tail --follow test.log
and see if the pressed keys match to those noted. If you use a US keyboard
layout, use -u switch. Make sure your terminal character locale is set to UTF-8
$ locale
LANG=xx_YY.UTF-8
LC_CTYPE="xx_YY.UTF-8"
...
or alternatively, you need en_US.UTF-8 locale available on your system
$ locale -a
...
en_US.UTF-8
...
otherwise you may only see odd characters (like ꑶ etc.) when pressing character
keys.
logkeys acts as a daemon, and you stop the running logger process with
$ logkeys --kill
(or bin/llkk provided script).
For more information about logkeys log file format, logkeys keymap format, and
command line arguments, read the application manual,
$ man logkeys
or see the wiki at project website: http://code.google.com/p/logkeys/
Abuse the output of this software wisely.
+------------------------------------------------
4. Troubleshooting
===============================================================================
4.1 empty log file or 'Error opening input event device'
-------------------------------------------------
After you run logkeys successfully, if you open the log file and see only the
'Logging started...' and 'Logging stopped...' tag without any keypress
"contents," it is very likely that logkeys got your device id wrong.
This may also apply if you get the following error:
Error opening input event device '/dev/input/event-1'
The solution is to determine the correct event device id, and then run
logkeys with --device (-d) switch, specifying that device manually.
The procedure for manually learning the device id to use is as follows:
As root, for each existing device eventX in /dev/input/, where X is a number
between 0 and 31 inclusively, write:
$ cat /dev/input/eventX
then type some arbitrary characters. If you see any output, that is the device
to be used. If you don't see any output, press Ctrl+C and continue with the
next device.
If this happened to be your issue, *please* submit a bug report, attaching
your /proc/bus/input/devices file as well as and specifying which was the
correct id.
4.2 logkeys outputs wrong characters
-------------------------------------------------
It is very likely that you will see only some characters recognized, without
any hope for Shift and AltGr working even slightly correct, especially when
starting logkeys in X. In that case it is better to switch to virtual
terminal, e.g. tty4 (Ctrl+Alt+F4), and there execute:
$ logkeys --export-keymap my_lang.keymap
Then open my_lang.keymap in UTF-8 enabled text editor and manually repair any
missing or incorrectly determined mappings. From then on, execute logkeys by
$ logkeys --start --keymap my_lang.keymap
Again, see if it now works correctly (character keys appear correct when you
are viewing the log file in editor), and opt to modify bin/llk starter script.
If you create full and completely valid keymap for your particular language,
please upload it to website or send it to me by e-mail. Thanks.
+------------------------------------------------
5. Further information
===============================================================================
Read the man page. Please read the whole man page. Thanks. :-)
Refer to troubleshooting and FAQ sections on the project website,
http://code.google.com/p/logkeys/ ,
for currently known issues, ways to resolve them, and any other information.
Report any bugs and request reasonable features on the issues list page
http://code.google.com/p/logkeys/issues .
When opening new issues, always provide descriptively keyworded summary and
description.
You are more than welcome to implement unreasonable features yourself, as well
as hack the program to your liking.
If you are a pr0, please answer the few questions I commented in the source.
Thanks.
~