seb/keylogger-detector
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

FIX

Browse Source
This commit is contained in:
Sebastian Lenzlinger 2023-06-11 18:24:42 +02:00
parent c8da5e4743
commit 92fc49ac9e
2 changed files with 32 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
src/kernel_detector.py
View File

@ -1,3 +1,5 @@
#!/usr/bin/env python3
import subprocess import subprocess
import time import time
import multiprocessing import multiprocessing
@ -136,43 +138,42 @@ def detect_logger(module):
# #
#============================================================================================================== #==============================================================================================================
def run_kernel_detection(): whitelist = get_whitelist("whitelist.txt")
whitelist = get_whitelist("whitelist.txt")
lsmod_output = list_modules("lsmod"); lsmod_output = list_modules("lsmod");
sus_modules = compare_mods(whitelist, lsmod_output) sus_modules = compare_mods(whitelist, lsmod_output)
sus_modules = tidy_up(sus_modules) sus_modules = tidy_up(sus_modules)
sus_modules = unload_mod(sus_modules) sus_modules = unload_mod(sus_modules)
time.sleep(1) time.sleep(1)
sus_modules = getpath(sus_modules) sus_modules = getpath(sus_modules)
print(sus_modules) print(sus_modules)
if len(sus_modules) == 0: if len(sus_modules) == 0:
print("nothing to do") print("nothing to do")
print("ALL CLEAN") print("ALL CLEAN")
suspects = [] suspects = []
for module in sus_modules: for module in sus_modules:
suspects.append(detect_logger(module)) suspects.append(detect_logger(module))
time.sleep(1) time.sleep(1)
print("Following modules are logging your keystrokes: ") print("Following modules are logging your keystrokes: ")
for i in range(len(suspects)): for i in range(len(suspects)):
print( f"[{i}] {suspects[i]}") print( f"[{i}] {suspects[i]}")
print("Enter the number of the module you want to remove: ") print("Enter the number of the module you want to remove: ")
user_input = input().split() user_input = input().split()
for j in user_input: for j in user_input:
to_remove = suspects[int(j)] to_remove = suspects[int(j)]
subprocess.Popen(['sudo','rmmod', to_remove]) subprocess.Popen(['sudo','rmmod', to_remove])
print(f"Removed {to_remove}") print(f"Removed {to_remove}")
print("Finished") print("Finished")

7
src/keylogger_detector.py
View File

@ -41,7 +41,7 @@ def print_help():
print(' -w, --add-white-list\t\t\tActivate prompt to add program names to the whitelist') #For some reason this line gets messed up in display print(' -w, --add-white-list\t\t\tActivate prompt to add program names to the whitelist') #For some reason this line gets messed up in display
print(' -b, --add-black-list\t\t\tAutomatically add program names chosen to kill to the blacklist') print(' -b, --add-black-list\t\t\tAutomatically add program names chosen to kill to the blacklist')
print(' -d, --debug\t\t\tDebug mode. Print debug statements') print(' -d, --debug\t\t\tDebug mode. Print debug statements')
print(' -k, --kernel-detection\t\t\tRun the kernel keylogger detector, too') print(' -k, --kernel-detection\t\t\tRun the kernel keylogger detector, too. CURRENTLY NOT IMPLEMENTED TO DIRECTLY RUN KERNEL DETECTOR.')
def set_input_options(): def set_input_options():
""" """
@ -294,10 +294,7 @@ def detect_keyloggers():
debug(debug_option, 'Kernel detection option: ' + str(kernel_detection_option)) debug(debug_option, 'Kernel detection option: ' + str(kernel_detection_option))
if kernel_detection_option: ;
print("[Info] Starting kernel detection")
run_kernel_detection()
if __name__ == '__main__': if __name__ == '__main__':
detect_keyloggers() detect_keyloggers()