Several of you have you have emailed me asking whether it's possible to install a keylogger on a victim’s computer using Metasploit. The answer is a resounding "YES"!
So, by popular request, in this guide I'll show you how to install a keylogger on your girlfriend's, boyfriend's, wife's, or husband's computer.
For those of you wondering what a keylogger is, the simple answer is that it's a piece of software or hardware that captures every keystroke and saves them for retrieval by you, the attacker. These types of devices have long been used by hackers to capture logins, passwords, social security numbers, etc. Here we will use it to capture the keystrokes of a cheating girlfriend.
Fire up Metasploit and let's get started.
Like in my last article on disabling antivirus software, I'm assuming that you've successfully installed Metasploit’s powerful listener/rootkit on the target system. You can also check my earlier Hack Like a Pro articles for a variety of ways to get it installed.
Step 1: Migrate the Meterpreter
Before we start our keylogger, we need to migrate the Meterpreter to the application or process we want to log the keystrokes from. Let's check to see what processes are running on the victim system by typing:
meterpreter >ps
Notice in the screenshot above that we have a listing of every process running on the victim system. We can see about 1/3 of the way down the process listing with a Process ID (PID) of 912, the Notepad application is open and running.
Let's migrate to that process and capture any keystrokes entered there. Type:
meterpreter > migrate 912
You can see from the screenshot that Meterpreter responds that we have migrated successfully,
Step 2: Start the Keylogger
Now that we have migrated the Meterpreter to the Notepad, we can embed the keylogger.
Metasploit’s Meterpreter has a built-in software keylogger called keyscan. To start it on the victim system, just type:
meterpreter> keyscan_start
With this command, Meterpreter will now start logging every keystroke entered into the Notepad application.
Step 3: Write a Short Note on the Victim System
Let's now move to our victim system and write a short note to make sure it works.
As you can see in screenshot above, Cheatah has written a short note to Stud, asking him to come visit while her boyfriend is gone. All of these keystrokes are being captured by our keylogger providing us with evidence of her cheating heart (or some other organ).
Step 4: Recover the Keystrokes
Now, let's go back to our system with Meterpreter running on Metasploit. We can now dump all of the keystrokes that were entered on Cheatah's computer. We simply type:
meterpreter> keyscan_dump
As you can see, every keystroke has been captured including the tabs and end of line characters. Now you have the evidence on Cheatah!
In my next articles, we'll continue to look at other powerful features of Metasploit's Meterpreter.