/Simple-Rust-Malware

A simple Rust Key-logger

Primary LanguageRustMIT LicenseMIT

Simple-Rust-Malware

Windows Rust Keylogger

Requirement

  • A recent build of Rust
  • A Windows Machine
  • Cargo

Cargo.toml

[target.'cfg(windows)'.dependencies]
winapi = { version = "0.3", features = ["sysinfoapi", "synchapi", "libloaderapi", "errhandlingapi", "winuser", "fileapi", "winnt", "minwinbase", "winbase", "handleapi", "libloaderapi"] }
widestring = "*"

How to build

1. Make sure you have the latest Rust and Cargo on your Windows machine

2. Clone the source with git:

$ git clone https://github.com/cdong1012/Simple-Rust-Malware.git
$ cd Simple-Rust-Malware

3. Configure the log path:

  • In src\main.rs, change the path C:\Users\chuon\OneDrive\Desktop\testing_malware\log.txt to the path where you want your log to be stored at.
  • Preferably, a path to a folder where you(or the current user) have permission to write to.

4. Build the package - In our current repository, run cargo build to build this package.

5. Run the malware

  • There are two ways to run the malware executable

    1. Run with cargo run after you build it

    2. Run directly with the .exe file. You can find and run the executable at C:\Users\chuon\OneDrive\Desktop\Simple_Rust_Malware\Simple-Rust-Malware\target\debug\malware_simple.exe.

6. How to stop capturing

  • You can hit Ctrl-C on the Command Prompt that is running the malware to stop capturing keystroke.
  • After you have done this, you can view the log text file to see what we have captured.

7. Log file

  • After you are done capturing, you should see something like this in your log.txt file

  • As you can see, every time a key is pressed, the malware will check for the current running application and record that.

  • Here, you can see that it's capturing keystroke from my Brave browser on Sunday that I'm trying to log into my Facebook account!

8. NOTE

  • This malware is ONLY for educational purposes!
  • Even though it is not particularly harmful toward any Windows machine, using this malware on a machine without its user's permission is still a violation of privacy.
  • Please be considerate when installing and don't use this for any malicious purpose!