Windows Rust Keylogger
- A recent build of Rust
- A Windows Machine
- Cargo
[target.'cfg(windows)'.dependencies]
winapi = { version = "0.3", features = ["sysinfoapi", "synchapi", "libloaderapi", "errhandlingapi", "winuser", "fileapi", "winnt", "minwinbase", "winbase", "handleapi", "libloaderapi"] }
widestring = "*"
1. Make sure you have the latest Rust and Cargo on your Windows machine
2. Clone the source with git:
$ git clone https://github.com/cdong1012/Simple-Rust-Malware.git
$ cd Simple-Rust-Malware3. Configure the log path:
- In
src\main.rs, change the path C:\Users\chuon\OneDrive\Desktop\testing_malware\log.txt to the path where you want your log to be stored at. - Preferably, a path to a folder where you(or the current user) have permission to write to.
4. Build the package
- In our current repository, run cargo build to build this package.
5. Run the malware
-
There are two ways to run the malware executable
-
Run with
cargo runafter you build it -
Run directly with the .exe file. You can find and run the executable at C:\Users\chuon\OneDrive\Desktop\Simple_Rust_Malware\Simple-Rust-Malware\target\debug\malware_simple.exe.
-
6. How to stop capturing
- You can hit
Ctrl-Con the Command Prompt that is running the malware to stop capturing keystroke. - After you have done this, you can view the log text file to see what we have captured.
7. Log file
-
After you are done capturing, you should see something like this in your
log.txtfile
-
As you can see, every time a key is pressed, the malware will check for the current running application and record that.
-
Here, you can see that it's capturing keystroke from my Brave browser on Sunday that I'm trying to log into my Facebook account!
8. NOTE
- This malware is ONLY for educational purposes!
- Even though it is not particularly harmful toward any Windows machine, using this malware on a machine without its user's permission is still a violation of privacy.
- Please be considerate when installing and don't use this for any malicious purpose!