Keelog.com has a really concise description of how to build a PS/2 based keylogger. The main components are an AT89C2051 microcontroller and a 24C512 serial EEPROM. Once it is plugged in, the device begins recording all of the codes generated by the keyboard. The data can then be dumped using their keygrab software.
[thanks Boss]
My bad, actually it’s http://www.keelog.com/
Posted at 12:59 pm on Feb 17th, 2006 by Bob Dole
i saw this project here some minutes ago … good one …. i’ll do it tomorrow … this is very usefull :D
Posted at 2:47 pm on Feb 17th, 2006 by lahuel "wyr3x" román
There’s a commercial aspect to this.
http://www.keyghost.com/ordering.htm
Nice to know i can finally make my own now.
Posted at 6:48 pm on Feb 17th, 2006 by winphreak
Here is a wireless keystroke data tap that transmits the data to a remote location:
http://gbppr.trighost.org/mil/keystroke/index.html
Posted at 7:18 pm on Feb 17th, 2006 by rc:line
looks like hackaday has already started to suffocate keelog.com; or maybe their server was already mollasas. :)
Posted at 7:19 pm on Feb 17th, 2006 by Mr. Bill
Whoo Im so doing this tomorow or sometime this weekend. But how many keystrokes is 65536 bytes? And is there anyway that there diagram could be altered to increase capacity?
Posted at 11:06 pm on Feb 17th, 2006 by abseeley
@ abseeley:
“Although the keyboard logger has 64kbytes of memory, this doesn’t mean 64 thousand keystrokes can be memorized. One key-press-release sequence requires 3 bytes for a standard key and 5 bytes for an extended key.”
65536 / 3 = whatever.
ditto on increasing capacity. How?
Posted at 12:19 am on Feb 18th, 2006 by joelanders
@joelanders
Ok i’ve been checking out other EEPROMs and If you go parralell instead of serial then you can get up to about 512kb I think at least. But I dont know how this would effect the circuit im going to look into it more and revise. I’m still kinda getting my feet wet with the hole electronics thing but im wading through it ok. Oh and its 21000 approx keystrokes.
Posted at 12:24 am on Feb 18th, 2006 by abseeley
Don’t go parallel!
Since the 24C512 memory they are using is I2C, there are two ways you can go. The quickest way might be just to replace the chip with a 24xx1025, which Microchip sells and is twice as large.
The more extensible option is to add more 24xx512 chips. Because they are I2C devices, up to *EIGHT* can be connected using the same two data lines. Each eeprom needs to have a unique id, which is set by connecting each of A0, A1 and A2 on the eeprom to either it’s ground or Vcc pin (the Keelog logger has them floating, which is probably a bad idea.) Then the microcontroller can select which chip to use by sending the corresponding ID.
Both of these require the microcontroller code to be altered, good thing they supplied source code :)
Posted at 7:33 am on Feb 18th, 2006 by pelrun
For those with more money than time and/or electronics skills:
http://www.thinkgeek.com/gadgets/security/5a05/
They also have a USB version:
http://www.thinkgeek.com/gadgets/security/7af2/
Posted at 9:30 pm on Feb 20th, 2006 by ed3
Nevermind me. Looks like the same thing. Saw the rest of the site where they sell a 256Kb version for half what ThinkGeek wants for the 128…
Posted at 9:32 pm on Feb 20th, 2006 by ed3
anyone who’s got the programmer wanna sell me a programmed AT89C2051?
Posted at 5:31 pm on Feb 21st, 2006 by mike
You can get SOIC-8 I2C eeproms/flash up to around 4Mb (512kB) for $3 or so.
Posted at 7:20 pm on Feb 21st, 2006 by Wim L
As I know http://www.keelog.com will release outstading USB version of their logger soon…
Posted at 2:51 pm on Jun 8th, 2006 by Zy
if i had to buy a hardware keylogger,
which would you recommend?
is the one in keelog good enough?
i like the fact it’s cheaper than http://www.thinkgeek.com/gadgets/security/5a05/
Posted at 12:56 pm on Jul 1st, 2006 by geffchang
can’t you use a radio transmitter with it instead (or with) memory. something like this: http://sci-toys.com/scitoys/scitoys/computers/radio/computer_controlled_transmitter.html
this could be done with pics (with different source code), right?
Posted at 4:06 am on Jul 14th, 2006 by hike
holas
Posted at 1:57 pm on Jul 20th, 2006 by wilfredo
The connector pinout shown in their schematic is wrong. I have all theparts and the chip is programmed and now I am getting ready to build one…was double checking pinouts on web to verify everything so I don’t screw anything up…
I’ll double check by this weekend once I build and test but all indications are that Keelog’s schematic is wrong.
I’ll let everyone know.
Jdog
Posted at 8:38 am on Jul 26th, 2006 by Jdog
The connector pinout shown in their schematic is wrong. I have all theparts and the chip is programmed and now I am getting ready to build one…was double checking pinouts on web to verify everything so I don’t screw anything up…
I’ll double check by this weekend once I build and test but all indications are that Keelog’s schematic is wrong.
I’ll let everyone know.
Jdog
Posted at 8:39 am on Jul 26th, 2006 by Jdog
Sorry for the double post…
I figured it out. Keelog site reversed the pin numbers for male and female connectors in their DIY schematic.
As labeled and shown in their schematic…if you just swap only the numbering (computer connector numbering to keyboard connector numbering and vice versa) then it correctly corresponds to PS/2 pinouts as:
1 = data
2 = N/C
3 = Gnd
4 = +5 (Vcc)
5 = CLK
6 = N/C
Hope this helps!
Jdog
Posted at 6:26 pm on Jul 26th, 2006 by Jerry Schrader
here is the new DIY project form KeeLog, now it’s wireless:
Does anyone use PS/2 anymore?
Posted at 8:47 pm on Jul 17th, 2009 by 35
dep zaj khong thang khon
Posted at 5:57 am on Jul 24th, 2009 by anhemoipaymatnguoilapaymatnguoi
Hardware keyloggers give very few information, you might consider a softare keylogger as well. I found following comparison (Use google translate) http://www.spy3k.be/spyblog/172/a-software-keylogger-a-hardware-keylogger/
Posted at 3:59 am on Jul 28th, 2009 by spyblog
Hack a Day serves up fresh hacks each day, every day from around the web and a special How-To hack each week.
Powered by WordPress
Actually the web address is http://www.keylog.com….
Posted at 12:57 pm on Feb 17th, 2006 by Bob Dole