## About: * Title: BunnyLogger * Description: Key logger which sends each and every key stroke of target remotely/locally. * AUTHOR: drapl0n * Version: 1.0 * Category: Credentials * Target: Unix-like operating systems with systemd. * Attackmodes: HID, Storage ## BunnyLogger: BunnyLogger is a Key Logger which captures every key stroke of traget and send them to attacker. ### Features: * Live keystroke capturing. * Detailed key logs. * Persistent * Autostart payload on boot. ### Workflow: * Encoding payload and injecting on target's system. * Checks whether internet is connected to the target system. * If internet is connected then it sends raw keystrokes to attacker. * Attacker processes raw keystrokes. ### Changes to be made in payload.sh: * Replace ip(0.0.0.0) and port number(4444) with your servers ip address and port number on line no `11`. * Increase/Decrease time interval to restart service periodically (Default is 15 mins), on line no `15`. ### LED Status: * `SETUP` : MAGENTA * `ATTACK` : YELLOW * `FINISH` : GREEN ### Directory Structure of payload components: | FileName | Directory | | -------------- | ----------------------------- | | payload.txt | /payload/switch1/ | | payload.sh | /payload/ | | xinput | /tools/ | ### Usage: 1. Encode payload.txt and inject into target's system. 2. Start netcat listner on attacking system: * `nc -lvp > ` use this command to create new logfile with raw keystrokes. * `nc -lvp >> ` use this command to append raw keystrokes to existing logfile. 3. Process raw keystrokes using BunnyLoggerDecoder utility: ``` ./bunnyLoggerDecoder bunnyLoggerDecoder is used to decode raw key strokes acquired by bunnyLogger. Usage: Decode captured log: [./bunnyLoggerDecoder -f -m -o ] Options: -f Specify Log file. -m Select Mode(normal|informative) -o Specify Output file. -h For this banner. ``` #### Support me if you like my work: * https://twitter.com/drapl0n