{"id":13454556,"url":"https://github.com/hadynz/xss-keylogger","last_synced_at":"2025-03-17T10:34:02.962Z","repository":{"id":21792953,"uuid":"25115446","full_name":"hadynz/xss-keylogger","owner":"hadynz","description":"A keystroke logger to exploit XSS vulnerabilities in a site - for my personal Educational purposes only","archived":false,"fork":false,"pushed_at":"2021-12-26T00:49:03.000Z","size":172,"stargazers_count":164,"open_issues_count":1,"forks_count":39,"subscribers_count":15,"default_branch":"master","last_synced_at":"2024-10-15T07:31:30.057Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hadynz.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2014-10-12T09:40:31.000Z","updated_at":"2024-08-20T14:13:23.000Z","dependencies_parsed_at":"2022-08-19T20:40:42.137Z","dependency_job_id":null,"html_url":"https://github.com/hadynz/xss-keylogger","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hadynz%2Fxss-keylogger","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hadynz%2Fxss-keylogger/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hadynz%2Fxss-keylogger/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hadynz%2Fxss-keylogger/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hadynz","download_url":"https://codeload.github.com/hadynz/xss-keylogger/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":221675244,"owners_count":16861860,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-31T08:00:55.334Z","updated_at":"2024-10-27T12:32:42.645Z","avatar_url":"https://github.com/hadynz.png","language":"JavaScript","funding_links":[],"categories":["Exploitation"],"sub_categories":["XSS"],"readme":"# xss-keylogger\nA simple keystroke logger that listens and sends all keystrokes for a user on a Cross-site scripting (XSS) vulnerable \npage to a remote dashboard page via [websockets][1].\n\n\n## Demo\n![](https://cloud.githubusercontent.com/assets/315585/4782509/1aafaf46-5cf8-11e4-87c6-a698c7c47deb.gif)\n\n\n## Introduction\nThe XSS Keylogger project is based on a client side script which is to be embedded in a a vulnerable page that listens\nto keystrokes on a page, and broadcasts it to an actively running Node server.\n\nThe client side script connects using a persistent websocket connection to the Node server. The Node server then in\nturn relays the information received to a remote monitoring dashboard which could optionally be running.\n\nThe remote monitoring dashboard is also able to send a JavaScript snippet that is run remotely on a XSS exploited\nweb page that is being visited by an unsuspected user by piping it through [`eval()`][2].\n\n\n## Motivation\nThis project was created for XSS educational purposes and to raise awareness on how such a vulnerability can be\nexploited.\n\n**Important:** This solution should not be used for any malicious or illegal purposes.\n\n\n## Setup\nInstall `npm`, the Node package manager, using the [Homebrew][3] package manager (or using any other means of getting\n`npm` installed. Once installed, run `npm install` to resolve and install project related dependencies.\n\n```\nbrew install npm\nnpm install\n```\n\n## Running\nRun `node index.js` to start up the Node server. The server will run on port `:3000` by default. The snooping client\nscript will be available to access on the following URL:\n\n```\nhttp://localhost:3000/snoop.js\n```\n\n## Demo Harness\nTo demonstrate this utility locally, point your browser to the following two URLs:\n\n* `http://localhost:3000/innocent.html` - a sample web page that has been exploited with the XSS keystroke logger\n  client script. Any text typed on the input fields of this page will immediately be made broadcasted and made visible\n   to a sample remote spy dashboard.\n\n* `http://localhost:3000/monitor.html` - a spy dashboard that logs all remote keystrokes from exploited clients.\n\nFrom the spy dashboard, you can type and send a JavaScript snippet to run remotely in the context of the exploited\nclient. Some tame code snippets that you can try:\n\n```\n// Show a popup remotely\nalert(\"You've been Sn00ped!\");\n\n// Change background of client page to pink\ndocument.body.style.background = 'pink';\n```\n\n## Embedding Client Side script\nA blog post write-up detailing how the keylogger can be embedded in a live XSS vulnerable site is coming soon.\n\n[1]: http://dev.w3.org/html5/websockets\n[2]: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/eval\n[3]: http://brew.sh","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhadynz%2Fxss-keylogger","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhadynz%2Fxss-keylogger","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhadynz%2Fxss-keylogger/lists"}