https://github.com/arkamar/ptkl

Pseudo Terminal Key Logger
https://github.com/arkamar/ptkl

keylogger pts pty

Last synced: about 2 months ago
JSON representation

Pseudo Terminal Key Logger

Host: GitHub
URL: https://github.com/arkamar/ptkl
Owner: arkamar
Created: 2019-10-28T17:30:13.000Z (almost 6 years ago)
Default Branch: master
Last Pushed: 2020-06-03T23:39:42.000Z (over 5 years ago)
Last Synced: 2025-01-17T13:16:45.141Z (9 months ago)
Topics: keylogger, pts, pty
Language: C
Homepage:
Size: 17.6 KB
Stars: 3
Watchers: 3
Forks: 2
Open Issues: 1
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

          # ptkl - Pseudo Terminal Key Logger

**Beware!** This is very early stage of `LD_PRELOAD` based pseudo terminal key logger.

It overwrites `write` and `writev` libc functions and copies all data as they are to a file descriptor 100 from them for all fds pointing to `/dev/ptmx`.

File descriptor 100 is expected to be open in advance (use shell redirection `100>&2` for example).

Every logged write is prepended with PID, function name, fd number and amount of written data.

For example:

```

201: write: fd: 7: size: 1: s

```

where process with PID `201` wrote with function `write` to the file descriptor `7` one byte `s`.

---

Build with

```

make

```

Run following command to log ssh sessions.

```sh

./ptklify /usr/sbin/sshd -De 100>&2

```

Docker test cheat sheet:

```

docker build --tag=sshd .

docker run --rm --name=sshd sshd

ssh -o UserKnownHostsFile=kh root@172.17.0.2

```

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/arkamar/ptkl

Awesome Lists containing this project

README