Welcome to the peeping-tom project repo! Peeping-tom is a two-part program with a peeping-client deployed on a target and a toms-server listening for keylogs on the attacker machine. Getting up and running requires a decent amount of set up, so make sure to carefully read and follow the instructions below.
Of course, if you have any suggestions, feedback, issues, etc... feel free to reach out or create an issue or pull request.
- Features
- Pre-Requisites
- Instructions
- Demo
- Troubleshooting
- How to protect yourself?
- Contributing
- Disclaimer
- Acknowledgement
- Contact
- Records ALL keystrokes (including system keys)
- Compact size & low resource consumption
- Customizable callback interval
- Companion Python server
- AES-256 encryption
- Low AV detection
- Visual Studio - The community edition is good enough for our purposes
- Python - Download and install Python 3.9 for your OS
- Ngrok - You will need a free Ngrok account as well as the Ngrok program to make your machine accessible from the internet
Step 1: Open peeping-tom solutions file in Visual Studio
First things first, download and install the community edition of Visual Studio onto your machine from the link above. When moving through the installer, make sure to select the "Python development" and the "Desktop development with C++" workloads as they will be necessary to properly load and compile the project.
Once everything has finished installing, launch Visual Studio and select the "Clone a repository" option. Enter the project's git URL and hit clone.
If everything loaded correctly, you should see both projects in the solutions explorer window to the right as shown below.
Step 2: Configure compiler/linker options in Visual Studio
Now that the tool is loaded into Visual Studio, we will need to change a couple of options and compile a library before building. This will remove any program/library dependencies when running on the target.
The first task is to statically compile the Crypto++ library which is used for encryption in the keylogger. Start this process by downloading version 8.6.0 of the library here.
Once you've downloaded the ZIP file, extract it to a folder, navigate into it, and launch the cryptest.sln with Visual Studio. You should now have two Visual Studio windows, one with the peeping-tom solution, and the other with cryptest solution open.
Once the cryptest.sln file has loaded into Visual Studio, click on "Debug" on the top toolbar and set it to "Release." Also change the architecture to x64 as shown below.
Now, right-click on the cryptlib project, and select properties. Change the highlighted option as shown.
Once that is complete, build the cryptest solution.
The build will take a good minute or two, but once it's done, a file named cryptlib.lib should appear in the your version of the path below. Find the file and copy its path for the next step.
C:\Users\Abdullah Beta\Downloads\cryptopp860\x64\Output\Release\cryptlib.libOnce you've located the file and copied its path, return to the Visual Studio window that has the peeping-tom solution open. Right-click on the peeping-client project, and select properties. Navigate to the option showed in the screenshot below, and paste the path of cryptlib.lib.
Make sure that the peeping-client project is also set to "Release" and that the architecture is set to x64. DON'T build the peeping-tom solution yet as there are still some changes that need to be made in the source code.
Step 3: Open an public tunnel to localhost:80
Onto to the tunnel. Once you've created an Ngrok account, download Ngrok for your OS from the link above and extract the executable from the ZIP file. Before opening a tunnel, you will need to grab a personal authentication token from your account as shown below.
Once you have the token, add it to Ngrok's local configuration with the following command:
ngrok config add-authtoken 7cxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxmgZ5Finally, go ahead and open the tunnel using the following command:
ngrok http 80 --scheme=httpIf all went well, you should see something similar to the image below. Great! Now you're all set for this step. Go ahead and grab the "Forwarding" address highlighted and save it someplace safe for later.
Step 4: Generate new AES-256 key
At this point, you can go ahead and download Python onto your machine. Once that is installed, open a CMD window in the toms-server project directory.
Install the required dependencies with:
pip3 install -r requirements.txt Once everything is ready, run:
python3 toms-server.py -m keygenThis should output a 64 character AES-256 key which you will also need later on, so make sure to save it along with the Ngrok forwarding address.
Step 5: Set required fields in peeping-client source
Now, we have everything we need to begin. Open the peeping-client project->source files->peeping-client.cpp source file from the solutions explorer. Enter the relevant information in the first two variables of the main() function shown below.
After your information is entered, head over to peeping-client project->header files->APIHook.h and replace the "15" in the image below with your desired interval for callback in seconds (i.e change 15 to 7200 for callback every two hours...you get the idea).
Finally, build the project and you should find an executable in your version of the following location:
C:\Users\Abdullah Beta\source\repos\peeping-client\x64\ReleaseCongratulations! You now have a fully customized keylogger configured to callback with encrypted keyboard data at regular intervals.
Step 6: Start listening server
The final step is to begin listening for incoming keylogs from the target. You can start the server in listening mode with the following command:
python3 toms-server.py -m serverOnce the server has started, enter the exact AES key you generated earlier and used in the peeping-client.cpp source file. If the key is accepted, you should get a message saying that the server has been started!
Step 7: Analyze logs + important notes
All that's left is executing the newly-built peeping-client.exe on the target. I will the how of that to your creativity. Every time the interval you set passes, you will receive a message on the terminal.
Warning: Please be sure to not lose internet connection or close your Ngrok tunnel during this period as this would necessitate re-executing the peeping-client.exe program on the target.
All keylogs will be written to a keylog,txt file in the directory of the toms-server script and can be viewed from there. That's all for the instructions, hope you were able to get up and running without any major hurdles!
Coming soon!
- If the toms-server project fails to load in Visual Studio becuase of insufficent permisssions, right-click on the project and select "Reload." This should rectify the issue.
- Even though I have added a requirements file for the python companion script, sometimes, the requests library used to generate AES keys does not install. In that case simply install it manually as shown below.
pip3 install requests- Use the on-screen keyboard for ultra-sensitive information
- Update your antivirus software regularly
- Check your firewall settings
- Install a secure password manager
When contributing to this repository, please discuss the changes you wish to make via issue, email, or LinkedIn.
This project is only for educational purposes. Any kind of bad behavior conducted with this project is the user's own responsibility. I hereby forfeit responsiblity for any illegal actions.
This project was partially guided by Ermin Kreponic's Udemy course and was overhauled to incorporate some new ideas I had and new skills I had learned.
Author - Abdullah Ansari ©
Contact Info - Email