[sh2log]Linux键盘记录 keylogger notes-睿象云平台

[sh2log]Linux键盘记录 keylogger notes

本站部分文章、图片属于网络上可搜索到的公开信息，均用于学习和交流用途，不能代表睿象云的观点、立场或意见。我们接受网民的监督，如发现任何违法内容或侵犯了您的权益，请第一时间联系小编邮箱jiasou666@gmail.com 处理。

[sh2log]Linux键盘记录 keylogger notes

不仅可以记录到击键信息，而且包括终端下的输出信息

编译选项

[root@Centos sh2log-1.0]# makePlease specify the target:make linuxmake freebsdmake openbsdmake cygwinmake sunosmake irixmake hpuxmake aixmake osf

[root@Centos sh2log-1.0]# make

Please specify the target:

make linux

make freebsd

make openbsd

make cygwin

make sunos

make irix

make hpux

make aix

make osf

如下:

[root@Centos sh2log-1.0]# make linuxgcc -g -W -Wall -o sh2log rc4.c sha1.c sh2log.c -lutil -DLINUXgcc -g -W -Wall -o sh2logd rc4.c sha1.c sh2logd.cgcc -g -W -Wall -o parser rc4.c sha1.c parser.c -lX11 -L/usr/X11R6/libparser.c:35:22: error: X11/Xlib.h: No such file or directoryparser.c: In function ‘main’:parser.c:291: error: ‘Display’ undeclared (first use in this function)parser.c:291: error: (Each undeclared identifier is reported only onceparser.c:291: error: for each function it appears in.)parser.c:291: error: ‘dpi’ undeclared (first use in this function)parser.c:292: error: ‘Window’ undeclared (first use in this function)parser.c:292: error: expected ‘;’ before ‘wnd’parser.c:293: error: ‘XWindowAttributes’ undeclared (first use in this function)parser.c:293: error: expected ‘;’ before ‘xwa’parser.c:515: warning: implicit declaration of function ‘XOpenDisplay’parser.c:522: error: ‘wnd’ undeclared (first use in this function)parser.c:524: warning: implicit declaration of function ‘XSetWindowBorderWidth’parser.c:525: warning: implicit declaration of function ‘XSync’parser.c:525: error: ‘False’ undeclared (first use in this function)parser.c:526: warning: implicit declaration of function ‘XGetWindowAttributes’parser.c:526: error: ‘xwa’ undeclared (first use in this function)parser.c:714: warning: implicit declaration of function ‘XMoveResizeWindow’parser.c:772: warning: implicit declaration of function ‘XCloseDisplay’make: *** [linux] Error 1

[root@Centos sh2log-1.0]# make linux

gcc-g-W-Wall-osh2log rc4.csha1.csh2log.c-lutil-DLINUX

gcc-g-W-Wall-osh2logd rc4.csha1.csh2logd.c

gcc-g-W-Wall-oparser rc4.csha1.cparser.c-lX11-L/usr/X11R6/lib

parser.c:35:22:error:X11/Xlib.h:No such file ordirectory

parser.c:Infunction‘main’:

parser.c:291:error:‘Display’undeclared(first useinthisfunction)

parser.c:291:error:(Eachundeclared identifier isreported only once

parser.c:291:error:foreachfunctionit appears in.)

parser.c:291:error:‘dpi’undeclared(first useinthisfunction)

parser.c:292:error:‘Window’undeclared(first useinthisfunction)

parser.c:292:error:expected‘;’before‘wnd’

parser.c:293:error:‘XWindowAttributes’undeclared(first useinthisfunction)

parser.c:293:error:expected‘;’before‘xwa’

parser.c:515:warning:implicit declaration of function‘XOpenDisplay’

parser.c:522:error:‘wnd’undeclared(first useinthisfunction)

parser.c:524:warning:implicit declaration of function‘XSetWindowBorderWidth’

parser.c:525:warning:implicit declaration of function‘XSync’

parser.c:525:error:‘False’undeclared(first useinthisfunction)

parser.c:526:warning:implicit declaration of function‘XGetWindowAttributes’

parser.c:526:error:‘xwa’undeclared(first useinthisfunction)

parser.c:714:warning:implicit declaration of function‘XMoveResizeWindow’

parser.c:772:warning:implicit declaration of function‘XCloseDisplay’

make:***[linux]Error1

错误：

parser.c:35:22: error: X11/Xlib.h: No such file or directory

1	parser.c:35:22:error:X11/Xlib.h:No such file ordirectory

安装X11

[root@Centos sh2log-1.0]# yum install libX11-devel

1	[root@Centos sh2log-1.0]# yum install libX11-devel

再编译:

[root@Centos sh2log-1.0]# make linuxgcc -g -W -Wall -o sh2log rc4.c sha1.c sh2log.c -lutil -DLINUXgcc -g -W -Wall -o sh2logd rc4.c sha1.c sh2logd.cgcc -g -W -Wall -o parser rc4.c sha1.c parser.c -lX11 -L/usr/X11R6/lib

[root@Centos sh2log-1.0]# make linux

gcc-g-W-Wall-osh2log rc4.csha1.csh2log.c-lutil-DLINUX

gcc-g-W-Wall-osh2logd rc4.csha1.csh2logd.c

gcc-g-W-Wall-oparser rc4.csha1.cparser.c-lX11-L/usr/X11R6/lib

先删除演示：

[root@Centos sh2log-1.0]# rm test.bin

1	[root@Centos sh2log-1.0]# rm test.bin

配置：

发现sh2logd 已经启动了当前目录下生成了以时间命名的BIN文件

-rw------- 1 root root 0 Jan 7 05:24 sh2log-20130107-052402.bin

1	-rw-------1root root0Jan705:24sh2log-20130107-052402.bin

查看记录

先打开个终端操作以下：

[root@Centos log]# bash[root@Centos log]# ls -latotal 112drwxr-xr-x 3 root root 4096 Jan 7 05:17 .drwxrwxrwt 17 root root 4096 Jan 7 05:18 ..drwxr-xr-x 2 root root 4096 Jan 7 05:24 sh2log-1.0-rw-r--r-- 1 root root 80240 Nov 8 2006 sh2log-1.0.tgz[root@Centos log]# pwd/tmp/log[root@Centos log]#

[root@Centos log]# bash

[root@Centos log]# ls -la

total112

drwxr-xr-x3root root4096Jan705:17.

drwxrwxrwt17root root4096Jan705:18..

drwxr-xr-x2root root4096Jan705:24sh2log-1.0

-rw-r--r--1root root80240Nov82006sh2log-1.0.tgz

[root@Centos log]# pwd

/tmp/log

[root@Centos log]#

查看日志：

[root@Centos sh2log-1.0]# ./parser sh2log-20130107-052402.binSID SOURCE IP UID PID START DATE END DATE DURATION1 [127.0.0.1] 0 (27293) 07/01 05:25 | 07/01 05:25 X 03s2 [127.0.0.1] 0 (27407) 07/01 05:26 | 07/01 05:26 X 02sIn interactive mode, use Enter to fast forward, Space to pause and q to quit.Note that xterm is required for window resizing.Session ID -> 2Interactive mode (y/n) ? n07/01 05:26:53 -> ls -la07/01 05:26:53 -> pwd

[root@Centos sh2log-1.0]# ./parser sh2log-20130107-052402.bin

SID SOURCE IP UID PID START DATE ENDDATE DURATION

1[127.0.0.1]0(27293)07/0105:25|07/0105:25X03s

2[127.0.0.1]0(27407)07/0105:26|07/0105:26X02s

Ininteractive mode,useEnter tofast forward,Space topause andqtoquit.

Note that xterm isrequired forwindow resizing.

Session ID->2

Interactive mode(y/n)?n

07/0105:26:53->ls-la

07/0105:26:53->pwd

告警通知变得轻松便捷——微信告警接口指南

938 2023-02-12

[sh2log]Linux键盘记录 keylogger notes

实时警报通知：微信告警通知的重要性解析

告警通知变得轻松便捷——微信告警接口指南

睿象云智能告警平台的分派策略