Welcome to The Forum

Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to

existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile

and so much more. This message will be removed once you have signed in.

Active Hackers

The best community of active hackers. This community has been working in hacking for more than 10 years.


Hacker Forum

Hacker from all countries join this community to share their knowledge and their hacking tools

    Hacking Tools

    You can find thousands of tools shared by hackers. RAT's, Bot's, Crypters FUD, Stealers, Binders, Ransomware, Mallware, Virus, Cracked Accounts, Configs, Guides, Videos and many other things.


      Become a Priv8 user and access all parts of the forum without restrictions and without limit of download. It only costs 100 dollars, and it will last you for a lifetime.

      Read Rules

      In this community we follow and respect rules, and they are the same for everyone, regardless of the user's rank. Read the rules well not to be prohibited.

      Sign in to follow this  

      [C] GPU Based Keylogger [Undetectable] [Full Source Code]

      Recommended Posts

      This is a GPU Based keylogger, meaning it resides and functions on the graphic processing unit rather than the CPU.

      Its capable of doing this By instructing the GPU to carefully monitor ,via DMA , the physical page where the keyboard buffer resides,

      it thus can record all user keystrokes and store them in the memory space of the GPU.


      Hidden Content

        Give reaction to this post to see the hidden content.


      Hidden Content

        Give reaction to this post to see the hidden content.


      It does not rely on any kernel modifications besides altering the page table, and uses a small code snippet that needs to run just once from kernel context to acquire the physical address of the keyboard buffer.

      This code is completely standalone, does not require any hooks or other modifications, and is completely removed after it accomplishes its task.

      The physical address of the keyboard buffer is then used by the GPU to monitor all user keystrokes directly via DMA, through the direction of a user-level controller process.


      Requirements for use:


      • OpenCL drivers/icd's installed
      • AMD or NVIDIA card (although AMDAPPSDK does support intel)
      • linux kernel headers


      Here is a summary of what this POC does:

      • CPU kernel module bootstrap to locate keyboard buffer via DMA in usb struct
      • keyboard buffer gets stored in userland file
      • kernel module deletes itself
      • OpenCL stores that keyboard buffer inside gpu and deletes file due to evidence


      Thanks to team Jellyfish for this POC...all credits goes to them.




      Hidden Content

        Give reaction to this post to see the hidden content.






      Pass: level23



      Why is it undetectable?

      The answer is easy...Current malware analysis and detection systems are tailored to CPU architectures only, and therefore are ineffective against GPU-based malware

      Edited by Diabl0

      Share this post

      Link to post
      Share on other sites
      This topic is now closed to further replies.
      Sign in to follow this