Jump to content

[C] GPU Based Keylogger [Undetectable] [Full Source Code]


Diabl0
 Share

Recommended Posts

This is a GPU Based keylogger, meaning it resides and functions on the graphic processing unit rather than the CPU.

Its capable of doing this By instructing the GPU to carefully monitor ,via DMA , the physical page where the keyboard buffer resides,

it thus can record all user keystrokes and store them in the memory space of the GPU.

 

Hidden Content

    Give reaction to this post to see the hidden content.

 

Hidden Content

    Give reaction to this post to see the hidden content.

 

It does not rely on any kernel modifications besides altering the page table, and uses a small code snippet that needs to run just once from kernel context to acquire the physical address of the keyboard buffer.

This code is completely standalone, does not require any hooks or other modifications, and is completely removed after it accomplishes its task.

The physical address of the keyboard buffer is then used by the GPU to monitor all user keystrokes directly via DMA, through the direction of a user-level controller process.

 

Requirements for use:

 


  • OpenCL drivers/icd's installed
  • AMD or NVIDIA card (although AMDAPPSDK does support intel)
  • linux kernel headers

 

Here is a summary of what this POC does:

  • CPU kernel module bootstrap to locate keyboard buffer via DMA in usb struct
  • keyboard buffer gets stored in userland file
  • kernel module deletes itself
  • OpenCL stores that keyboard buffer inside gpu and deletes file due to evidence

 

Thanks to team Jellyfish for this POC...all credits goes to them.

Download:

[HIDE-THANKS]

Link:

Hidden Content

    Give reaction to this post to see the hidden content.

[/HIDE-THANKS]

 

Password:

 

 

Pass: level23

 

 

Why is it undetectable?

The answer is easy...Current malware analysis and detection systems are tailored to CPU architectures only, and therefore are ineffective against GPU-based malware

Edited by Diabl0
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

Chat Room

Chat Room

Chatroom Rules

No support in chat, open a thread.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.