Keylogger project, 4

30.10.2005 21:47

I'm still experimenting with the prototype board I've made last week. Today I've attached two cables to the board: one for the computer and one for the keyboard. Since proper PS/2 connectors are hard to come by, I've simply bought a cheap keyboard extension cord and cut it in half. You can see the board connected to my computer on the picture below.

At the moment it looks like I've chosen the right software approach. I've been able to put code that reads scan codes from the keyboard to one buffer, code that sends scan codes from a second buffer to the computer and code the copies data between two buffers into 971 bytes of machine code (or 417 lines of C). That leaves more than a kilobyte of space for the code that sends data in the opposite direction and serial EEPROM driver code.

Even though the current prototype is only capable of moving data from the keyboard to the computer and not vice-versa it seems to work surprisingly well (I'm writing this post through the key logger). Regarding the complexity of the PS/2 protocol I didn't expect that the keyboard would be usable if it wasn't able to receive commands from the PC. Caps lock LED and other LEDs aren't working of course.

One interesting thing I noticed is that the keyboard will send a packet containing hex 0xAA to the PC as soon as it is turned on. If I let this packet through, the computer (running Linux) will ignore any key presses. I'm guessing it has sent some command to the keyboard (which won't currently reach the keyboard) and is waiting for an answer. The quick and dirty fix was that I simply added a filter to the key logger code that won't let a 0xAA through.

Posted by Tomaž | Categories: Digital

Add a new comment


(No HTML tags allowed. Separate paragraphs with a blank line.)