CS430 Project 3: Kernel Module Keylogger

Due Monday, April 8

Project Description

Create a keylogger that will function as a loadable kernel module. It should track the last 15 characters, and analyze to see if they meet common password rules (includes 3 of the 4: lowercase letters, uppercase letters, symbols, numbers). Additionally, you may incorporate time into determining if a password has been typed, because generally the password will be typed rapidly, after which there will be some pause in typing. The keylogger should track at least the last 100 possible passwords.

Details

Adding a handler for interrupt #1 is an easy method, but only works for PS/2 keyboards. An example of adding an interrupt handler was discussed in class and should be available in the class examples area. Today, most keyboards use the USB interface, and as such, don't generate one interrupt per keystroke. You can register a keyboard handler. Refer to the red-black tree demo from class. There's also a simpler demo available (kbd.c).
As an interface, your kernel module should use the /proc filesystem. Reading from a file in this filesystem should produce a log of recent passwords entered, so at least the last 100 passwords. You will have to convert the keystrokes to letters. There is code for this in the kernel, but it may be easier to write your own. You don't have to implement write functionality for your entry in /proc. The way to turn off the keylogger is to remove the module from the kernel.

Turning in the assignment

Pack together anything needed for the assignment into an archive, and upload it like usual. If you have only one file, you can upload it as a .c and not bother with a .zip or .tar file.