Hacking: Keylogger for macOS. *No permissions needed to run*

macOS is considered one of the best OS with high security in the computer industry.

But I have written a Keylogger which can log the keystrokes without any permissions required to run it, which is usually not a common behaviour in UNIX-based systems.

It can send the data to hacker easily because firewall only protects by blocking requests originated from outside but not from inside the computer.

So, how does it work?

  • Every keyboard uses HID API to work.
  • Keylogger also uses HID API to gain the data from the OS.
  • In HID there are 2 end-points: IN and OUT.
  • IN endpoint is used to send the keystrokes to the OS by the keyboard.
  • OUT endpoint is used to send the feedback to the keyboard by the OS.
  • So, I’m just using OUT endpoint to get the data.

The project has been open-sourced in GitHub.

Here is the link to it:

About the keylogger:

It is a simple and easy to use keylogger for macOS. It is not meant to be malicious. There are only few keyloggers available for Mac and none of them are in Swift.

Another problem is with Apple high-level APIs. I don’t know the reason but Apple suddenly deprecates and removes the documentation of APIs from its website.

So, I don’t want to keep checking about the availability of their APIs and changing my code frequently. That is the reason I went for low-level API which is using HID API.

Most of the keyloggers available only log keystrokes into a file without much information about on which app the keystrokes are generated.

You can find how to run the keylogger, edit the code and saving the logs in the Github repo.

Got any doubts/questions/suggestions? Comment down below.