Recently i have been studying on malware analysis on my own, as a college student,through books (Practical Malware Analysis),online tutorials (kienmanowar OLLYDBG) and self programming.

No experience yet ,but i tried to write a simple keylogger program in C, and i was wondering: How can a keylogger program send data over other network to the Attacker?

Assuming the victim's machine has the Internet Connection.

I have done some research on C Socket Programming, but it seems like a non-practical way for a real-life keylogger program to achieve this purpose.

I would appreciate if someone could give me some keywords, links to related documents,or book name so that i can gain more knowledge about this .

Sorry for my English grammar!

 

Edited February 18, 20196 yr by mercy12a1

generally they log to a memory block / buffer or to a file, once that gets full, reaches a specific size, system is idle or whatever event / threshold you decide up on, then it would do the transmission of the logged keystrokes to the target server... 

Edited February 18, 20196 yr by evlncrn8

Check this out.. it’s basic but shows the details of sending data over inter/intranet, local networking you should be able to use some http (firewalls typically turn the cheek w/ http) and send your socket data keylog somewhere

otherwise youll need to learn some tricks with your own server (c&c) or irc (bot like)

or email it out to some fake email

this is remotely connecting and controlling a machine but the Net info is a good basics to understand