We can just wrap the keylogger just by simple wrapping Service that Hold variable .
Without calling kernel call or editing anything … .
For Windows you can wrap it for User login and type With something like logger to wrap /etc/profile sample at your root directory … .
So it bind all keyword and send to service as logger windows event … .
How it is ? use it as startup script ? and bind it with windows startup user service … .
ENJOY OUR 0day … .
REMEMBER TO INSERT ALL THE SOURCE CODE TO /etc/profile and check your /var/log/ … .
