Raspberry Pi Pikeyd165 keylogging


Revision as of 15:28, 10 February 2018 by Falz (talk | contribs)

I ran in to a few issues where ghost button presses were happing on my Neo Geo Arcade Cabinet so resorted to debugging with a the logkeys keylogger. Here's how to install it on a Rapsberry pi and debug the pikeyd165 driver:

Install required packages to build logkeys. You may already have some of these installed:

sudo apt-get install autoconf automake libtool autotools-dev git

Download and compile logkeys. If the command gives an error I may have missed a package above.

git clone
cd logkeys
cd build
sudo make install

Now you must determine which input device pikeyd165 is showing up as, this will depend on if you have a keyboard and some other things. Look at the file /proc/bus/input/devices to find yours. Mine is event4 below on the Handlers line:

less /proc/bus/input/devices
<snip removed the real keyboard stuff>
I: Bus=0003 Vendor=0001 Product=0001 Version=0001
N: Name="uinput-sample"
P: Phys=
S: Sysfs=/devices/virtual/input/input4
U: Uniq=
H: Handlers=sysrq kbd event4 rfkill 
B: EV=100003
B: KEY=ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff fffffffe

I put this in the pi user's .bashrc to start on boot. You could also just run this one time via ssh if you'd like. Be sure to modify event4 to whatever yours is:

sudo logkeys --start --device /dev/input/event4 --output /var/log/logkeys.log

All output from pikeyd165 should now be logged to /var/log/logkeys.log. In my case it was registering all buttons mapped in pikeyd165.conf. Note that a few seem odd due to the shift key being virtually pressed. ! is 1, % is 5, ^ is 6.

<F2><Esc> <LShft>ZXIKWQ<Left><Right><LCtrl><LAlt>SAGd%!<Up><Down>FR"^

I'm currently working to determine what is actually causing this. It doesn't seem to happen while idling at the input menu, only while in a game. It happens in both Advmame as well as libretro FBA. Advmame sees the F2 and Escape and acts accordingly - escapes the game or goes to VTY2. Libretro seems to ignore everything, perhaps due to it being 24 characters at once.