HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 85 guests and 1 member online
EH-Net News Feeds
Latest Additions
 
Advertisement

You are here: Home arrow Forum arrow EH-Netarrow Special Eventsarrow [Article]-Video: Keyloggers 101
EH-Net
May 26, 2012, 10:49:08 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Advertise on EH-Net!! - Reasonable Rates, Highly Targeted Audience.
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: [Article]-Video: Keyloggers 101  (Read 19317 times)
0 Members and 2 Guests are viewing this topic.
don
Editor-In-Chief
Administrator
Hero Member
*****
Offline Offline

Posts: 3917


Editor-In-Chief


View Profile WWW
« on: October 30, 2011, 08:09:19 PM »
Seems like a simplistic topic, but keyloggers are one of the basic tools used in attacks. Even for you pros out there, it never hurts to go back and review the basics. You'll never know what you'll find useful. Thanks Dan. We look forward to more of your videos in the coming months, especially the next one on Proxychains + TOR.

Permanent link: [Article]-Video: Keyloggers 101

Quote


Dan Honkanen, GCIH, Security+, ITIL, et al

Keyloggers are usually one of the top picks for a hacker or a spy's best friend. They basically serve as the eyes and ears of the attacker. They can be based on software or hardware and send detailed reports including the user's passwords, chat logs, all typed text, launched applications and visited websites. They can even send screenshots to visually show what the user was viewing as well as any webcam and microphone activity. Most laptops today come with a built-in webcam and microphone and don't usually give any signal that they have been enabled. Any person who uses that computer will have all their activities monitored and recorded in an encrypted log which only the attacker can access.

In this video, I will present the basics of keyloggers and  also demonstrate a couple of my favorite keyloggers, their features, how hidden they are and how to prevent and detect keyloggers in general. At the end of this primer, the viewer should be able to fully understand where keyloggers fit into both sides of the equation.


As always, please offer your feedback,
Don
Logged
CISSP, MCSE, CSTA, Security+ SME
Jamie.R
Hero Member
*****
Offline Offline

Posts: 626



View Profile WWW
« Reply #1 on: October 31, 2011, 04:40:23 AM »
very interesting does anyone ever use a key logger these days ?
Logged
OSWP | eCPPT | HackingDojo Nidan
www.jamierougive.co.uk
White ghost
Newbie
*
Offline Offline

Posts: 36


Im a ghost from paradise


View Profile
« Reply #2 on: October 31, 2011, 05:20:42 AM »
i dont think so i thik social engineering is batter plan
but some times it fails
Logged
MCITP CCENT
hayabusa
Hero Member
*****
Offline Offline

Posts: 1304



View Profile
« Reply #3 on: October 31, 2011, 07:28:59 AM »
Quote from: Jamie.R on October 31, 2011, 04:40:23 AM
very interesting does anyone ever use a key logger these days ?

I use them frequently.  Far too often, pushing out a keylogger get me creds for an application or server / network.  Depending on what I'm up to, and what I'm after, I might combine it with some social engineering, for example, such as causing a workstation or app crash, getting helpdesk or admin personnel to login to look at things, and grabbing their credentials, or just to grab usernames, passwords and web app URL's, etc., from 'Joe user.'

But yeah, most pentesters I know still use keyloggers, frequently, under a variety of circumstances.
Logged
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

OSCP , GPEN, C|EH
White ghost
Newbie
*
Offline Offline

Posts: 36


Im a ghost from paradise


View Profile
« Reply #4 on: October 31, 2011, 07:52:39 AM »
Yeh because using keylogger id very easy for them but
Phishing and social engineering is the best methods
Logged
MCITP CCENT
lorddicranius
Sr. Member
****
Offline Offline

Posts: 396



View Profile WWW
« Reply #5 on: October 31, 2011, 10:26:55 AM »
Quote from: White ghost on October 31, 2011, 07:52:39 AM
Yeh because using keylogger id very easy for them but
Phishing and social engineering is the best methods

I think it depends on the situation and what you're after.  Yes, phishing and SE can help you get usernames and passwords, but as the article reads in the first paragraph, keyloggers are much more than just getting usernames and passwords.

Quote
They can be based on software or hardware and send detailed reports including the user's passwords, chat logs, all typed text, launched applications and visited websites. They can even send screenshots to visually show what the user was viewing as well as any webcam and microphone activity.

You highly unlikely that you're going to get chat logs, a complete history of keystrokes, launches applications, and websites a user has visited from a phishing attack or SE'ing.  Yes, you can get other information via phishing and SE, but as I said, it all depends on the situation and what you're after.  You use the best method for the situation at hand, and keyloggers definitely still have their place (as hayabusa has said).
Logged
Blog: http://lorddicranius.wordpress.com/
p0et
Full Member
***
Offline Offline

Posts: 197



View Profile
« Reply #6 on: October 31, 2011, 11:11:23 AM »
Hey Guys.  I know many have forgotten about keyloggers and just went onto phishing/SE'ing but I also know there are many of us (myself included) who still use them often.  I've used them as hayabusa described by having an admin come over to my workstation to "help" me or have a look at something, punch in his/her admin creds and I've instantly got elevated credentials.  I also know of quite a few parents who use commercial keyloggers to monitor their kids whereas other parents feel it's an invasion of privacy.  

Anyway, after finding out just how popular they still are, I decided to make up a little vid about them.  A few people recommended one certain keylogger which I haven't used before.... turns out it's quite the nasty little rootkit as well.  (restored the OS and it keeps coming back.  having fun though trying to remove it) lol

Forgot to mention that while researching keyloggers, I ran into several websites (including AV and CERT sites) which all say in the last year or two that "keyloggers have pushed phishing out of first place as the most-used method in the theft of confidential information". 
« Last Edit: October 31, 2011, 11:26:39 AM by p0et » Logged
GCIH, Security+, Network+, A+, MCP, DCSE
p0et
Full Member
***
Offline Offline

Posts: 197



View Profile
« Reply #7 on: October 31, 2011, 02:54:20 PM »
Umm.. thanks Mike but I'll leave your goat milk for someone else's skin.  Huh
Logged
GCIH, Security+, Network+, A+, MCP, DCSE
bpecan
Newbie
*
Offline Offline

Posts: 1


View Profile
« Reply #8 on: November 17, 2011, 03:56:06 PM »
One question about the video... I tried to download the free ardamax keylogger the video shows but when downloaded, it's actually a reg cleaner.  The other two keyloggers are not really free.  Would you know of any other free ones?  Thanks
Logged
CISSP|CEH|SEC+|ITIL
p0et
Full Member
***
Offline Offline

Posts: 197



View Profile
« Reply #9 on: November 17, 2011, 08:54:58 PM »
hmm.. I'll take a look and pm ya back. :-)
Logged
GCIH, Security+, Network+, A+, MCP, DCSE
nytfox
Newbie
*
Offline Offline

Posts: 20



View Profile
« Reply #10 on: November 28, 2011, 01:02:07 AM »
I haven't used key loggers for a long time as just KeyLoggers. but used in alota spyware applications right ? well even meterpreter has key stroke recorder which comes handy somtimes
Logged
Unlike others I love NULLS
http://treasuresec.com
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.16 | SMF © 2011, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.072 seconds with 21 queries.
 

gk_static-ad_feb2012.jpg
Global Knowledge: Build Security Skills to Protect & Defend

els_130x200fixed2.gif
eLearnSecurity Student Course Now Live!
5% Off with Code
ELS-EH-5

SANS Deals 4 EH-Netters
$150 OFF Any SANS Course in Any Format!
Coupon Code: EHN_Connect Including SANS Security West 2012 & SANSFIRE 2012
Recent Forum Topics

cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!

Vote For EH-Net

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2012 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.