- This topic has 10 replies, 8 voices, and was last updated 9 years, 3 months ago by
nytfox.
-
AuthorPosts
-
-
October 31, 2011 at 1:09 am #6968
Don Donzal
KeymasterSeems like a simplistic topic, but keyloggers are one of the basic tools used in attacks. Even for you pros out there, it never hurts to go back and review the basics. You’ll never know what you’ll find useful. Thanks Dan. We look forward to more of your videos in the coming months, especially the next one on Proxychains + TOR.
Permanent link: [Article]-Video: Keyloggers 101
[align=center:3h1w44mx]
[/align:3h1w44mx]
Dan Honkanen, GCIH, Security+, ITIL, et al
Keyloggers are usually one of the top picks for a hacker or a spy’s best friend. They basically serve as the eyes and ears of the attacker. They can be based on software or hardware and send detailed reports including the user’s passwords, chat logs, all typed text, launched applications and visited websites. They can even send screenshots to visually show what the user was viewing as well as any webcam and microphone activity. Most laptops today come with a built-in webcam and microphone and don’t usually give any signal that they have been enabled. Any person who uses that computer will have all their activities monitored and recorded in an encrypted log which only the attacker can access.
In this video, I will present the basics of keyloggers and also demonstrate a couple of my favorite keyloggers, their features, how hidden they are and how to prevent and detect keyloggers in general. At the end of this primer, the viewer should be able to fully understand where keyloggers fit into both sides of the equation.
As always, please offer your feedback,
Don -
October 31, 2011 at 9:40 am #43293
Anonymous
Participantvery interesting does anyone ever use a key logger these days ?
-
October 31, 2011 at 10:20 am #43294
White ghost
Participanti dont think so i thik social engineering is batter plan
but some times it fails -
October 31, 2011 at 12:28 pm #43295
hayabusa
Participant@Jamie.R wrote:
very interesting does anyone ever use a key logger these days ?
I use them frequently. Far too often, pushing out a keylogger get me creds for an application or server / network. Depending on what I’m up to, and what I’m after, I might combine it with some social engineering, for example, such as causing a workstation or app crash, getting helpdesk or admin personnel to login to look at things, and grabbing their credentials, or just to grab usernames, passwords and web app URL’s, etc., from ‘Joe user.’
But yeah, most pentesters I know still use keyloggers, frequently, under a variety of circumstances.
-
October 31, 2011 at 12:52 pm #43296
White ghost
ParticipantYeh because using keylogger id very easy for them but
Phishing and social engineering is the best methods -
October 31, 2011 at 3:26 pm #43297
lorddicranius
Participant@White ghost wrote:
Yeh because using keylogger id very easy for them but
Phishing and social engineering is the best methodsI think it depends on the situation and what you’re after. Yes, phishing and SE can help you get usernames and passwords, but as the article reads in the first paragraph, keyloggers are much more than just getting usernames and passwords.
They can be based on software or hardware and send detailed reports including the user’s passwords, chat logs, all typed text, launched applications and visited websites. They can even send screenshots to visually show what the user was viewing as well as any webcam and microphone activity.
You highly unlikely that you’re going to get chat logs, a complete history of keystrokes, launches applications, and websites a user has visited from a phishing attack or SE’ing. Yes, you can get other information via phishing and SE, but as I said, it all depends on the situation and what you’re after. You use the best method for the situation at hand, and keyloggers definitely still have their place (as hayabusa has said).
-
October 31, 2011 at 4:11 pm #43298
p0et
ParticipantHey Guys. I know many have forgotten about keyloggers and just went onto phishing/SE’ing but I also know there are many of us (myself included) who still use them often. I’ve used them as hayabusa described by having an admin come over to my workstation to “help” me or have a look at something, punch in his/her admin creds and I’ve instantly got elevated credentials. I also know of quite a few parents who use commercial keyloggers to monitor their kids whereas other parents feel it’s an invasion of privacy.
Anyway, after finding out just how popular they still are, I decided to make up a little vid about them. A few people recommended one certain keylogger which I haven’t used before…. turns out it’s quite the nasty little rootkit as well. (restored the OS and it keeps coming back. having fun though trying to remove it) lol
Forgot to mention that while researching keyloggers, I ran into several websites (including AV and CERT sites) which all say in the last year or two that “keyloggers have pushed phishing out of first place as the most-used method in the theft of confidential information”.
-
October 31, 2011 at 7:54 pm #43299
p0et
ParticipantUmm.. thanks Mike but I’ll leave your goat milk for someone else’s skin. ???
-
November 17, 2011 at 9:56 pm #43300
bpecan
ParticipantOne question about the video… I tried to download the free ardamax keylogger the video shows but when downloaded, it’s actually a reg cleaner. The other two keyloggers are not really free. Would you know of any other free ones? Thanks
-
November 18, 2011 at 2:54 am #43301
p0et
Participanthmm.. I’ll take a look and pm ya back. 🙂
-
November 28, 2011 at 7:02 am #43302
nytfox
ParticipantI haven’t used key loggers for a long time as just KeyLoggers. but used in alota spyware applications right ? well even meterpreter has key stroke recorder which comes handy somtimes
-
-
AuthorPosts
- You must be logged in to reply to this topic.