.

[Article]-Video: Keyloggers 101

<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Sun Oct 30, 2011 8:09 pm

[Article]-Video: Keyloggers 101

Seems like a simplistic topic, but keyloggers are one of the basic tools used in attacks. Even for you pros out there, it never hurts to go back and review the basics. You'll never know what you'll find useful. Thanks Dan. We look forward to more of your videos in the coming months, especially the next one on Proxychains + TOR.

Permanent link: [Article]-Video: Keyloggers 101


Image


Dan Honkanen, GCIH, Security+, ITIL, et al

Keyloggers are usually one of the top picks for a hacker or a spy's best friend. They basically serve as the eyes and ears of the attacker. They can be based on software or hardware and send detailed reports including the user's passwords, chat logs, all typed text, launched applications and visited websites. They can even send screenshots to visually show what the user was viewing as well as any webcam and microphone activity. Most laptops today come with a built-in webcam and microphone and don't usually give any signal that they have been enabled. Any person who uses that computer will have all their activities monitored and recorded in an encrypted log which only the attacker can access.

In this video, I will present the basics of keyloggers and  also demonstrate a couple of my favorite keyloggers, their features, how hidden they are and how to prevent and detect keyloggers in general. At the end of this primer, the viewer should be able to fully understand where keyloggers fit into both sides of the equation.



As always, please offer your feedback,
Don
CISSP, MCSE, CSTA, Security+ SME
<<

millwalll

Post Mon Oct 31, 2011 4:40 am

Re: [Article]-Video: Keyloggers 101

very interesting does anyone ever use a key logger these days ?
<<

White ghost

User avatar

Newbie
Newbie

Posts: 36

Joined: Sun Oct 30, 2011 11:21 am

Location: ASIA

Post Mon Oct 31, 2011 5:20 am

Re: [Article]-Video: Keyloggers 101

i dont think so i thik social engineering is batter plan
but some times it fails
MCITP CCENT
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Mon Oct 31, 2011 7:28 am

Re: [Article]-Video: Keyloggers 101

Jamie.R wrote:very interesting does anyone ever use a key logger these days ?


I use them frequently.  Far too often, pushing out a keylogger get me creds for an application or server / network.  Depending on what I'm up to, and what I'm after, I might combine it with some social engineering, for example, such as causing a workstation or app crash, getting helpdesk or admin personnel to login to look at things, and grabbing their credentials, or just to grab usernames, passwords and web app URL's, etc., from 'Joe user.'

But yeah, most pentesters I know still use keyloggers, frequently, under a variety of circumstances.
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

White ghost

User avatar

Newbie
Newbie

Posts: 36

Joined: Sun Oct 30, 2011 11:21 am

Location: ASIA

Post Mon Oct 31, 2011 7:52 am

Re: [Article]-Video: Keyloggers 101

Yeh because using keylogger id very easy for them but
Phishing and social engineering is the best methods
MCITP CCENT
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Mon Oct 31, 2011 10:26 am

Re: [Article]-Video: Keyloggers 101

White ghost wrote:Yeh because using keylogger id very easy for them but
Phishing and social engineering is the best methods


I think it depends on the situation and what you're after.  Yes, phishing and SE can help you get usernames and passwords, but as the article reads in the first paragraph, keyloggers are much more than just getting usernames and passwords.

They can be based on software or hardware and send detailed reports including the user's passwords, chat logs, all typed text, launched applications and visited websites. They can even send screenshots to visually show what the user was viewing as well as any webcam and microphone activity.


You highly unlikely that you're going to get chat logs, a complete history of keystrokes, launches applications, and websites a user has visited from a phishing attack or SE'ing.  Yes, you can get other information via phishing and SE, but as I said, it all depends on the situation and what you're after.  You use the best method for the situation at hand, and keyloggers definitely still have their place (as hayabusa has said).
GSEC, eCPPT, Sec+
<<

p0et

User avatar

Full Member
Full Member

Posts: 197

Joined: Thu Nov 02, 2006 4:38 pm

Location: Victoria, Canada

Post Mon Oct 31, 2011 11:11 am

Re: [Article]-Video: Keyloggers 101

Hey Guys.  I know many have forgotten about keyloggers and just went onto phishing/SE'ing but I also know there are many of us (myself included) who still use them often.  I've used them as hayabusa described by having an admin come over to my workstation to "help" me or have a look at something, punch in his/her admin creds and I've instantly got elevated credentials.  I also know of quite a few parents who use commercial keyloggers to monitor their kids whereas other parents feel it's an invasion of privacy.  

Anyway, after finding out just how popular they still are, I decided to make up a little vid about them.  A few people recommended one certain keylogger which I haven't used before.... turns out it's quite the nasty little rootkit as well.  (restored the OS and it keeps coming back.  having fun though trying to remove it) lol

Forgot to mention that while researching keyloggers, I ran into several websites (including AV and CERT sites) which all say in the last year or two that "keyloggers have pushed phishing out of first place as the most-used method in the theft of confidential information". 
Last edited by p0et on Mon Oct 31, 2011 11:26 am, edited 1 time in total.
GCIH, Security+, Network+, A+, MCP, DCSE
<<

p0et

User avatar

Full Member
Full Member

Posts: 197

Joined: Thu Nov 02, 2006 4:38 pm

Location: Victoria, Canada

Post Mon Oct 31, 2011 2:54 pm

Re: [Article]-Video: Keyloggers 101

Umm.. thanks Mike but I'll leave your goat milk for someone else's skin.  ???
GCIH, Security+, Network+, A+, MCP, DCSE
<<

bpecan

Newbie
Newbie

Posts: 1

Joined: Thu Nov 17, 2011 3:38 pm

Location: DC Metro Region

Post Thu Nov 17, 2011 4:56 pm

Re: [Article]-Video: Keyloggers 101

One question about the video... I tried to download the free ardamax keylogger the video shows but when downloaded, it's actually a reg cleaner.  The other two keyloggers are not really free.  Would you know of any other free ones?  Thanks
CISSP|CEH|SEC+|ITIL
<<

p0et

User avatar

Full Member
Full Member

Posts: 197

Joined: Thu Nov 02, 2006 4:38 pm

Location: Victoria, Canada

Post Thu Nov 17, 2011 9:54 pm

Re: [Article]-Video: Keyloggers 101

hmm.. I'll take a look and pm ya back. :-)
GCIH, Security+, Network+, A+, MCP, DCSE
<<

nytfox

User avatar

Newbie
Newbie

Posts: 20

Joined: Mon Nov 28, 2011 1:54 am

Post Mon Nov 28, 2011 2:02 am

Re: [Article]-Video: Keyloggers 101

I haven't used key loggers for a long time as just KeyLoggers. but used in alota spyware applications right ? well even meterpreter has key stroke recorder which comes handy somtimes
Unlike others I love NULLS
http://treasuresec.com

Return to Special Events

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software