Key logging or Key stroke logging is an unethical way of monitoring the key strokes of a person without his knowledge.This is a very successful attack with success rate of 80-90%.This can also be used to grab the form or screen image of the person.This is carried out in form of hard ware or software.
"In this article we will basically concentrate on software based keylogging"
Hardware keylogger:
It does not need any software it is purely hardware based,it is connected in between the computer and the keyboard ie. it is inline with the keyboard cable connector and computer.It carries a drawback that is it needs physical installation and sometimes it may came to the notice of the user.
Software keylogger:
It has a greater success rate than its counter part because of its remotely administrative facility.he main drawback with it is that some times it get caught by some security tools installed in the system.It has also more functionalities than the hardware based one.Nowadays anti-sanboxie,anti-av option keyloggers are available which has increased its success rate.
How an attack through software keylogger is carried out?
1.The main thing is choosing a proper keylogger otherwise the attacker himself will be infected and give away his own password to some other person.
2.One would prefer "EasyLogger1.1.1"(image shown above) ,it is a freeware and stores the keystrokes in the email account mentioned in it.
3.It has anti-sanboxie/vmware and anti-Avs functionalities.
4.The most important thing is that as you can see it asks only for "Gmail username" and not the password which increases its popularity in comparision to its counter parts.
5.After entering all the information it makes a sever which is an .exe file
6.One should look out for a good stub file for it.
7.It should be made fully undetectable (FUD) to hide it from security tools.
by using a good crypter software or use hexing after making the sever.
8.Then a binder is used to bind it to some other file which can draw the victims attention like a torrent file,game,music file,image etc as we know virus comes with many extension.
"In this article we will basically concentrate on software based keylogging"
Hardware keylogger:
It does not need any software it is purely hardware based,it is connected in between the computer and the keyboard ie. it is inline with the keyboard cable connector and computer.It carries a drawback that is it needs physical installation and sometimes it may came to the notice of the user.
Software keylogger:
It has a greater success rate than its counter part because of its remotely administrative facility.he main drawback with it is that some times it get caught by some security tools installed in the system.It has also more functionalities than the hardware based one.Nowadays anti-sanboxie,anti-av option keyloggers are available which has increased its success rate.
How an attack through software keylogger is carried out?1.The main thing is choosing a proper keylogger otherwise the attacker himself will be infected and give away his own password to some other person.
2.One would prefer "EasyLogger1.1.1"(image shown above) ,it is a freeware and stores the keystrokes in the email account mentioned in it.
3.It has anti-sanboxie/vmware and anti-Avs functionalities.
4.The most important thing is that as you can see it asks only for "Gmail username" and not the password which increases its popularity in comparision to its counter parts.
5.After entering all the information it makes a sever which is an .exe file
6.One should look out for a good stub file for it.
7.It should be made fully undetectable (FUD) to hide it from security tools.
by using a good crypter software or use hexing after making the sever.
8.Then a binder is used to bind it to some other file which can draw the victims attention like a torrent file,game,music file,image etc as we know virus comes with many extension.
Keylogging(A lethal attack)
Reviewed by Satyajit (Admins,a.k.a Satosys)
on
Thursday, June 10, 2010
Rating:
Reviewed by Satyajit (Admins,a.k.a Satosys)
on
Thursday, June 10, 2010
Rating:
4 comments:
nyangkut disini sobat... :) nice info... visit us back
Thnx for visiting.... :-)
Very informative, good to know, Will be checking on the back of the computers that I use. I also noticed it was not usb based so that's a good things. Since most new computer keyboards and mouse are usb based.
Nice information..so where I can get it. Do you have referral link about this tools?