RSS Feed (xml)

Powered By

Skin Design:

Powered by Blogger

Monday, April 14, 2008

Keystroke logging ( keyloggers)

Keystroke logging (often called keylogging) is a method of capturing and recording user keystrokes. Keylogging can be useful to determine sources of errors in computer systems, to study how users interact with systems, and is sometimes used to measure employee productivity on certain clerical tasks. Such systems are also highly useful for law enforcement and espionage—for instance, providing a means to obtain passwords or encryption keys and thus bypassing other security measures. Keyloggers are widely available on the Internet.
but the best one that i can recommend is Ardamax keylogger.

Types of keystroke loggers

1) Local Machine software Keyloggers – Are software programs that are designed to work on the target computer’s operating system. From a technical perspective they can be categorized into three categories:

  • Kernel based: This method is most difficult both to write, and combat. Such keyloggers reside at the kernel level and are thus practically invisible. They almost always subvert the OS kernel and gain unauthorized access to the hardware which makes them very powerful. A keylogger using this method can act as a keyboard driver for example, and thus gain access to any information typed on the keyboard as it goes to the Operating System.
  • Hook based: Such keyloggers hook the keyboard with functions provided by the OS. The OS warns them any time a key is pressed and it records it.
  • Creative Methods: Here the coder uses functions like GetAsyncKeyState, GetForegroundWindow, etc. These are the easiest to write, but as they require polling the state of each key several times per second, they can cause a noticeable increase in CPU usage and can miss the occasional key.

2) Remote Access software Keyloggers – Are local software keyloggers programmed with an added feature to transmit recorded data out of the target computer and make the data available to the monitor at a remote location. Remote communication is facilitated by one of four methods:

  • Data is uploaded to a website or an ftp account.
  • Data is periodically emailed to a pre-defined email address.
  • Data is wirelessly transmitted by means of an attached hardware system.
  • It allows the monitor to log into the local machine via the internet or ethernet and view the logs stored on the target machine itself.

3) Hardware Keyloggers - are used for keystroke logging by means of a hardware circuit that is attached somewhere in between the computer keyboard and the computer. It logs all keyboard activity to its internal memory which can be accessed by typing in a series of pre-defined characters. A hardware keylogger has an advantage over a software solution; because it is not dependent on the computers operating system it will not interfere with any program running on the target machine and hence cannot be detected by any software.

4) Remote Access Hardware Keyloggers – Or otherwise know as Wireless Hardware Keyloggers work in much the same way as regular hardware keyloggers. Except they have the ability to be controlled and monitored remotely by means of a wireless communication standard.

5) Wireless Keylogger sniffers - Collect packets of data being transferred from a wireless keyboard and its receiver and then attempts to crack the encryption key being used to secure wireless communications between the two devices.

6) Acoustic Keylogger - This concept is based on analysing a recording of the sound created by someone typing on a computer. Each character on the keyboard makes a subtely different acoustic signatures when stroked. Using statistical methods similar to decryption, it is then possible to identify which keystroke signature relates to which keyboard character. This is done by analysing the repetition frequency of similar acoustic keystroke signatures, the timings between different keyboard strokes and other context information such as the probable language in which the user is writing. As with decryption, a fairly long recording (1000 or more keystrokes) is required so that the statistics are meaningful.

1 comment:

Anonymous said...

hey post is nice yaar.keep it up gud work