Keylogging

SharkWound

Firstly im not really a computer expert regarding programming and software. Im curious to know if anyone has ever used keylogging programmes/software.

If so what did they think of it. Basically its software which allows the user to see what keys were pressed either on their own computer or on someone else's computer.

Any views or opinions would be of interest..

Martyr

youll be lucky if you get anyone here admitting they used key loggers before

views and opinions on them ethically? or technically?

you could say they've never been used for anything other than malicious purposes.

biko

Generally there are two types, SW and HW.
The SW is as you described it, a piece of software that will record keystrokes. Some will send them off to the creator for him to try to access your bank/school/facebook/...

The hardware logger is a dongle that is put between the PC tower and the keyboard cable. This is the reason I'm vary of using internet shops.
I've never seen it used for good and would probably treat a person that writes loggers the same way I'd treat a virus maker or spammer, i.e. I'd treat them to a big boot up the ****.

d-a-s-h

Whilst I am neither confirming or denying that I have used one before :P

I can say that there are many different types of keyloggers out there. You can get software based ones and you can get hardware based ones.

The software ones can be detected more easily as its more likely that someone will look through the active processes running than pulling the computer out from the wall.

The hardware based ones can come in the form of a usb that allows you to plug the keyboard into it, and then you plug that into the computer allowing every single stroke on the keyboard to be recorded.

The software based ones however have the advantage of sometimes being able to record mouse clicks as well, which may or may not suit, depending on your reason for using them.

Keyloggers are an invasion of privacy and as such if you are caught using them, in work for example, there can be pretty serious repercussions. As such I would strongly advise being very cautious about a.) using them and b.) getting caught haha

bmm

If you were worried about your pc being compromised by keylogging software could you use key scrambling software like the one here to encrypt the keystrokes ??

http://download.cnet.com/KeyScrambler-Personal/3000-2144_4-10571274.html?tag=mncol

d-a-s-h

bmm wrote: »

If you were worried about your pc being compromised by keylogging software could you use key scrambling software like the one here to encrypt the keystrokes ??

http://download.cnet.com/KeyScrambler-Personal/3000-2144_4-10571274.html?tag=mncol

this would work with software key loggers not hardware ones i'm afraid.
why not just bring in your own laptop if your worried?

estreetb

surely the hardware keyloggers are easily seen and then removed.

LoLth

estreetb wrote: »

surely the hardware keyloggers are easily seen and then removed.

if you're looking for them. If the PC is under a desk for example , or an the desk in the back corner. Most people dont look at where the keyboard is connected to the PC, they just see the wire go in the general direction and their brain registers that as OK.

Alternatively you could mark the dongle with a bluetooth sticker

There was an example of hardware keylogging I heard of before but have no idea if its true or not: basically office person "won" a cool keyboard from some random internet giveaway. The keyboard was a nice microsoft ergonomic thing, abotu $100 worth of hardware, unfortunately the prize was a fake and in reality had a hardware keylogger built into it (a small circuit board that connects to the keyboard circuit board).

As I said, I have no idea if its true, could just have been the instructor spreading urban myths in an attemtp to scare the class but its not beyond the realms of possibility and would certainly be a lot harder to spot. If your company received an extra few MS valu keyboards in a shipment , or if some keyboards from stock got modified before being rolled out to the floor - could happen at any time during storage and be deployed anytime later.

would be a lot harder to spot the keylogger there. thing that always confused me about that story is, would the PC not realise that there's somethign wrong with a keyboard trying to send information across the internet?

Capt'n Midnight

bmm wrote: »

If you were worried about your pc being compromised by keylogging software could you use key scrambling software like the one here to encrypt the keystrokes ??

http://download.cnet.com/KeyScrambler-Personal/3000-2144_4-10571274.html?tag=mncol

LOL what's to stop they key logger hooking itself into the keyboard driver too ?
only works if they can write better software than the keyloggers

it only protects the browser, and at a guess it might not even protect against cross-site stuff

you can also log keys by using webcams, or listening to the noise a key press makes

Amalgam

You can buy hardware logger keyboards of popular Microsoft keyboards, pre-modded, internally.

Some of the dongles are quite sophisticated, particularly the PS plug versions, as, unlike the USB dongle, will not pop up as an extra device..

Activate a keyboard combo and a telnet like screen pops up in notepad and dumps its contents, along with various other commands.

A lot of viewing material on YouTube.

estreetb

can webcams be activated to keylog by a third party from a remote location

and if so

can a webcam be disabled on a pc rather than just turned off

LoLth

yes and yes to your webcam questions.

estreetb

pray tell how it works

Capt'n Midnight

you could just put a sticker in front of the web cam , simples

mehmeh12

Capt'n Midnight wrote: »

you could just put a sticker in front of the web cam , simples

Or a piece of bluetack when cam is not in use :pac:

In relation to keyloggers Im using ubuntu so software keyloggers cant be installed that easily no? And Im the only user of this pc so I think I would notice is the pc had been tampered with-like a misplaced usb key?

LoLth

keylogging and malware in general is rarer for linux platforms but that doesnt mean they are safe, it just means attacks are less frequent. Also, most non-script kiddie hackers are linux users themselves with a lot of linux know-how, they'll own a linux box almost as easily as a windows one. Of course, this all depends on your security and patch levels.

pieface_ie

if your worried about keyloggers,when inputting important passwords do the following,say your login password to your email account is MARY38712

type in MARY then 712 now (youl have MARY712) now click in between mary and 712 and add 38 so you now have MARY38712

The keylogger will have recorded this as MARY71238,as it is only recording keystrokes and not your actual password been transmittted.

hope this makes sence to ya.

cheers