KeyLoggers - beating the shit out of keyboard since quite a long time
1. Keyloggers
BEATING THE SHIT OUT OF KEYBOARD SINCE QUITE A LONG TIME
HTTP://FIRSTPENTEST.NET
UDAYSHANKAR@FIRSTPENTEST.NET
HACKTUX@LIVE.COM
2. About Me
I play computer games via Steam
I make small games for Windows Platform with C#
Of Course I alone play my games because I am bad artist ;-)
I love topics like Malware dissection, malware analysis, reverse
engineering, exploit development, Anti-Forensics
Hobbyist programming and serious programming
Just another technologist who loves Information Security
4. Today
We will understand how all different keyloggers work
This is not an exhaustive approach for :
Keylogger Programming
Spyware Programming
Making people cry for no reason
Becoming James Bond in One Day
Assuming anything about malware
We will look at basic steps to make a basic keylogger
5. Question to audience
Is Spware.32 a Keylogger ?
Is Keylogger a spyware ?
Answer this and collect your golden ticket
*Conditons Apply
6. People may have different views
As far as my little brain can understand there are three types
Hardware keyloggers
Kernel/Driver keyloggers
Software Keyloggers via Hooking
A fourth possibility does exist. This was used on the mothership in startrek
10. Keylogger
Any programming tapping keyboard activity and recording
keystrokes is a keylogger
When I say all, it does not really mean all programs, only the evil
ones
So your notepad.exe is a safe thing
11. Now before we program our
keylogger
Let’s Understand these topics fast (With Demo)
Event Handler
Mouse Events in specific
Keyboard Events are specific
DirectX in Windows
What is an API in a programming language
13. Here we will look at Hooking
What is a hook ?
Let’s demo-in on our basic keylogger #NOW
Are there anti-keyloggers that prevent hooking
14. How do you proceed further ?
This is where we can look into API Keyloggers
SetWindowsHookEx() is on Windows
Certain software are well integrated with keyboard
All PC Games require DirectX, So what is in there for us ?
We need to email the whole logged files or just transfer it
Can Metasploit help us here ?
15. Sharing my new little game
Now Do you want to play this awesome game that I just developed
the game is called “Commander Bond has your password”
16. The best place to infect is via torrents
Games, Game cracks, Software cracks
When you intend to do such a thing, it’s no more a keylogger
You will want to disguise
You will want to send receive data
You will want “Not To Be Detected”
Essentially, you create a spyware instead of a malware.
Look into additional topics like Screen Scraper Attacks
17. Have a nice spyware experience
Coming down to null meets on Saturday is fun
Waking up early on Saturday ain’t fun
Thank You for the time