SlideShare una empresa de Scribd logo

KeyLoggers - beating the shit out of keyboard since quite a long time

n|u - The Open Security Community
n|u - The Open Security Community

null Hyderabad Chapter - April 2013 Meet

EducaciónTecnologíaEntretenimiento y humor
1 de 17
Descargar para leer sin conexión
Keyloggers BEATING THE SHIT OUT OF KEYBOARD SINCE QUITE A LONG TIME HTTP://FIRSTPENTEST.NET UDAYSHANKAR@FIRSTPENTEST.NET HACKTUX@LIVE.COM
About Me  I play computer games via Steam  I make small games for Windows Platform with C#  Of Course I alone play my games because I am bad artist ;-)  I love topics like Malware dissection, malware analysis, reverse engineering, exploit development, Anti-Forensics  Hobbyist programming and serious programming  Just another technologist who loves Information Security
MY Evil References  http://www.securelist.com/en/analysis/204792178/Keyloggers_Imple menting_keyloggers_in_Windows_Part_Two  http://www.securelist.com/en/images/vlill/pic3en.png  http://blogs.msdn.com/b/toub/archive/2006/05/03/589423.aspx  http://msdn.microsoft.com/en-in/library/aa645739(v=vs.71).aspx
Today  We will understand how all different keyloggers work  This is not an exhaustive approach for :  Keylogger Programming  Spyware Programming  Making people cry for no reason   Becoming James Bond in One Day  Assuming anything about malware  We will look at basic steps to make a basic keylogger
Question to audience  Is Spware.32 a Keylogger ?  Is Keylogger a spyware ?  Answer this and collect your golden ticket *Conditons Apply
People may have different views  As far as my little brain can understand there are three types  Hardware keyloggers  Kernel/Driver keyloggers  Software Keyloggers via Hooking  A fourth possibility does exist. This was used on the mothership in startrek
Hardware Keyloggers Keelog.com
http://www.securelist.com/en/analy sis/204792178/Keyloggers_Implemen ting_keyloggers_in_Windows_Part_T wo Kernel Driver Keylogger –
Keylogger  Any programming tapping keyboard activity and recording keystrokes is a keylogger  When I say all, it does not really mean all programs, only the evil ones  So your notepad.exe is a safe thing
Now before we program our keylogger  Let’s Understand these topics fast (With Demo)  Event Handler  Mouse Events in specific  Keyboard Events are specific  DirectX in Windows  What is an API in a programming language
Securelist.com - Architecture  http://www.securelist.com/en/images/vlill/pic9en.png  Huge Picture
Here we will look at Hooking  What is a hook ?  Let’s demo-in on our basic keylogger #NOW  Are there anti-keyloggers that prevent hooking
How do you proceed further ?  This is where we can look into API Keyloggers  SetWindowsHookEx() is on Windows  Certain software are well integrated with keyboard  All PC Games require DirectX, So what is in there for us ?  We need to email the whole logged files or just transfer it  Can Metasploit help us here ?
Sharing my new little game  Now Do you want to play this awesome game that I just developed the game is called “Commander Bond has your password”
The best place to infect is via torrents  Games, Game cracks, Software cracks  When you intend to do such a thing, it’s no more a keylogger  You will want to disguise  You will want to send receive data  You will want “Not To Be Detected”  Essentially, you create a spyware instead of a malware.  Look into additional topics like Screen Scraper Attacks
Have a nice spyware experience  Coming down to null meets on Saturday is fun  Waking up early on Saturday ain’t fun  Thank You for the time

Recomendados

Spywares & Keyloggers
Spywares & KeyloggersSpywares & Keyloggers
Spywares & KeyloggersJithin James
 
Key logger,Why? and How to prevent Them?
Key logger,Why? and How to prevent Them?Key logger,Why? and How to prevent Them?
Key logger,Why? and How to prevent Them?Bibek Sharma
 
Keyloggers.ppt
Keyloggers.pptKeyloggers.ppt
Keyloggers.pptChetanmalviya8
 
Understanding Keylogger
Understanding KeyloggerUnderstanding Keylogger
Understanding KeyloggerPhannarith Ou, G-CISO
 
Keyloggers
KeyloggersKeyloggers
Keyloggerskdore
 
Keyloggers and Spywares
Keyloggers and SpywaresKeyloggers and Spywares
Keyloggers and SpywaresAnkit Mistry
 
What is keylogger
What is keyloggerWhat is keylogger
What is keyloggerhilarypark97
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware AnalysisAndrew McNicol
 

Recomendados

Spywares & Keyloggers
Spywares & KeyloggersSpywares & Keyloggers
Spywares & KeyloggersJithin James
 
Key logger,Why? and How to prevent Them?
Key logger,Why? and How to prevent Them?Key logger,Why? and How to prevent Them?
Key logger,Why? and How to prevent Them?Bibek Sharma
 
Keyloggers.ppt
Keyloggers.pptKeyloggers.ppt
Keyloggers.pptChetanmalviya8
 
Understanding Keylogger
Understanding KeyloggerUnderstanding Keylogger
Understanding KeyloggerPhannarith Ou, G-CISO
 
Keyloggers
KeyloggersKeyloggers
Keyloggerskdore
 
Keyloggers and Spywares
Keyloggers and SpywaresKeyloggers and Spywares
Keyloggers and SpywaresAnkit Mistry
 
What is keylogger
What is keyloggerWhat is keylogger
What is keyloggerhilarypark97
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware AnalysisAndrew McNicol
 
Keyloggers
KeyloggersKeyloggers
Keyloggersnovacharter
 
What is malware
What is malwareWhat is malware
What is malwareMalcolm York
 
Cyber Security Vulnerabilities
Cyber Security VulnerabilitiesCyber Security Vulnerabilities
Cyber Security VulnerabilitiesSiemplify
 
Malware- Types, Detection and Future
Malware- Types, Detection and FutureMalware- Types, Detection and Future
Malware- Types, Detection and Futurekaranwayne
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingNezar Alazzabi
 
malware analysis
malware analysismalware analysis
malware analysis20CS201AkashR
 
Ransomware Attack.pptx
Ransomware Attack.pptxRansomware Attack.pptx
Ransomware Attack.pptxIkramSabir4
 
Malware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyMalware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyOPSWAT
 
Malware analysis
Malware analysisMalware analysis
Malware analysisPrakashchand Suthar
 
Penetration testing
Penetration testingPenetration testing
Penetration testingNameen Singh
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application SecurityAbdul Wahid
 
Malware ppt
Malware pptMalware ppt
Malware pptFaiz Khan
 
Virus and malware presentation
Virus and malware presentationVirus and malware presentation
Virus and malware presentationAmjad Bhutto
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Edureka!
 
Industroyer: biggest threat to industrial control systems since Stuxnet by An...
Industroyer: biggest threat to industrial control systems since Stuxnet by An...Industroyer: biggest threat to industrial control systems since Stuxnet by An...
Industroyer: biggest threat to industrial control systems since Stuxnet by An...CODE BLUE
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionUmesh Dhital
 
Sql injection
Sql injectionSql injection
Sql injectionSasha-Leigh Garret
 
Common malware and countermeasures
Common malware and countermeasuresCommon malware and countermeasures
Common malware and countermeasuresNoushin Ahson
 
Software Security
Software SecuritySoftware Security
Software SecurityRoman Oliynykov
 
Metasploit framwork
Metasploit framworkMetasploit framwork
Metasploit framworkDeepanshu Gajbhiye
 
Keylogger
KeyloggerKeylogger
Keyloggerfrank
 
Detecting hardware keyloggers
Detecting hardware keyloggersDetecting hardware keyloggers
Detecting hardware keyloggersmihailowitsch
 

Más contenido relacionado

La actualidad más candente

Cyber Security Vulnerabilities
Cyber Security VulnerabilitiesCyber Security Vulnerabilities
Cyber Security VulnerabilitiesSiemplify
 
Malware- Types, Detection and Future
Malware- Types, Detection and FutureMalware- Types, Detection and Future
Malware- Types, Detection and Futurekaranwayne
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingNezar Alazzabi
 
Ransomware Attack.pptx
Ransomware Attack.pptxRansomware Attack.pptx
Ransomware Attack.pptxIkramSabir4
 
Malware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyMalware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyOPSWAT
 
Penetration testing
Penetration testingPenetration testing
Penetration testingNameen Singh
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application SecurityAbdul Wahid
 
Virus and malware presentation
Virus and malware presentationVirus and malware presentation
Virus and malware presentationAmjad Bhutto
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Edureka!
 
Industroyer: biggest threat to industrial control systems since Stuxnet by An...
Industroyer: biggest threat to industrial control systems since Stuxnet by An...Industroyer: biggest threat to industrial control systems since Stuxnet by An...
Industroyer: biggest threat to industrial control systems since Stuxnet by An...CODE BLUE
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionUmesh Dhital
 
Common malware and countermeasures
Common malware and countermeasuresCommon malware and countermeasures
Common malware and countermeasuresNoushin Ahson
 

La actualidad más candente (20)

Keyloggers
KeyloggersKeyloggers
Keyloggers
 
What is malware
What is malwareWhat is malware
What is malware
 
Cyber Security Vulnerabilities
Cyber Security VulnerabilitiesCyber Security Vulnerabilities
Cyber Security Vulnerabilities
 
Malware- Types, Detection and Future
Malware- Types, Detection and FutureMalware- Types, Detection and Future
Malware- Types, Detection and Future
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
 
malware analysis
malware analysismalware analysis
malware analysis
 
Ransomware Attack.pptx
Ransomware Attack.pptxRansomware Attack.pptx
Ransomware Attack.pptx
 
Malware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyMalware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny Czarny
 
Malware analysis
Malware analysisMalware analysis
Malware analysis
 
Penetration testing
Penetration testingPenetration testing
Penetration testing
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
 
Malware ppt
Malware pptMalware ppt
Malware ppt
 
Virus and malware presentation
Virus and malware presentationVirus and malware presentation
Virus and malware presentation
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...
 
Industroyer: biggest threat to industrial control systems since Stuxnet by An...
Industroyer: biggest threat to industrial control systems since Stuxnet by An...Industroyer: biggest threat to industrial control systems since Stuxnet by An...
Industroyer: biggest threat to industrial control systems since Stuxnet by An...
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
 
Sql injection
Sql injectionSql injection
Sql injection
 
Common malware and countermeasures
Common malware and countermeasuresCommon malware and countermeasures
Common malware and countermeasures
 
Software Security
Software SecuritySoftware Security
Software Security
 
Metasploit framwork
Metasploit framworkMetasploit framwork
Metasploit framwork
 

Destacado

Keylogger
KeyloggerKeylogger
Keyloggerfrank
 
Detecting hardware keyloggers
Detecting hardware keyloggersDetecting hardware keyloggers
Detecting hardware keyloggersmihailowitsch
 
Chapters 3 4
Chapters 3 4Chapters 3 4
Chapters 3 4sakshi_20
 
We Know Your Type
We Know Your TypeWe Know Your Type
We Know Your TypeCTIN
 
CEH - Module 6 : Trojans and Backdoors
CEH - Module 6 : Trojans and BackdoorsCEH - Module 6 : Trojans and Backdoors
CEH - Module 6 : Trojans and BackdoorsAvirot Mitamura
 
CyberLab CCEH Session - 6 Trojans and Backdoors
CyberLab CCEH Session - 6 Trojans and BackdoorsCyberLab CCEH Session - 6 Trojans and Backdoors
CyberLab CCEH Session - 6 Trojans and BackdoorsCyberLab
 
Detection of running backdoors
Detection of running backdoorsDetection of running backdoors
Detection of running backdoorsmridulahuja
 
Onapsis SAP Backdoors
Onapsis SAP BackdoorsOnapsis SAP Backdoors
Onapsis SAP BackdoorsOnapsis Inc.
 
Malware from the Consumer Jungle
Malware from the Consumer JungleMalware from the Consumer Jungle
Malware from the Consumer JungleJason S
 
Introduction to trojans and backdoors
Introduction to trojans and backdoorsIntroduction to trojans and backdoors
Introduction to trojans and backdoorsjibinmanjooran
 
Cehv8 - Module 06: Trojans and Backdoors
Cehv8 - Module 06: Trojans and BackdoorsCehv8 - Module 06: Trojans and Backdoors
Cehv8 - Module 06: Trojans and BackdoorsVuz Dở Hơi
 
Trojans and backdoors
Trojans and backdoorsTrojans and backdoors
Trojans and backdoorsGaurav Dalvi
 
researchpaper-Keystroke-Dynamics-Authentication-based-on-Principal-Component-...
researchpaper-Keystroke-Dynamics-Authentication-based-on-Principal-Component-...researchpaper-Keystroke-Dynamics-Authentication-based-on-Principal-Component-...
researchpaper-Keystroke-Dynamics-Authentication-based-on-Principal-Component-...Mina Khidhir
 

Destacado (17)

Keylogger
KeyloggerKeylogger
Keylogger
 
Detecting hardware keyloggers
Detecting hardware keyloggersDetecting hardware keyloggers
Detecting hardware keyloggers
 
Chapters 3 4
Chapters 3 4Chapters 3 4
Chapters 3 4
 
We Know Your Type
We Know Your TypeWe Know Your Type
We Know Your Type
 
Misspelled words
Misspelled wordsMisspelled words
Misspelled words
 
CEH - Module 6 : Trojans and Backdoors
CEH - Module 6 : Trojans and BackdoorsCEH - Module 6 : Trojans and Backdoors
CEH - Module 6 : Trojans and Backdoors
 
CyberLab CCEH Session - 6 Trojans and Backdoors
CyberLab CCEH Session - 6 Trojans and BackdoorsCyberLab CCEH Session - 6 Trojans and Backdoors
CyberLab CCEH Session - 6 Trojans and Backdoors
 
Detection of running backdoors
Detection of running backdoorsDetection of running backdoors
Detection of running backdoors
 
Keylogger
KeyloggerKeylogger
Keylogger
 
Onapsis SAP Backdoors
Onapsis SAP BackdoorsOnapsis SAP Backdoors
Onapsis SAP Backdoors
 
Malware from the Consumer Jungle
Malware from the Consumer JungleMalware from the Consumer Jungle
Malware from the Consumer Jungle
 
BackDoors Seminar
BackDoors SeminarBackDoors Seminar
BackDoors Seminar
 
Introduction to trojans and backdoors
Introduction to trojans and backdoorsIntroduction to trojans and backdoors
Introduction to trojans and backdoors
 
Keystroke dynamics
Keystroke dynamicsKeystroke dynamics
Keystroke dynamics
 
Cehv8 - Module 06: Trojans and Backdoors
Cehv8 - Module 06: Trojans and BackdoorsCehv8 - Module 06: Trojans and Backdoors
Cehv8 - Module 06: Trojans and Backdoors
 
Trojans and backdoors
Trojans and backdoorsTrojans and backdoors
Trojans and backdoors
 
researchpaper-Keystroke-Dynamics-Authentication-based-on-Principal-Component-...
researchpaper-Keystroke-Dynamics-Authentication-based-on-Principal-Component-...researchpaper-Keystroke-Dynamics-Authentication-based-on-Principal-Component-...
researchpaper-Keystroke-Dynamics-Authentication-based-on-Principal-Component-...
 

Similar a KeyLoggers - beating the shit out of keyboard since quite a long time

Secure Software: Action, Comedy or Drama? (2017 edition)
Secure Software: Action, Comedy or Drama? (2017 edition)Secure Software: Action, Comedy or Drama? (2017 edition)
Secure Software: Action, Comedy or Drama? (2017 edition)Peter Sabev
 
Engine terminology
Engine terminologyEngine terminology
Engine terminologythomasmcd6
 
How to hide your browser 0-days
How to hide your browser 0-daysHow to hide your browser 0-days
How to hide your browser 0-daysZoltan Balazs
 
Introduction to html5 game programming with impact js
Introduction to html5 game programming with impact jsIntroduction to html5 game programming with impact js
Introduction to html5 game programming with impact jsLuca Galli
 
Information security & ethical hacking
Information security & ethical hackingInformation security & ethical hacking
Information security & ethical hackingeiti panchkula
 
Firewalls (Distributed computing)
Firewalls (Distributed computing)Firewalls (Distributed computing)
Firewalls (Distributed computing)Sri Prasanna
 
Pwning Windows Mobile applications by Ankit Giri
Pwning Windows Mobile applications by Ankit GiriPwning Windows Mobile applications by Ankit Giri
Pwning Windows Mobile applications by Ankit GiriOWASP Delhi
 
Easy coding a multi device game with FireMonkey
Easy coding a multi device game with FireMonkeyEasy coding a multi device game with FireMonkey
Easy coding a multi device game with FireMonkeypprem
 
[HUN] Hackersuli - Console and arcade game hacking – history, present, future
[HUN] Hackersuli - Console and arcade game hacking – history, present, future[HUN] Hackersuli - Console and arcade game hacking – history, present, future
[HUN] Hackersuli - Console and arcade game hacking – history, present, futurehackersuli
 
Ransomware - what is it, how to protect against it
Ransomware - what is it, how to protect against itRansomware - what is it, how to protect against it
Ransomware - what is it, how to protect against itZoltan Balazs
 
Game development with Cocos2d-x Engine
Game development with Cocos2d-x EngineGame development with Cocos2d-x Engine
Game development with Cocos2d-x EngineDuy Tan Geek
 
Busy Developer's Guide to Windows 8 HTML/JavaScript Apps
Busy Developer's Guide to Windows 8 HTML/JavaScript AppsBusy Developer's Guide to Windows 8 HTML/JavaScript Apps
Busy Developer's Guide to Windows 8 HTML/JavaScript AppsJAX London
 
Learn awesome hacking tricks
Learn awesome hacking tricksLearn awesome hacking tricks
Learn awesome hacking tricksSudhanshu Mishra
 
Reversing & Malware Analysis Training Part 9 - Advanced Malware Analysis
Reversing & Malware Analysis Training Part 9 - Advanced Malware AnalysisReversing & Malware Analysis Training Part 9 - Advanced Malware Analysis
Reversing & Malware Analysis Training Part 9 - Advanced Malware Analysissecurityxploded
 
Ransomware for fun and non-profit
Ransomware for fun and non-profitRansomware for fun and non-profit
Ransomware for fun and non-profitYouness Zougar
 
Video game development for everybody
Video game development for everybodyVideo game development for everybody
Video game development for everybodySarah Sexton
 

Similar a KeyLoggers - beating the shit out of keyboard since quite a long time (20)

Secure Software: Action, Comedy or Drama? (2017 edition)
Secure Software: Action, Comedy or Drama? (2017 edition)Secure Software: Action, Comedy or Drama? (2017 edition)
Secure Software: Action, Comedy or Drama? (2017 edition)
 
Hacking
HackingHacking
Hacking
 
Engine terminology
Engine terminologyEngine terminology
Engine terminology
 
Basic malware analysis
Basic malware analysisBasic malware analysis
Basic malware analysis
 
How to hide your browser 0-days
How to hide your browser 0-daysHow to hide your browser 0-days
How to hide your browser 0-days
 
Introduction to html5 game programming with impact js
Introduction to html5 game programming with impact jsIntroduction to html5 game programming with impact js
Introduction to html5 game programming with impact js
 
Information security & ethical hacking
Information security & ethical hackingInformation security & ethical hacking
Information security & ethical hacking
 
Understand study
Understand studyUnderstand study
Understand study
 
Basic malware analysis
Basic malware analysis Basic malware analysis
Basic malware analysis
 
Firewalls (Distributed computing)
Firewalls (Distributed computing)Firewalls (Distributed computing)
Firewalls (Distributed computing)
 
Pwning Windows Mobile applications by Ankit Giri
Pwning Windows Mobile applications by Ankit GiriPwning Windows Mobile applications by Ankit Giri
Pwning Windows Mobile applications by Ankit Giri
 
Easy coding a multi device game with FireMonkey
Easy coding a multi device game with FireMonkeyEasy coding a multi device game with FireMonkey
Easy coding a multi device game with FireMonkey
 
[HUN] Hackersuli - Console and arcade game hacking – history, present, future
[HUN] Hackersuli - Console and arcade game hacking – history, present, future[HUN] Hackersuli - Console and arcade game hacking – history, present, future
[HUN] Hackersuli - Console and arcade game hacking – history, present, future
 
Ransomware - what is it, how to protect against it
Ransomware - what is it, how to protect against itRansomware - what is it, how to protect against it
Ransomware - what is it, how to protect against it
 
Game development with Cocos2d-x Engine
Game development with Cocos2d-x EngineGame development with Cocos2d-x Engine
Game development with Cocos2d-x Engine
 
Busy Developer's Guide to Windows 8 HTML/JavaScript Apps
Busy Developer's Guide to Windows 8 HTML/JavaScript AppsBusy Developer's Guide to Windows 8 HTML/JavaScript Apps
Busy Developer's Guide to Windows 8 HTML/JavaScript Apps
 
Learn awesome hacking tricks
Learn awesome hacking tricksLearn awesome hacking tricks
Learn awesome hacking tricks
 
Reversing & Malware Analysis Training Part 9 - Advanced Malware Analysis
Reversing & Malware Analysis Training Part 9 - Advanced Malware AnalysisReversing & Malware Analysis Training Part 9 - Advanced Malware Analysis
Reversing & Malware Analysis Training Part 9 - Advanced Malware Analysis
 
Ransomware for fun and non-profit
Ransomware for fun and non-profitRansomware for fun and non-profit
Ransomware for fun and non-profit
 
Video game development for everybody
Video game development for everybodyVideo game development for everybody
Video game development for everybody
 

Más de n|u - The Open Security Community

Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...n|u - The Open Security Community
 

Más de n|u - The Open Security Community (20)

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
 
Osint primer
Osint primerOsint primer
Osint primer
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
 
Introduction to TLS 1.3
Introduction to TLS 1.3Introduction to TLS 1.3
Introduction to TLS 1.3
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
 
Cloud security
Cloud security Cloud security
Cloud security
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
 

Último

1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...
Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...
Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...RKavithamani
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 

Último (20)

1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...
Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...
Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 

KeyLoggers - beating the shit out of keyboard since quite a long time

  • 1. Keyloggers BEATING THE SHIT OUT OF KEYBOARD SINCE QUITE A LONG TIME HTTP://FIRSTPENTEST.NET UDAYSHANKAR@FIRSTPENTEST.NET HACKTUX@LIVE.COM
  • 2. About Me  I play computer games via Steam  I make small games for Windows Platform with C#  Of Course I alone play my games because I am bad artist ;-)  I love topics like Malware dissection, malware analysis, reverse engineering, exploit development, Anti-Forensics  Hobbyist programming and serious programming  Just another technologist who loves Information Security
  • 3. MY Evil References  http://www.securelist.com/en/analysis/204792178/Keyloggers_Imple menting_keyloggers_in_Windows_Part_Two  http://www.securelist.com/en/images/vlill/pic3en.png  http://blogs.msdn.com/b/toub/archive/2006/05/03/589423.aspx  http://msdn.microsoft.com/en-in/library/aa645739(v=vs.71).aspx
  • 4. Today  We will understand how all different keyloggers work  This is not an exhaustive approach for :  Keylogger Programming  Spyware Programming  Making people cry for no reason   Becoming James Bond in One Day  Assuming anything about malware  We will look at basic steps to make a basic keylogger
  • 5. Question to audience  Is Spware.32 a Keylogger ?  Is Keylogger a spyware ?  Answer this and collect your golden ticket *Conditons Apply
  • 6. People may have different views  As far as my little brain can understand there are three types  Hardware keyloggers  Kernel/Driver keyloggers  Software Keyloggers via Hooking  A fourth possibility does exist. This was used on the mothership in startrek
  • 9.
  • 10. Keylogger  Any programming tapping keyboard activity and recording keystrokes is a keylogger  When I say all, it does not really mean all programs, only the evil ones  So your notepad.exe is a safe thing
  • 11. Now before we program our keylogger  Let’s Understand these topics fast (With Demo)  Event Handler  Mouse Events in specific  Keyboard Events are specific  DirectX in Windows  What is an API in a programming language
  • 12. Securelist.com - Architecture  http://www.securelist.com/en/images/vlill/pic9en.png  Huge Picture
  • 13. Here we will look at Hooking  What is a hook ?  Let’s demo-in on our basic keylogger #NOW  Are there anti-keyloggers that prevent hooking
  • 14. How do you proceed further ?  This is where we can look into API Keyloggers  SetWindowsHookEx() is on Windows  Certain software are well integrated with keyboard  All PC Games require DirectX, So what is in there for us ?  We need to email the whole logged files or just transfer it  Can Metasploit help us here ?
  • 15. Sharing my new little game  Now Do you want to play this awesome game that I just developed the game is called “Commander Bond has your password”
  • 16. The best place to infect is via torrents  Games, Game cracks, Software cracks  When you intend to do such a thing, it’s no more a keylogger  You will want to disguise  You will want to send receive data  You will want “Not To Be Detected”  Essentially, you create a spyware instead of a malware.  Look into additional topics like Screen Scraper Attacks
  • 17. Have a nice spyware experience  Coming down to null meets on Saturday is fun  Waking up early on Saturday ain’t fun  Thank You for the time