kartracer1

Undetectable Hadware logger

14 posts in this topic

Researching USB keyboard loggers and I'm getting conflicting reports about how hidden they are. I checked out KeyGhost and KeyGrabber (love the Nano) but heard these could be visible as a USB device or even an external drive. Is this true or there an easy way defeat that? It would have to stay hidden after reboots and/or installing hardware/software etc. Not on a network but this computer is used often to VPN into a network.

Yep, bit of a noob here so don't nuke me on the dumb questions.

0

Share this post


Link to post
Share on other sites

initially upon first insertion of the usb keylogger your system might show that a usb device or usb keyboard (depending on which usb keylogger you have) has been plugged in, but after that they should be fairly undetectable to the average user.

also, they do not work on some new mac keyboards. I've found this out from personal experience

0

Share this post


Link to post
Share on other sites

initially upon first insertion of the usb keylogger your system might show that a usb device or usb keyboard (depending on which usb keylogger you have) has been plugged in, but after that they should be fairly undetectable to the average user.

also, they do not work on some new mac keyboards. I've found this out from personal experience

Awesome, thanks for the reply. I've give it a try and test it out.

0

Share this post


Link to post
Share on other sites

Anybody have one of these? I would be interested in what $lsusb brings back as a device name. If it's unique enough, you could write a script/cron to grep and alert. You could also script for changes as well, this would at least alert you to check the back of your box. I played with the KeyKatcher 32 and 128 in the ancient times (it was PS2) :).

0

Share this post


Link to post
Share on other sites

Anybody have one of these? I would be interested in what $lsusb brings back as a device name. If it's unique enough, you could write a script/cron to grep and alert. You could also script for changes as well, this would at least alert you to check the back of your box. I played with the KeyKatcher 32 and 128 in the ancient times (it was PS2) :).

Good question. I will check mine out shortly...

0

Share this post


Link to post
Share on other sites

Researching USB keyboard loggers and I'm getting conflicting reports about how hidden they are. I checked out KeyGhost and KeyGrabber (love the Nano) but heard these could be visible as a USB device or even an external drive. Is this true or there an easy way defeat that? It would have to stay hidden after reboots and/or installing hardware/software etc. Not on a network but this computer is used often to VPN into a network.

Yep, bit of a noob here so don't nuke me on the dumb questions.

This would be easy to implement (someone could find out what kind of keyboard you use then switch it out with a tainted, identical model). It's propbably pretty stealthy, too.

module_hardware_keylogger_02.jpg

Made by the same people that make KeyGrabber.

link: http://www.keelog.com/hardware_keyboard_logger.html

0

Share this post


Link to post
Share on other sites

Researching USB keyboard loggers and I'm getting conflicting reports about how hidden they are. I checked out KeyGhost and KeyGrabber (love the Nano) but heard these could be visible as a USB device or even an external drive. Is this true or there an easy way defeat that? It would have to stay hidden after reboots and/or installing hardware/software etc. Not on a network but this computer is used often to VPN into a network.

Yep, bit of a noob here so don't nuke me on the dumb questions.

Why not use software keylogger? Hardware keylogger or usb keylogger is easily detected and deleted, even the person who doesn't know what it is can remove it. But some good software keylogger is an undetectable and invisible spy software.The software keylogger is more popular online, and more importanly, it runs with many applications and browsers. In addition, some spy software like remote spy can be installed without physically accessing, but the hardware keylogger must be installed with people themselves.

Edited by chock
0

Share this post


Link to post
Share on other sites

There is quite a list of software keyloggers avalible on TPB.

0

Share this post


Link to post
Share on other sites

The keylogger software is invisible. Keylogger hardware can be finded.

-1

Share this post


Link to post
Share on other sites

wrote my own keylogger with JAVA the other day, logs all keystrokes to one of my online servers where I can filter and use as neccesary.

quite easy actually

0

Share this post


Link to post
Share on other sites

wrote my own keylogger with JAVA the other day, logs all keystrokes to one of my online servers where I can filter and use as neccesary.

quite easy actually

Learning Java myself at the moment as well as Python now thanks to some more courses offered by Stanford although I'm not sure it is Stanford I just know it is done by Udacity and the some of the guys who did the ai-class last year.

So I was going to ask are you willing to post the code up? And if so would you, please?

0

Share this post


Link to post
Share on other sites

You're best option is to try to combine hardware and software. First, you get a nice stealthy software keylogger (or eavesdropper in general). Then, you get it onto the machine via a hardware attack to bypass defences & maybe obscure it further. The USB HID attack is nice for shells. My favorite of all time, due to Apple popularity, is the firewire attack. If they don't have an IOMMU, Firewire bypasses the OS protections altogether to give you full read-write access to RAM (see DMA). You can actually do a lot more than keylog with that kind of intrusion. Lastly, you can always pull a blue pill style attack or other subversion where the OS is running on top of or alongside highly privileged trojan that's intercepting data & invisible to the Windows system.

Nick P

schneier.com

0

Share this post


Link to post
Share on other sites

Researching USB keyboard loggers and I'm getting conflicting reports about how hidden they are. I checked out KeyGhost and KeyGrabber (love the Nano) but heard these could be visible as a USB device or even an external drive. Is this true or there an easy way defeat that? It would have to stay hidden after reboots and/or installing hardware/software etc. Not on a network but this computer is used often to VPN into a network.

Yep, bit of a noob here so don't nuke me on the dumb questions.

You can use the keylogger software.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now