Working on developing an app which stores sensitive information and you don't want it to be opened on jailbroken iPhone's.Read More
In my last post I gave a brief introduction to what a keylogger is. In summary a Keylogger is a piece of Hardware or Software that records your keystrokes (usually against your permission). This post is going to look explicitly at Software keyloggers.
In this post I'm also not going to cover any of the free keylogger software available out there for three reasons:
- Most of it is old.
- Most of it is very clunky.
- Its easily detected by Antivirus.
Instead I'm going to focus on Keylogger code.
What is a Software Keylogger?
A Software keylogger is different from the Hardware keyloggers we covered here. Software keyloggers essentially perform the same functions as Hardware keyloggers in that they log keystrokes however where as Hardware keyloggers require a dedicated device, software keyloggers only need to be written to run on a victims operating system. Software keyloggers also usually have more features builtin than hardware keyloggers, for example its quite common for software keyloggers to also take screenshots or in some cases even record video on periodic intervals and send them back to a remote server this would be quite difficult to do with a Hardware keylogger.
As fields like virtualisation and now containerisation have advanced in the last decade there has been an increase in the complexity and also functionality of software keyloggers there are now kinds of keyloggers which run explicitly from virtual machines or can detected when they have infected a virtual machine and act accordingly.
Keyloggers are actually quite easy to find on the internet. Just doing a quick google serach provides a goldmine of information you can user to create your own keylogger. Most of these examples are in Python or C++ heres a few of the best ones:
GitHub is an absolute treasure trove for keyloggers I have listed a few examples below but its also good to look at botnet code or trojans to see how they do keylogging as in some cases they might have a more efficient system than some of the ones below:
A few months ago i modified a C++ Keylogger and installed it on a virtual machine. heres some sample output:
In a nutshell one started all keys are logged to a file in C:\WINDOWS called KeyboardServices.txt to get the whole thing running from looking at some code samples and chopping and changing some bits the whole operation took an hour.
Im still fixing up some issues where it logs special characters as "Unknown Character" but it make deciphering text that little bit easier but it could get in the way if your trying to sniff passwords and all the special Characters are coming up as "Unknown Character".
If I ever setup GitHub I'll be sure to upload it and make a reference to it here.
Protecting Yourself from Software Keyloggers
Just like protecting yourself from hardware keyloggers many of the same rules/tips apply but I have included a few extra here:
- Always check any computer you are using for any strange peripheral devices.
- Make sure you thoroughly check any PC's or devices you purchase online to make sure you haven't received any "Bonus extras".
- Regularly audit your PC for peripheral devices.
- Use air gapped machines for any business or sensitive admin tasks.
- If you have to use a machine with a level of security you don't trust enter sensitive information out of order use the mouse cursor to help.
- Use a Key Scrambler program.
- Use Antivirus regularly. most Antivirus products detect keyloggers quite easily.
- Use additional Anti-malware / keylogger detection software.
- Periodically audit system locations for any suspicious files. The keylogger I wrote stores the keystrokes in the Windows Folder many may do the same or similar.
- Use a Password manager App to avoid keying in your password repeatedly.
As always please let me know if found this article useful or if you didn't, Don’t forget to like this post or leave a comment below to let me know another area you would be interested in reading about. Thanks for your continued support! Until next time!
Its been a year since I started security-sleuth.com. 2015 has been an amazing year for me on both a personal and professional level, I can definitely correlate a large part of my success and happiness this year to starting this blog and writing about security, about privacy and being able to share my thoughts with the world. although theres still a long list of things I would like to have completed this year I am happy with the momentum thats been building overall on the site and 2016 will be about expanding on that more than ever.
Heres some of what I mange to achieve in security-sleuth.com’s year zero:
- An average of 3,500 visitors to the site every month.
- One of the most popular metasploit tutorials on the internet you can read it here.
- Over 1000 twitter followers with almost no promotion.
- A tumblr site which people seem to be interested in.
- 34 Original posts on topics like:
- Interviews with Security Pro’s
- Thoughts on the Industry
Heres what I would like to do in the next year lets call it year one:
- More Tutorials on essential security and pentesting tools e.g. metasploit, nmap and many more.
- Hacking wearables!
- Drone Takedowns (getting close here)
- Some Posts on app Disassembly / Forensics
- Launching my password storage app for iOS
- More coverage of Privacy tools
- Get covered on a Security blogging site (Please reach out if you can help here)
- Put an eBook together
Also for the many emails I receive from people asking me how to hack people or asking for me to go through things i have already listed in the tutorial this ones for you:
As always thank you for your continued support, until next time!