Keyloggers BEATING THE SHIT OUT OF KEYBOARD SINCE QUITE A LONG TIME

HTTP://FIRSTPENTEST.NET

UDAYSHANKAR@FIRSTPENTEST.NET

HACKTUX@LIVE.COM

About Me

I play computer games via Steam

I make small games for Windows Platform with C#

Of Course I alone play my games because I am bad artist ;-)

I love topics like Malware dissection, malware analysis, reverse

engineering, exploit development, Anti-Forensics

Hobbyist programming and serious programming

Just another technologist who loves Information Security

MY Evil References

http://www.securelist.com/en/analysis/204792178/Keyloggers_Imple

menting_keyloggers_in_Windows_Part_Two

http://www.securelist.com/en/images/vlill/pic3en.png

http://blogs.msdn.com/b/toub/archive/2006/05/03/589423.aspx

http://msdn.microsoft.com/en-in/library/aa645739(v=vs.71).aspx

Today

We will understand how all different keyloggers work

This is not an exhaustive approach for :

Keylogger Programming

Spyware Programming

Making people cry for no reason

Becoming James Bond in One Day

Assuming anything about malware

We will look at basic steps to make a basic keylogger

Question to audience Is Spware.32 a Keylogger ?

Is Keylogger a spyware ?

Answer this and collect your golden ticket

*Conditons Apply

People may have different views

As far as my little brain can understand there are three types

Hardware keyloggers

Kernel/Driver keyloggers

Software Keyloggers via Hooking

A fourth possibility does exist. This was used on the mothership in startrek

Hardware Keyloggers

Keelog.com

http://www.securelist.com/en/analy

sis/204792178/Keyloggers_Implemen

ting_keyloggers_in_Windows_Part_T

wo

Kernel Driver Keylogger –

Keylogger

Any programming tapping keyboard activity and recording

keystrokes is a keylogger

When I say all, it does not really mean all programs, only the evil

ones

So your notepad.exe is a safe thing

Now before we program our

keylogger

Let’s Understand these topics fast (With Demo)

Event Handler

Mouse Events in specific

Keyboard Events are specific

DirectX in Windows

What is an API in a programming language

Securelist.com - Architecture

http://www.securelist.com/en/images/vlill/pic9en.png

Huge Picture

Here we will look at Hooking

What is a hook ?

Let’s demo-in on our basic keylogger #NOW

Are there anti-keyloggers that prevent hooking

How do you proceed further ?

This is where we can look into API Keyloggers

SetWindowsHookEx() is on Windows

Certain software are well integrated with keyboard

All PC Games require DirectX, So what is in there for us ?

We need to email the whole logged files or just transfer it

Can Metasploit help us here ?

Sharing my new little game

Now Do you want to play this awesome game that I just developed

the game is called “Commander Bond has your password”

The best place to infect is via torrents

Games, Game cracks, Software cracks

When you intend to do such a thing, it’s no more a keylogger

You will want to disguise

You will want to send receive data

You will want “Not To Be Detected”

Essentially, you create a spyware instead of a malware.

Look into additional topics like Screen Scraper Attacks

Have a nice spyware experience

Coming down to null meets on Saturday is fun

Waking up early on Saturday ain’t fun

Thank You for the time