keyloggers - beating the shit out of keyboard since quite a long time
DESCRIPTION
null Hyderabad Chapter - April 2013 MeetTRANSCRIPT
Keyloggers BEATING THE SHIT OUT OF KEYBOARD SINCE QUITE A LONG TIME
HTTP://FIRSTPENTEST.NET
About Me
I play computer games via Steam
I make small games for Windows Platform with C#
Of Course I alone play my games because I am bad artist ;-)
I love topics like Malware dissection, malware analysis, reverse
engineering, exploit development, Anti-Forensics
Hobbyist programming and serious programming
Just another technologist who loves Information Security
MY Evil References
http://www.securelist.com/en/analysis/204792178/Keyloggers_Imple
menting_keyloggers_in_Windows_Part_Two
http://www.securelist.com/en/images/vlill/pic3en.png
http://blogs.msdn.com/b/toub/archive/2006/05/03/589423.aspx
http://msdn.microsoft.com/en-in/library/aa645739(v=vs.71).aspx
Today
We will understand how all different keyloggers work
This is not an exhaustive approach for :
Keylogger Programming
Spyware Programming
Making people cry for no reason
Becoming James Bond in One Day
Assuming anything about malware
We will look at basic steps to make a basic keylogger
Question to audience Is Spware.32 a Keylogger ?
Is Keylogger a spyware ?
Answer this and collect your golden ticket
*Conditons Apply
People may have different views
As far as my little brain can understand there are three types
Hardware keyloggers
Kernel/Driver keyloggers
Software Keyloggers via Hooking
A fourth possibility does exist. This was used on the mothership in startrek
Hardware Keyloggers
Keelog.com
http://www.securelist.com/en/analy
sis/204792178/Keyloggers_Implemen
ting_keyloggers_in_Windows_Part_T
wo
Kernel Driver Keylogger –
Keylogger
Any programming tapping keyboard activity and recording
keystrokes is a keylogger
When I say all, it does not really mean all programs, only the evil
ones
So your notepad.exe is a safe thing
Now before we program our
keylogger
Let’s Understand these topics fast (With Demo)
Event Handler
Mouse Events in specific
Keyboard Events are specific
DirectX in Windows
What is an API in a programming language
Securelist.com - Architecture
http://www.securelist.com/en/images/vlill/pic9en.png
Huge Picture
Here we will look at Hooking
What is a hook ?
Let’s demo-in on our basic keylogger #NOW
Are there anti-keyloggers that prevent hooking
How do you proceed further ?
This is where we can look into API Keyloggers
SetWindowsHookEx() is on Windows
Certain software are well integrated with keyboard
All PC Games require DirectX, So what is in there for us ?
We need to email the whole logged files or just transfer it
Can Metasploit help us here ?
Sharing my new little game
Now Do you want to play this awesome game that I just developed
the game is called “Commander Bond has your password”
The best place to infect is via torrents
Games, Game cracks, Software cracks
When you intend to do such a thing, it’s no more a keylogger
You will want to disguise
You will want to send receive data
You will want “Not To Be Detected”
Essentially, you create a spyware instead of a malware.
Look into additional topics like Screen Scraper Attacks
Have a nice spyware experience
Coming down to null meets on Saturday is fun
Waking up early on Saturday ain’t fun
Thank You for the time