Keystroke Loggers

1
Keystroke Loggers

• By Areth Kellejian

2
Overview

• Definition
• Different Types
• How they work
• Few examples
• Uses
• Prevention
• Demo

3
What is a Keystroke Logger?

• A Keystroke Logger is a program that runs
  invisibly in the background that records all the
  keystrokes typed in by a user and saved to a log
  file.

4
Different Types of Key Loggers

• Software Based
• Installed without the target user knowing
• Can be created with different programming
  languages
• Hardware Based
• Physically plugged into the computer
• Chip can be installed directly into the keyboard
• USB Drive
• PS2 Keyboard Port
• Keyboard Extender

5
Software Based

• Runs invisibly in the background
• Can create logs
• Can email logs
• Can take screen shots
• Can capture clipboard

6
How do Software Based Keystroke Loggers Work?

• Low level keyboard hooks
• Kernel Based
• Using Windows API

7
Keyboard Hooks

• One of the most powerful features in an OS
• Programmer can trap all events
• Intercept events before reached by the program
• Can modify events
• Can discard events
• Can log events

8
Kernel Based

• Most difficult way to program a keystroke logger
  and most difficult way to detect
• They reside at the kernel level
• They subvert the OS and overpower
• Can act as a keyboard driver
• Keystrokes are snatched before the OS receives
  them

9
Using Windows API

• Creative method
• Import user32.dll (VB .net)
• or include windows.h (C)
• Use GetAsyncKeyState ()
• Use GetForegroundWindow()
• Use SetWindowsHookEx()

10
Example of Commercial Software based Key logger

• Perfect Keylogger
• http//www.blazingtools.com

11
General Options
12
Logging Options
13
Screenshots Options
14
Email Options
15
Alerts Options
16
Target Applications Option
17
Notification to user option
18
Viewing the Log
19
Viewing the Log
20
Viewing the Log
21
Viewing the Log
22
Hardware Based

• Are physically plugged into the computer
• USB Port
• PS2 Port
• Keyboard extension wire
• Microchip

23
Example of Hardware Based

• The Keeloggers
• http//www.keelog.com

24
USB Keylogger
25
How to retrieve log
26
USB Keylogger
27
USB Keylogger Log File
28
PS2 Keylogger
29
How to retrieve log
30
Circuit Keylogger
31
Installing the chip
32
Keyboard Wire Keylogger
33
Good Uses

• Make sure kids are not going to adult websites
• Make sure a public computer isnt being abused
• FBI Use Magic Lantern
• Debugging for software development

34
Bad Uses

• Spy on people without them knowing
• Spy on employees
• Invasion of privacy
• Steal Peoples passwords
• ID Theft

35
Ways to Prevent

• Anti virus software
• Anti Spyware software
• Looking at what is plugged into your PC
• Constantly check to see what programs are
  installed on your PC
• Firewall can stop transition of log
• Network Monitors

36
Ways to Prevent cont

• Automatic Form Filler Programs
• Alternative keyboard layouts
• Standard is QWERTY
• Can change it to DVORAK
• Create your own
• On screen click based keyboards
• Web based keyboards
• Alternate within Forms and type

37
On to the Demo

• Written in VB .Net
• Uses low level keyboard hook using windows API
• Found on Open Source website
• Written by Julien Gascon-Samson