MODULE 8:- System Hacking
Keystroke logging with keystroke recorder software
Keystroke logging is a process to record keys pressed by Keyboard, and you can do this by hardware and software. keystroke recorder software records keyboards activity and store into a log file. In Company, managers use this software to track employees’s activity similar Parents use this software to secure their children from internet spam. In other hand Hacker used remote keylogger to capture username and password, Credit card information.
A keylogger is a hardware device or a software program that records the real time activity of a computer user including the keyboard keys they press.
Keyloggers are used in IT organizations to troubleshoot technical problems with computers and business networks. Keyloggers can also be used by a family (or business) to monitor the network usage of people without their direct knowledge. Finally, malicious individuals may use keyloggers on public computers to steal username and passwords or credit card information.
Most keyloggers allow not only keyboard keystrokes to be captured but also are often capable of collecting screen captures from the computer. Normal keylogging programs store their data on the local hard drive, but some are programmed to automatically transmit data over the network to a remote computer or Webserver.
Keyloggers are sometimes part of malware packages downloaded onto computers without the owners’ knowledge.
There are two types of keylogger are here hardware device keylogger or Software keylogger.
These are computer programs designed to work on the target computer’s software. Working as keyloger from a technical perspective there are several categories:
- Hypervisor-based: The keylogger can theoretically reside in a malware hypervisor running underneath the operating system, which remains untouched. It effectively becomes aVirtual-machine.
- Kernel-based: A program on the machine obtainsroot access to hide itself in the OS and starts intercepting keystrokes that pass through the kernel. Such keyloggers reside at the kernel level and are thus difficult to detect, especially for user-mode applications who don’t have root access. They are frequently implemented as rootkits.
- API-based: These keyloggershook keyboard APIs inside a running application. The keylogger registers for keystroke events, as if it was a normal piece of the application instead of malware. The keylogger receives an event each time the user presses or releases a key. The keylogger simply records it.
- Form grabbing based:Form grabbing -based keyloggers log web form submissions by recording the web browsing on submit events. These happen when the user finishes filling in a form and submits it usually by clicking a button or hitting enter. This records form data before it is passed over the Internet.
- Packet Analyzer: This involves capturing network traffic associated withHTTP Post events to retrieve unencrypted passwords. This is made more difficult when connecting via HTTPS.
- Remote access software keyloggers
These are local software keyloggers with an added feature that allows access to the locally recorded data from a remote location. Remote communication may be achieved using one of these methods:
- Data is uploaded to a website, database or anFTP
- Data is periodically emailed to a pre-definedemail address.
- Data iswirelessly transmitted by means of an attached hardware system.
- The software enables a remote login to the local machine from the Internet or the local network, for data logs stored on the target machine to be accessed.
- Firmware-based:BIOS -level firmware that handles keyboard events can be modified to record these events as they are processed. Physical and/or root-level access is required to the machine, and the software loaded into the BIOS needs to be created for the specific hardware that it will be running on.
- Keyboard hardware: Hardware keyloggers are used for keystroke logging by means of a hardware circuit that is attached somewhere in between thecomputer Keyboard and the computer, typically inline with the keyboard’s cable connector. There are also USB connectors based Hardware keyloggers as well as ones for Laptop.
- Wireless keyboard sniffers: These passive sniffers collect packets of data being transferred from a wireless keyboard and its receiver.
- Keyboard overlays: Criminals have been known to use keyboard overlays onATMs to capture people’s PINs. Each keypress is registered by the keyboard of the ATM as well as the criminal’s keypad that is placed over it. The device is designed to look like an integrated part of the machine so that bank customers are unaware of its presence.
- Acoustic keyloggers:Acoustic cryptanalysis can be used to monitor the sound created by someone typing on a computer. Each key on the keyboard makes a subtly different acoustic signature when struck. It is then possible to identify which keystroke signature relates to which keyboard character via statically method such as frequency analysis.
- Optical surveillance: A strategically placed camera, such as a hidden surveillance Camera at an ATM can allow a criminal to watch a PIN or password being entered.
- Smartphone sensors: Researchers have demonstrated that it is possible to capture the keystrokes of nearby computer keyboards using only the commodityaccelerometer found in smartphones. The attack is made possible by placing a smartphone nearby a keyboard on the same desk. The smartphone’s accelerometer can then detect the vibrations created by typing on the keyboard, and then translate this raw accelerometer signal into readable sentences with as much as 80 percent accuracy.