Open post

Keystroke logging with keystroke recorder and its types

MODULE 8:- System Hacking

  1. How to get administrator privileges on windows 10
  2. Best keylogger Windows 10 pc – Full tutorial
  3. Keystroke logging with keystroke recorder and its types
  4. Top 10 Tools Used For Maintaining Access of Exploited System

Keystroke logging with keystroke recorder software

Keystroke logging is a process to record keys pressed by Keyboard, and you can do this by hardware and software. keystroke recorder software records keyboards activity and store into a log file. In Company, managers use this software to track employees’s activity similar Parents use this software to secure their children from internet spam. In other hand Hacker used remote keylogger   to capture username and password, Credit card information.

Key logger:

keylogger is a hardware device or a software program that records the real time activity of a computer user including the keyboard keys they press.Keystroke logging with elite keylogger

Keyloggers are used in IT organizations to troubleshoot technical problems with computers and business networks. Keyloggers can also be used by a family (or business) to monitor the network usage of people without their direct knowledge. Finally, malicious individuals may use keyloggers on public computers to steal username and passwords or credit card information.

Most keyloggers allow not only keyboard keystrokes to be captured but also are often capable of collecting screen captures from the computer. Normal keylogging programs store their data on the local hard drive, but some are programmed to automatically transmit data over the network to a remote computer or Webserver.

Keyloggers are sometimes part of malware packages downloaded onto computers without the owners’ knowledge.

Keylogger Types:

There are two types of keylogger are here hardware device keylogger or Software keylogger.

keylogger software and keylogger hardware

Software Keylogger:

These are computer programs designed to work on the target computer’s software. Working as keyloger from a technical perspective there are several categories:

  • Hypervisor-based: The keylogger can theoretically reside in a malware hypervisor running underneath the operating system, which remains untouched. It effectively becomes aVirtual-machine.
  • Kernel-based: A program on the machine obtainsroot access to hide itself in the OS and starts intercepting keystrokes that pass through the kernel. Such keyloggers reside at the kernel level and are thus difficult to detect, especially for user-mode applications who don’t have root access. They are frequently implemented as rootkits.
  • API-based: These keyloggershook keyboard APIs inside a running application. The keylogger registers for keystroke events, as if it was a normal piece of the application instead of malware. The keylogger receives an event each time the user presses or releases a key. The keylogger simply records it.
  • Form grabbing based:Form grabbing -based keyloggers log web form submissions by recording the web browsing on submit events. These happen when the user finishes filling in a form and submits it usually by clicking a button or hitting enter. This records form data before it is passed over the Internet.
  • Packet Analyzer: This involves capturing network traffic associated withHTTP Post events to retrieve unencrypted passwords. This is made more difficult when connecting via HTTPS.
  • Remote access software keyloggers

These are local software keyloggers with an added feature that allows access to the locally recorded data from a remote location. Remote communication may be achieved using one of these methods:

  • Data is uploaded to a website, database or anFTP
  • Data is periodically emailed to a pre-definedemail address.
  • Data iswirelessly transmitted by means of an attached hardware system.
  • The software enables a remote login to the local machine from the Internet or the local network, for data logs stored on the target machine to be accessed.

Hardware Keylogger:

Hardware-based keyloggers do not depend upon any software being installed as they exist at a hardware level in a computer system.
keyboard logger Hardware

  • Firmware-based:BIOS -level firmware that handles keyboard events can be modified to record these events as they are processed. Physical and/or root-level access is required to the machine, and the software loaded into the BIOS needs to be created for the specific hardware that it will be running on.
  • Keyboard hardware: Hardware keyloggers are used for keystroke logging by means of a hardware circuit that is attached somewhere in between thecomputer Keyboard and the computer, typically inline with the keyboard’s cable connector. There are also USB connectors based Hardware keyloggers as well as ones for Laptop.
  • Wireless keyboard sniffers: These passive sniffers collect packets of data being transferred from a wireless keyboard and its receiver.
  • Keyboard overlays: Criminals have been known to use keyboard overlays onATMs to capture people’s PINs. Each keypress is registered by the keyboard of the ATM as well as the criminal’s keypad that is placed over it. The device is designed to look like an integrated part of the machine so that bank customers are unaware of its presence.
  • Acoustic keyloggers:Acoustic cryptanalysis can be used to monitor the sound created by someone typing on a computer. Each key on the keyboard makes a subtly different acoustic signature when struck. It is then possible to identify which keystroke signature relates to which keyboard character via statically method such as frequency analysis.
  • Optical surveillance: A strategically placed camera, such as a hidden surveillance Camera at an ATM can allow a criminal to watch a PIN or password being entered.
  • Smartphone sensors: Researchers have demonstrated that it is possible to capture the keystrokes of nearby computer keyboards using only the commodityaccelerometer found in smartphones. The attack is made possible by placing a smartphone nearby a keyboard on the same desk. The smartphone’s accelerometer can then detect the vibrations created by typing on the keyboard, and then translate this raw accelerometer signal into readable sentences with as much as 80 percent accuracy.
Open post
ntfs alternate data streams

NTFS Alternate Data Streams For Beginner

MODULE 9:- Data Protection 

  1. How to encrypt files and folders by EFS Windows 10
  2. How to Enable bitlocker windows 10 encryption – Full Guide
  3. How to use VeraCrypt portable, Truecrypt replacement in windows 10
  4. Data, file, full disk and Hard drive encryption software Veracrypt
  5. NTFS Alternate Data Streams For Beginner
  6. Top 10 steganography tools for Windows 10

NTFS Alternate Data Streams in Window

NTFS Alternate Data Streams in Window is a method where you can hide one file data into another file data. this is alternate data streams available only on NTFS file system of window

 Scenario:  If you created a text file with name firstfile.txt in notepad and write some matter inside the file. You can see what is written inside the file anytime. Now you create another file name secondfile.txt and you make some entry in this file. Is it possible to hide second file matter into firstfile. And if someone open first file, should be unable to see hidden data into first file only first data should be visible. Answer is yes and it is happened with NTFS stream. And you can see hidden matter when you want.

Create NTFS Alternate Data Streams

The NTFS file system provides applications the ability to create alternate data streams of information. By default, all data is stored in a file’s main unnamed data stream, but by using the syntax ‘file:stream’, you are able to read and write to alternates. Not all applications are written to access alternate streams, but you can demonstrate streams very simply. First, change to a directory on a NTFS drive from within a command prompt.

Next, Open terminal and type following command

echo “This is data of first file > firstfile.txt

you have just created a file named firstfile.txt.

Next, run following command to write strem.

echo “This is second data stream” > firstfile:scondfile

alternate data streams

You’ve just created a stream named ‘secondfile’ that is associated with the file ‘firstfile’. Note that when you look at the first file you will find only enter text when opened in any text editor. To see your hidden stream run following command.

more < firstfile:secondfile

retreieving data from hidden file

Delete NTFS Alternate Data Streams from the file

NT does not come with any tools that let you see which NTFS files have streams associated with them,  and cant be deleted this stream. So you have need some extra software to download software https://technet.microsoft.com/en-us/sysinternals/bb897440.aspx

Download software and extract zip file you will get a excitable file with stream.exe name run the following command to see hidden stream and delete stream
remove alternate data streams

More detail: http://blogs.technet.com/b/askcore/archive/2013/03/24/alternate-data-streams-in-ntfs.aspx

Scroll to top