lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu Dec 1 20:23:28 2005 From: mail at hackingspirits.com (Debasis Mohanty) Subject: Most common keystroke loggers? -----Original Message----- From: Blue Boar Sent: Friday, December 02, 2005 12:15 AM To: sjohnston@...ionplus.com Cc: full-disclosure@...ts.grok.org.uk Subject: Re: [Full-disclosure] Most common keystroke loggers? Shannon Johnston wrote: > Hi All, > I'm looking for input on what you all believe the most common > keystroke loggers are. I've been challenged to write an authentication > method (for a web site) that can be secure while using a compromised system. >> If, for some reason, you only care about the case where a "keylogger" is installed, >> then you can go with some scheme like making the user pick numbers of a randomly-scrambled >> keypad on the screen, with the mouse. "Security" and "randomly-scrambled online keypad" are mutually exclusive ;-) >> Note, however, that "keyloggers" that grab some portion of the screen surrounding the >> mouse pointer every time you click have already been observed in the wild. They are >> designed to specifically defeat this kind of mechanism. I posted a similar but yet an effective way of snatching the user credentials directly from the input boxes while the user key'n them in a pre-compromised box. The method shown is bit effective compared to the screenshot grabbers in the sense that it directly get the clear text and the ***** text from the inputbox directly and donsn't save it until the user submit the form. The PoC (defeat-citibank-vk.zip) was created to defeat the virtual keyboard concept of Citi-Bank used world wide. It can be downloaded from the following link - http://www.hackingspirits.com/vuln-rnd/vuln-rnd.html . Presently, the PoC wont work as CitiBank has made little changes in its site after the release of the PoC. - D
Powered by blists - more mailing lists