Full Disclosure mailing list archives
RE: Most common keystroke loggers?
From: "Jan Nielsen" <jan () boyakasha dk>
Date: Fri, 2 Dec 2005 19:51:03 +0100
That question opens up a whole lotta other questions, really depends on what you hope to achieve by doing authentication via a compromised system. In my book you should instead try to detect a compromised system and deny them access if they are indeed compromised, that would be in the end-users best interest I think (and of course report your findings to the users mailbox or something, don't tell the hacker that you detected his keylogger :-) Keyloggers come in quite a few different shapes and sizes, and just detecting the most common ones is not really that future-proof, tomorrow someone will develop another way of hooking into the keyboard buffer, or some other way you never thought of yourself. However the most common ones today would be the ones hooking into the windows api (not that hard to detect) and the screen capture ones I think (a bit more difficult) But that really raises the question : is keylogging really the only thing constituting a compromised system ? Answer : NO, many other types of software could make your system compromised, so what you need to think about is : what do I want to protect/enforce/check : - The endusers login information, so as it can't be stolen or re-used ? - The integrity of the transactions, has someone changed the info on its way from the input into the application to the website ? - The identity of the person behind the keyboard, is the user who you think he is ? That might help you in deciding what stuff you need to develop/implement. Hope this helps a bit :-) Jan -----Original Message----- From: boyakash () cp goodydomains com [mailto:boyakash () cp goodydomains com] On Behalf Of Shannon Johnston Sent: 1. december 2005 18:25 To: full-disclosure () lists grok org uk Subject: [Full-disclosure] Most common keystroke loggers? Hi All, I'm looking for input on what you all believe the most common keystroke loggers are. I've been challenged to write an authentication method (for a web site) that can be secure while using a compromised system. Thanks, Shannon _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- RE: [inbox] Re: Most common keystroke loggers?, (continued)
- RE: [inbox] Re: Most common keystroke loggers? Exibar (Dec 01)
- Re: Most common keystroke loggers? David Harker (Dec 01)
- Re: Most common keystroke loggers? Nick FitzGerald (Dec 01)
- Re: Most common keystroke loggers? Gustavo (Dec 01)
- Re: Most common keystroke loggers? Michael Holstein (Dec 01)
- Re: Most common keystroke loggers? Nick FitzGerald (Dec 01)
- Re: Most common keystroke loggers? Gustavo (Dec 01)
- Re: Most common keystroke loggers? mary (Dec 01)
- RE: Most common keystroke loggers? Aditya Deshmukh (Dec 01)
- Re: Most common keystroke loggers? Mohit Muthanna (Dec 02)
- RE: Most common keystroke loggers? Jan Nielsen (Dec 02)
- RE: Most common keystroke loggers? Nick FitzGerald (Dec 02)
- RE: Most common keystroke loggers? Jan Nielsen (Dec 02)
- RE: Most common keystroke loggers? Nick FitzGerald (Dec 02)
- Re: Most common keystroke loggers? foofus (Dec 02)
- Re: Most common keystroke loggers? Nick FitzGerald (Dec 02)
- Re: Most common keystroke loggers? Anonymous Squirrel (Dec 02)
- RE: Most common keystroke loggers? Nick FitzGerald (Dec 02)
- RE: Most common keystroke loggers? Jan Nielsen (Dec 02)
- Re: Most common keystroke loggers? foofus (Dec 02)
- Re: Re: Most common keystroke loggers? Michael Holstein (Dec 01)