Penetration Testing mailing list archives
Re: Keystroke logging
From: "Aaron J. Bedra" <abedra () westervillelibrary org>
Date: Fri, 01 Jul 2005 09:06:21 -0400
Something to think of, Yes, most shells have keylogging built in, but most pen-test reports require you to not only provide keylogging, but also timestamps (depending on where you are working, sometimes in UTC format), or they are not accepted as real logs. Aaron J. Bedra On Fri, 2005-07-01 at 11:41 +0200, Guillaume Vissian wrote:
Be carefull the history logs only show the common commands input on the shell, this didn't show everything wrappen on it. Only keyloggers can do that. If history remember all it would be a major security failure... For example with shells history logs you can't see the vim editing sequences, and for sure the password entries. And the real, and only for me, utility of a keylogger is to log thoses pass entries. A good keylogger have to, in my mind, be directly implanted in the kernel, the shells let to much ways to escape from the logs... A way to search : http://linux.ittoolbox.com/documents/document.asp?i=2284 Google is your friend G. 2005/7/1, Joshua Hamor <josh () cnemedia com>:Agreed. Most modern shells have history logs. You should be able to save this text file for your tests. -J also Jeff Miller wrote:I've used bash shell logging before for similar situations. just grab the source and compile with the syslogging option. On Jun 30, 2005, at 2:36 PM, JB wrote:I'm wondering if anyone has either a kernel level keystroke logger for the Linux 2.6, or a userspace keystroke logger for Linux. As part of our penetration testing, we are required to give the client a log of all actions performed - so this would be a good way of logging all linux commands. Also - if you know of the same sort of tool for windows - that would also be appreciated. -J
Current thread:
- Re: Keystroke logging Jeremy Heslop (Jul 01)
- <Possible follow-ups>
- Re: Keystroke logging fatb (Jul 01)
- Re: Keystroke logging Maximiliano Bertacchini (Jul 01)
- Re: Keystroke logging Byrne Ghavalas (Jul 01)
- Re: Keystroke logging paul dansing (Jul 01)
- Re: Keystroke logging Harry Hoffman (Jul 01)
- Re: Keystroke logging Joshua Hamor (Jul 01)
- Re: Keystroke logging Guillaume Vissian (Jul 01)
- Re: Keystroke logging Aaron J. Bedra (Jul 01)
- Re: Keystroke logging Chuck (Jul 06)
- Re: Keystroke logging Guillaume Vissian (Jul 01)
- Re: Keystroke logging Tomasz Piotr Palarz (Jul 01)
- Re: Keystroke logging Dave McCormick (Jul 01)
- Re: Keystroke logging Jay D. Dyson (Jul 01)
- Re: Keystroke logging Jerome Athias (Jul 01)
- Re: Keystroke logging netmask (Jul 01)
- Re: Keystroke logging - mouse Alvin Oga (Jul 01)
- Re: Keystroke logging - mouse Golden_Eternity (Jul 01)
- Re: Keystroke logging - mouse Alvin Oga (Jul 01)
- Re: Keystroke logging Kurt Keys (Jul 01)
- RE: Keystroke logging Guillaume Vissian (Jul 01)