Re: Keystroke logging

[ChayoteMu <chayotemu () gmail com>]

This is mostly a question of curiosity. For the option of using a
proxy would it be possible to SSH to the proxy then generate a new SSH
from the proxy to the PC your getting into, and have the proxy log all
info that way? It may not be doable for all situations because I
figure you'd need to setup a hardend proxy on the network for that,
but as I said, I'm mainly curious if that would work.

On 7/1/05, Guillaume Vissian <somebodyishere () gmail com> wrote:
> The proxy will not see everything, if the connection is encrypted with SSL,
> or for some other connection like ssh , and more : ssh tunneling the user
> will make the proxy logs unusable...
>
> G.
>
> -----Message d'origine-----
> De: Kurt Keys [mailto:KKeys () sddpc org]
> Envoyé: vendredi 1 juillet 2005 16:45
> À: pentest () jitonline net; pen-test () securityfocus com
> Objet: Re: Keystroke logging
>
> Instead of a Keystroke logger, setup a proxy for your pen-test systems to
> use
> on their outbound connection to the target. Then have the proxy log
> everything
> and although you may not have all the mouse clicks and commands typed, you
> will have a log of the traffic to and from the target network. To me that is
> infinitely
> more valuable. But that's just me.
> Good Luck,
>
> Kurt Keys
> Information Security Specialist
> Information Security Department
> San Diego DPC
>
>
> > > > "JB" <pentest () jitonline net> 6/30/2005 12:36:24 PM >>>
> I'm wondering if anyone has either a kernel level keystroke logger for the
> Linux 2.6, or a userspace keystroke logger for Linux. As part of our
> penetration testing, we are required to give the client a log of all
> actions performed - so this would be a good way of logging all linux
> commands. Also - if you know of the same sort of tool for windows - that
> would also be appreciated.
>
> -J


-- 
"To catch a thief, think like a thief. To catch a master thief, be a
master thief."