keyloggers


Forum: DSL Embedded
Topic: keyloggers
started by: earthtone

Posted by earthtone on May 06 2006,03:38
If i enter a password into FireFox opened in DSL which is running inside of windows -- will my keystrokes be invisible to a keylogger which may be infecting windows?

Thank You

Posted by 300c_pilot on May 06 2006,04:04
A keylogger can operate independantly of the OS. I have one that goes in line with the keyboard cord. It will log when the keys are pushed, and if the pc is in hybernation, It will still log keystrokes.
Posted by dare2dreamer on May 06 2006,05:54
One potential solution I've seen is to use a virtual keyboard to type your passwords.

I'm not sure if it's bulletproof security, but it sure is difficult to log keystrokes when you don't type any.

There's a xvkbd extension in the repository, have at.

Posted by pr0f3550r on May 06 2006,10:30
I've checked on the Qemu forum and the qemu-devel mailing list and I've found nothing.

Presumably, if the keylogger is running on the host Os, and whatever you type in Qemu never goes into the clipboard (but I could be wrong!), I assume that you should be reasonably safe.

On some websites you can find a test for the 'clipboard bug' and then try by yourself. I tried and it found nothing.

Posted by dare2dreamer on May 07 2006,15:07
Most keyloggers work at a lower level than applications, and oftern they are hardware-based so they are os-independant. If you're typing on the keyboard, the hardware-based ones will log your keystrokes regardless of your actions.
Posted by 300c_pilot on May 08 2006,04:14
Most I have seen that are software work off of the keyboard buffer. My kids are still wondering how I know there passwords. Just trying to keep them out of the bad web sites.
Posted by livinghell on June 06 2006,08:45
we have a keylogger system at our school most of them log the tie and application you were using so in windows if i logged onto my gmail it would sayy

{time} {Firefox} {00bryantr} livinghell {http://gmail.com} username


{time} {Firefox} {00bryantr} Password (in clear Text!) {http://gmail.com} password

when i used qemu to do the same it did this


{time} {Qemu} {00bryantr}QEMU{QEMU}QEMU
then a block of text here of what i typed but it didnt tell the admin what site i was on or anything just a large block of text with no spaces

useing the on screen keyboard stoped the logging altogether RESULT

but you might not have the same luck as me :-p

Posted by Winter Knight on Nov. 10 2006,21:32
The short answer is "yes." Without a doubt, if the host OS is infected, anything running above (higher level) that OS can be monitored / injected, manipulated, reprogrammed, etc.

However, a particular keylogger might be fooled by virtual OSes. Maybe most, I don't know. But it is certainly possible that a keylogger can log everything above it in the "OS layer."

As stated previously, if you have a hardware keylogger, it doesn't matter what application you are running, or even if your computer is turned on.

Try it yourself. I've used perfect keylogger, which is a commercial application with a freeware version. Not trial or anything, just less functional, but functional enough, especially for testing. There are probably free keyloggers out there too. Most of the ones I've tried had dependability and usability problems. Perfect Keylogger works good.

As for the on screen keyboard, it is possible for an infection to record those keystrokes too. It is much less likely, though, that they are programmed to do so.

Powered by Ikonboard 3.1.2a
Ikonboard © 2001 Jarvis Entertainment Group, Inc.