Professional Documents
Culture Documents
11.11.2014.
CONTENT:
1. INTRODUCTION
2. THE CONCEPT OF KEYLOGGER
2.1.
1. INTRODUCTION
Nowadays, information technology is rapidly evolving and increasingly makes life easier to
people. Also, the daily operations of individuals and large companies has been greatly
facilitated. Along with the many advantages that today's level of computerization offers, it
should be noted that the flow of information is not fully secure. There are many ways of
invasion of privacy and theft of confidential data and the large number of malicious programs
that make it happen.
This thesis aim is to present keyloggers, malicious programs that represent a great threat to
privacy and security, and make it by tracking the user's input character. Furthermore, it will be
described making a simple keylogger which will be implemented basic functionality and
methods of attack. The first chapter will describe the main representatives of the term
"keylogger". The second chapter will deal with the division of the keylogging software and
hardware as well as any of their subspecies. In the third chapter principles of operation of
each keyloggers and programming mechanisms they use, will be presented. The next chapter
will give a full insight into the process of making keyloggers. It will describe all the
functionality and code that allows them. It will also be described himself working principle
keylogger applications from initial infection to successful computer theft of confidential data.
between justified monitoring and espionage. Legitimate software is often maliciously used to
steal a user's secret information such as passwords, credit card numbers, etc.
Most modern keyloggers are considered legitimate software or hardware, and are available for
purchase in the open market. Developers and software dealers offer a long list of purposes for
which it is appropriate to use keyloggers:
-Security Companies: monitoring whether the computers used for the purposes of
contingencies is in the job description;
-Security Company: using keyloggers in order to monitor keywords and phrases related to
business secrets whose disclosure would harm the Company;
-Parental Control: Parents can monitor what their children are doing on the Internet and can
be notified about accessing web pages with inappropriate content;
- Jealous spouses or partners can use keylogger to monitor the actions of their better half;
- Law conduction as one of the methods of collecting evidence in a criminal investigation.
The stated reasons for the use of keylogging are more subjective than objective whichmeans
that ll these situations can be resolved by other methods. Every legitimate keylogging
program can still be used with the evil and criminal intentions.
Today, keyloggers mainly used in such, evil intentions to steal the user's secret data is mostly
related to online payment. Having that in mind the creators of malicious programs are
constantly writing new keyloggers.
Furthermore, many keyloggers hide in the computer system (rootkit functionality) which
makes them full-blooded Trojan programs.
Source: http://signum-soft.com/features
confidential manner so that the user is not aware that his actions monitored. There are a large
number of keylogging methods, software and hardware, to electromagnetic and those based
on sound analysis ...
2. Kernel-Based
These keyloggers are very effective and difficult to eradicate. They are on the kernel
level which makes them difficult to detect. Often implemented as rootkits and so fraud
system that they see as their integral part. As part of the kernel, these programs do not
have barriers to access all hardware entries. Often implemented as the keyboard
drivers and therefore they are allowed to access directly entered with characters even
before they reach the operating system. Their complexity makes it very difficult for
them to program a while and rarely used.
3. API-based
These keyloggers are "hung up" on the API (application programming interface) so it
informs the operating system each time the button is pressed on the keyboard, and they
just store these characters. Using the API functions like GetAsyncKeyState ,
GetForegroundWindow to retrieve the state of the keyboard, and subscribe to events
from the keyboard . These keyloggers are easier to program the preceding it is more
often used.
5. Packet Analyzers
Type of keyloggers that capture and analyze packets mesh traffic affiliated with HTTP
POST events for the purpose of reach noncripted passwords. Keylogger softwares can
Clipboard Logging- keylogger captures all the information that the user copied into
the current containe - clipboard.
Screen Logging (screenshots) - saves picture of the current state of the screen in order
to come up with any graphical information. It is possible to capture the entire screen, a
window only one application or even just the area around the mouse pointer. Images
are captured periodically or as a result of user actions (eg, mouse click).
Text capturing within the control- Windows API allows retrieval of some control,
which means that it is possible to get to the passwords even if they are hidden behind a
mask (usually a sign asterisk).
By Using filter DriverS keyboard. Type of drivers which first receives the information
about the pressure keys and forwards the information to drivers of operating system
5.PRODUCTION OF KEYLOGGER
Here it will be shown an example of a simple keylogger software. Also it will be explained in
more detail the process of creating the same. Furthermore, it will be described all that maters
including functionality and program code which allows their use.
Therefore, the goal is to write a keylogger application that will have the basic characteristics
and functionality of each keyloggers. Keylogger will retrieve all user entered from the
keyboard. The application will be hidden from the user and will trigger at each power-up. All
available data will be saved in a text file whose location can be freely selected. The resulting
text file (log file) will be sent by e-mail to an e-mail address. In addition to the basic
functionality of the goal is to implement some of the more advanced features that can have a
keylogger.
Basic keylogger features to be implemented:
- the presence of user-Hide
- catching keystrokes
- saving data to a desired location on the disk form of the division of the text log file
- sending data mail
- Raising at each starting of computer (modification of the registry)
6. CONCLUSION
In this text it is shown and explaind, the problems of invasion of privacy and security of users
of computer systems. Both theoretically and practically is presented an attack of keyloggers,
malicious software that secretly monitors the user'sinput of characters. With a description of
the types of keyloggers is described a the very principle of their work, as well as the basic
software mechanism that allows Windows Hooks their main function - monitoring character
input from the keyboard.
The problem of keylogging is not negligible, the more forward with only a basic knowledge
of programming can make a keylogger that is able to compromise a user's privacy and
security and lead to undesirable consequences, the loss of money from your bank account. In
the practical part of this work is provided a method of making a keylogger applications that
are implemented within the core functionality and methods of attack.
Since more and more people rely on computers in everyday life it is necessary to be aware of
the existence of such malicious software that can make a tangible and emotional damage, and
it is advisable to take some of the protective measures presented in this graduate work.