Jump to content


Photo

Keylogger

Module

Best Answer digininja, 31 January 2013 - 04:29 PM

For those who haven't spotted it, the module is now live.

 

Please post all questions and bugs to the new thread.

 

http://forums.hak5.o...module-release/

Go to the full post


  • This topic is locked This topic is locked
116 replies to this topic

#1 Whistle Master

Whistle Master

    Hak5 Ninja

  • Pineapple Moderators
  • PipPipPipPipPipPipPip
  • 623 posts
  • Gender:Male
  • Location:CH

Posted 01 April 2012 - 12:17 PM

Hi guys !

EDIT: New version pending ;) Old version is not available anymore.

I'm working on a new module: a javascript keylogger. You can install new templates for websites you want to capture keys. Please don't hesitate to share with us new working templates. I will integrate them in future version Posted Image

Module is available through module system.

Edited by Whistle Master, 28 December 2012 - 01:12 PM.

24302.png
Paypal: Donate Link
Bitcoin: 1LvG9XXXUeiHPM5Cq1SzV7LoAQ5Pn63LMe


#2 Mr-Protocol

Mr-Protocol

    Hak.5 Packet Ninja

  • Administrators
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 3,449 posts
  • Gender:Male

Posted 01 April 2012 - 01:27 PM

You do understand that keystrokes do not pass through the network right? Unless you are talking about other types of keys...

Mr-Protocol @ irc.hak5.org #hak5
Mr-Protocol @ chat.freenode.org #hak5
 
https://wifipineapple.com/
 
Im just watching a bad dream I never wake up from. -Spike Spiegel
DerbyCon


#3 Whistle Master

Whistle Master

    Hak5 Ninja

  • Pineapple Moderators
  • PipPipPipPipPipPipPip
  • 623 posts
  • Gender:Male
  • Location:CH

Posted 01 April 2012 - 02:13 PM

It's a javascript keylogger. Everything is redirected to the pineapple with DNSspoof and then I use an iframe to display the requested page based on available templates (e.g. facebook, gmail, etc.). All keystrokes are recorded to files and then displayed from the pineapple control center.

I added a screenshot ;)

24302.png
Paypal: Donate Link
Bitcoin: 1LvG9XXXUeiHPM5Cq1SzV7LoAQ5Pn63LMe


#4 Mr-Protocol

Mr-Protocol

    Hak.5 Packet Ninja

  • Administrators
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 3,449 posts
  • Gender:Male

Posted 01 April 2012 - 02:36 PM

Ah, was curious how you were getting that to work. Screenshot was broken when I posted ;)

Mr-Protocol @ irc.hak5.org #hak5
Mr-Protocol @ chat.freenode.org #hak5
 
https://wifipineapple.com/
 
Im just watching a bad dream I never wake up from. -Spike Spiegel
DerbyCon


#5 RebelCork

RebelCork

    Hak5 Fan ++

  • Active Members
  • PipPipPipPip
  • 122 posts

Posted 01 April 2012 - 03:12 PM

That looks about as legit as this : ;)

Posted Image

Edited by RebelCork, 01 April 2012 - 03:12 PM.



Evil: When I have the map, I will be free, and the world will be different, because I have understanding.
Robert: Uh, understanding of what, Master?
Evil: Digital watches. And soon I shall have understanding of video cassette recorders and car telephones. And when I have understanding of them, I shall have understanding of computers. And when I have understanding of computers, I shall be the Supreme Being!


#6 digininja

digininja

    Elite

  • Global Moderators
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 2,573 posts
  • Gender:Male
  • Location:Sheffield, UK

Posted 01 April 2012 - 03:29 PM

I assume you've looked at the one built in to w3af.

#7 Whistle Master

Whistle Master

    Hak5 Ninja

  • Pineapple Moderators
  • PipPipPipPipPipPipPip
  • 623 posts
  • Gender:Male
  • Location:CH

Posted 01 April 2012 - 03:45 PM

I assume you've looked at the one built in to w3af.

No I did not. I had the idea when I saw the metasploit keylogger and I took the idea of using templates from SET.

24302.png
Paypal: Donate Link
Bitcoin: 1LvG9XXXUeiHPM5Cq1SzV7LoAQ5Pn63LMe


#8 Whistle Master

Whistle Master

    Hak5 Ninja

  • Pineapple Moderators
  • PipPipPipPipPipPipPip
  • 623 posts
  • Gender:Male
  • Location:CH

Posted 01 April 2012 - 03:49 PM

That looks about as legit as this : ;)

I can assure you that it works. I will send the module to Seb as soon as I finished the last details (configuration updates, etc.)

24302.png
Paypal: Donate Link
Bitcoin: 1LvG9XXXUeiHPM5Cq1SzV7LoAQ5Pn63LMe


#9 digininja

digininja

    Elite

  • Global Moderators
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 2,573 posts
  • Gender:Male
  • Location:Sheffield, UK

Posted 01 April 2012 - 03:49 PM

Sorry, meant BeEF not w3af. Been a long day.

#10 telot

telot

    Hak5 Ninja

  • Active Members
  • PipPipPipPipPipPipPip
  • 698 posts
  • Gender:Male
  • Location:Here in your bedroom
  • Interests:m2m telecommunication (by profession)
    hacker mentality/culture
    embedded systems
    everything wireless
    DIY solutions
    opensource everything
    Intellectual Property Litigation

Posted 01 April 2012 - 03:57 PM

That looks about as legit as this : ;)

Posted Image


I smell a fellow redditor...


So how bout that narwhal baconing? Bout what time does that occur again? ;)

But seriously, Master Chef Whistle Master did it again! Mixing dnsspoof with a dash of metasploit for a little key logging action - beautiful! Can't wait to try it out!



telot

Edited by telot, 01 April 2012 - 03:59 PM.


#11 Whistle Master

Whistle Master

    Hak5 Ninja

  • Pineapple Moderators
  • PipPipPipPipPipPipPip
  • 623 posts
  • Gender:Male
  • Location:CH

Posted 01 April 2012 - 04:29 PM

I smell a fellow redditor...


So how bout that narwhal baconing? Bout what time does that occur again? ;)

But seriously, Master Chef Whistle Master did it again! Mixing dnsspoof with a dash of metasploit for a little key logging action - beautiful! Can't wait to try it out!



telot

Actually, it's a standalone, you don't need metasploit :)

24302.png
Paypal: Donate Link
Bitcoin: 1LvG9XXXUeiHPM5Cq1SzV7LoAQ5Pn63LMe


#12 RebelCork

RebelCork

    Hak5 Fan ++

  • Active Members
  • PipPipPipPip
  • 122 posts

Posted 01 April 2012 - 04:39 PM

Can't wait to try it out either.

Can BEEF be installed on the pineapple itself, or am I just thinking a load of bull (groan)


Evil: When I have the map, I will be free, and the world will be different, because I have understanding.
Robert: Uh, understanding of what, Master?
Evil: Digital watches. And soon I shall have understanding of video cassette recorders and car telephones. And when I have understanding of them, I shall have understanding of computers. And when I have understanding of computers, I shall be the Supreme Being!


#13 digininja

digininja

    Elite

  • Global Moderators
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 2,573 posts
  • Gender:Male
  • Location:Sheffield, UK

Posted 01 April 2012 - 04:41 PM

You wouldn't exactly install BeEF on it as it is a framework, all you need is to inject the javascript hook into pages using the pineapple and have it point at the controller elsewhere.

#14 ptrac3

ptrac3

    Hak5 Fan ++

  • Active Members
  • PipPipPipPip
  • 89 posts
  • Gender:Male
  • Location:Rome
  • Interests:Pentesting

Posted 02 April 2012 - 04:50 PM

It seems to be not a "keylogger" but a credentials grabber that uses fake logins templates..

#15 digininja

digininja

    Elite

  • Global Moderators
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 2,573 posts
  • Gender:Male
  • Location:Sheffield, UK

Posted 02 April 2012 - 05:12 PM

what does?

#16 hfam

hfam

    Hak5 Pirate

  • Active Members
  • PipPipPipPipPipPip
  • 347 posts

Posted 02 April 2012 - 05:23 PM

what does?


ahaha! Ya beat me to it. :)

Can't wait to give this one a try! Some of you guys are really blowin' it up out here with the add-ons, brilliant stuff, thanks all!

Super fired up for the official release of the modules-enabled firmware!!

#17 Whistle Master

Whistle Master

    Hak5 Ninja

  • Pineapple Moderators
  • PipPipPipPipPipPipPip
  • 623 posts
  • Gender:Male
  • Location:CH

Posted 03 April 2012 - 07:01 AM

It seems to be not a "keylogger" but a credentials grabber that uses fake logins templates..

Every keystroke is captured when the "victim" arrives on the fake login templates, that's why I called it keylogger, but you're right, strictly speaking, I could call it Credentials Grabber but it's more longer to write than keylogger :P

24302.png
Paypal: Donate Link
Bitcoin: 1LvG9XXXUeiHPM5Cq1SzV7LoAQ5Pn63LMe


#18 PatriceKing

PatriceKing

    Hackling

  • Active Members
  • Pip
  • 15 posts

Posted 03 April 2012 - 10:55 AM

Great job Mr. WM! Can't wait to try it.

#19 Whistle Master

Whistle Master

    Hak5 Ninja

  • Pineapple Moderators
  • PipPipPipPipPipPipPip
  • 623 posts
  • Gender:Male
  • Location:CH

Posted 07 April 2012 - 05:40 PM

Just a quick update, I'm still working on the keylogger module. It needs more testing and then I will release a first version with two templates already installed (facebook and gmail).

24302.png
Paypal: Donate Link
Bitcoin: 1LvG9XXXUeiHPM5Cq1SzV7LoAQ5Pn63LMe


#20 MrBurN

MrBurN

    Newbie

  • Active Members
  • 6 posts

Posted 07 April 2012 - 07:22 PM

sweet, keep up the good work !





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users