Jump to content

Keylogger


Go to solution Solved by digininja,

Recommended Posts

  • Replies 119
  • Created
  • Last Reply

Top Posters In This Topic

Would be wicked to make it a general purpose keylogger, not just for specific sites.

Darren,

Didn't even think about that, genius.... Please correct any of the following if this was not your intention.

Whistle Master,

I think Darren is alluding to having a JavaScript function that is loaded on every page (would have to be an ettercap filter) the script would be listening for keys to be pressed via jQuery's http://api.jquery.com/keypress/ function since keylogger already uses the jQuery library, then have it make a call back to the server and upload the data via a simple php script.

This would actually be quite amazing since the user would be able to pass to their site unaffected, the DNS Spoof functionality would not need to be enabled, and the user would have little knowledge of what is going on, even if they were to be watching a Firebug console log. We also eliminate the need for SSLStrip's functionality since we are logging the strokes not the stream.

Link to post
Share on other sites

I'm interested to try this as soon as you're willing to share a beta version :)

A first version is already out. You can find it in the modules section of your pineapple v1.1.1.

Thanks everyone for your comments :) I will dig into the ettercap direction for a generic keylogger.

Link to post
Share on other sites

Every keystroke is captured when the "victim" arrives on the fake login templates, that's why I called it keylogger, but you're right, strictly speaking, I could call it Credentials Grabber but it's more longer to write than keylogger :P

Yeah, I wondered about that too, how could a pineapple do keylogging, it would be more like collecting/sniffing the credentials from a login page.

Link to post
Share on other sites

Yeah, I wondered about that too, how could a pineapple do keylogging, it would be more like collecting/sniffing the credentials from a login page.

Zomg Infiltrator is in the Jasager forums! Get back to Questions/Hacks & Mods/Business IT!

Haha just kidding Inf, you're always welcome here! Just had to give you some crap because you're such a prominent poster on all the other forums and we so rarely get to enjoy your expertise here on the Jasager page :)

telot

Link to post
Share on other sites

Actually, I won't continue the development of the module with templates. I'm working on a generic version with ettercap ;)

:::JUMPING UP AND DOWN:::

WOOOOOOOOHOOOOOOOO!

telot

Link to post
Share on other sites

The development here just keeps getting better and better.

Who would have thought that when the MKIV came out that we would have such a growing community developing the little pineapple ??

Evil: God isn't interested in technology. He cares nothing for the microchip or the silicon revolution. Look how he spends his time, forty-three species of parrots! Nipples for men!

Robert: Slugs.

Evil: Slugs! HE created slugs! They can't hear. They can't speak. They can't operate machinery. Are we not in the hands of a lunatic?

Link to post
Share on other sites

keylogger? how will you apply the keylogger? dns spoof to a page with the hook? but then you are spoofing to the page and the user wont be able to get to the internet? turn spoof on then off quickly? that's a bit clunky.

what we really need is nodogsplash working, that way we can put a beef hook (or your keylogger) into the splash page and the user will only see it once then continue browsing. The beef hook can point to beef on 172.16.42.42 then you can run the keylogging module and many others.

I have seen one guy on here pushing nodogsplash but his posts for help have fallen on deaf ears. Nodogsplash will also control the bandwidth usage for us! its the answer to the pineapple dreams!

i get the following error when trying to start up nodogsplash:

root@Pineapple:/usb/etc/nodogsplash# ln -s /usb/etc/nodogsplash/ /etc/nodogsplas

h

root@Pineapple:/# nodogsplash

root@Pineapple:/# iptables v1.4.10: Couldn't load match `mark':File not found

Try `iptables -h' or 'iptables --help' for more information.

[3][Thu Jan 1 01:32:14 1970][2504](fw_iptables.c:180) Nonzero exit status 2 from command: iptables -t nat -A ndsOUT -m mark --mark 0x200 -j ACCEPT

iptables v1.4.10: Couldn't load match `mark':File not found

Try `iptables -h' or 'iptables --help' for more information.

[3][Thu Jan 1 01:32:14 1970][2504](fw_iptables.c:180) Nonzero exit status 2 from command: iptables -t nat -A ndsOUT -m mark --mark 0x400 -j ACCEPT

iptables v1.4.10: Couldn't load match `mark':File not found

Try `iptables -h' or 'iptables --help' for more information.

[3][Thu Jan 1 01:32:14 1970][2504](fw_iptables.c:180) Nonzero exit status 2 from command: iptables -t filter -A ndsRTR -m mark --mark 0x100 -j DROP

Using intrapositioned negation (`--option ! this`) is deprecated in favor of extrapositioned (`! --option this`).

iptables v1.4.10: Couldn't load match `mark':File not found

Try `iptables -h' or 'iptables --help' for more information.

[3][Thu Jan 1 01:32:14 1970][2504](fw_iptables.c:180) Nonzero exit status 2 from command: iptables -t filter -A ndsRTR -m mark --mark 0x200 -j ACCEPT

iptables v1.4.10: Couldn't load match `mark':File not found

Try `iptables -h' or 'iptables --help' for more information.

[3][Thu Jan 1 01:32:14 1970][2504](fw_iptables.c:180) Nonzero exit status 2 from command: iptables -t filter -A ndsNET -m mark --mark 0x100 -j DROP

iptables v1.4.10: Couldn't load match `mark':File not found

Try `iptables -h' or 'iptables --help' for more information.

[3][Thu Jan 1 01:32:14 1970][2504](fw_iptables.c:180) Nonzero exit status 2 from command: iptables -t filter -A ndsNET -m mark --mark 0x200 -j ACCEPT

iptables v1.4.10: Couldn't load match `mark':File not found

Try `iptables -h' or 'iptables --help' for more information.

[3][Thu Jan 1 01:32:14 1970][2504](fw_iptables.c:180) Nonzero exit status 2 from command: iptables -t filter -A ndsNET -m mark --mark 0x400 -j ndsAUT

[3][Thu Jan 1 01:32:15 1970][2504](gateway.c:280) Error initializing firewall rules! Cleaning up

[3][Thu Jan 1 01:32:15 1970][2504](gateway.c:282) Exiting because of error initializing firewall rules

root@Pineapple:/# opkg install iptables-mod-imq

Unknown package 'iptables-mod-imq'.

Collected errors:

* opkg_install_cmd: Cannot install package iptables-mod-imq.

root@Pineapple:/# opkg install iptables

Package iptables (1.4.10-4) installed in root is up to date.

root@Pineapple:/# iptables

iptables v1.4.10: no command specified

Try `iptables -h' or 'iptables --help' for more information.

Perhaps i should get another thread going on this. It would be great if we could get some collective minds working on this!

thanks,

Isolot.

Link to post
Share on other sites

keylogger? how will you apply the keylogger? dns spoof to a page with the hook? but then you are spoofing to the page and the user wont be able to get to the internet? turn spoof on then off quickly? that's a bit clunky.

what we really need is nodogsplash working, that way we can put a beef hook (or your keylogger) into the splash page and the user will only see it once then continue browsing. The beef hook can point to beef on 172.16.42.42 then you can run the keylogging module and many others.

I have seen one guy on here pushing nodogsplash but his posts for help have fallen on deaf ears. Nodogsplash will also control the bandwidth usage for us! its the answer to the pineapple dreams!

i get the following error when trying to start up nodogsplash:

root@Pineapple:/usb/etc/nodogsplash# ln -s /usb/etc/nodogsplash/ /etc/nodogsplas

h

root@Pineapple:/# nodogsplash

root@Pineapple:/# iptables v1.4.10: Couldn't load match `mark':File not found

Try `iptables -h' or 'iptables --help' for more information.

[3][Thu Jan 1 01:32:14 1970][2504](fw_iptables.c:180) Nonzero exit status 2 from command: iptables -t nat -A ndsOUT -m mark --mark 0x200 -j ACCEPT

iptables v1.4.10: Couldn't load match `mark':File not found

Try `iptables -h' or 'iptables --help' for more information.

[3][Thu Jan 1 01:32:14 1970][2504](fw_iptables.c:180) Nonzero exit status 2 from command: iptables -t nat -A ndsOUT -m mark --mark 0x400 -j ACCEPT

iptables v1.4.10: Couldn't load match `mark':File not found

Try `iptables -h' or 'iptables --help' for more information.

[3][Thu Jan 1 01:32:14 1970][2504](fw_iptables.c:180) Nonzero exit status 2 from command: iptables -t filter -A ndsRTR -m mark --mark 0x100 -j DROP

Using intrapositioned negation (`--option ! this`) is deprecated in favor of extrapositioned (`! --option this`).

iptables v1.4.10: Couldn't load match `mark':File not found

Try `iptables -h' or 'iptables --help' for more information.

[3][Thu Jan 1 01:32:14 1970][2504](fw_iptables.c:180) Nonzero exit status 2 from command: iptables -t filter -A ndsRTR -m mark --mark 0x200 -j ACCEPT

iptables v1.4.10: Couldn't load match `mark':File not found

Try `iptables -h' or 'iptables --help' for more information.

[3][Thu Jan 1 01:32:14 1970][2504](fw_iptables.c:180) Nonzero exit status 2 from command: iptables -t filter -A ndsNET -m mark --mark 0x100 -j DROP

iptables v1.4.10: Couldn't load match `mark':File not found

Try `iptables -h' or 'iptables --help' for more information.

[3][Thu Jan 1 01:32:14 1970][2504](fw_iptables.c:180) Nonzero exit status 2 from command: iptables -t filter -A ndsNET -m mark --mark 0x200 -j ACCEPT

iptables v1.4.10: Couldn't load match `mark':File not found

Try `iptables -h' or 'iptables --help' for more information.

[3][Thu Jan 1 01:32:14 1970][2504](fw_iptables.c:180) Nonzero exit status 2 from command: iptables -t filter -A ndsNET -m mark --mark 0x400 -j ndsAUT

[3][Thu Jan 1 01:32:15 1970][2504](gateway.c:280) Error initializing firewall rules! Cleaning up

[3][Thu Jan 1 01:32:15 1970][2504](gateway.c:282) Exiting because of error initializing firewall rules

root@Pineapple:/# opkg install iptables-mod-imq

Unknown package 'iptables-mod-imq'.

Collected errors:

* opkg_install_cmd: Cannot install package iptables-mod-imq.

root@Pineapple:/# opkg install iptables

Package iptables (1.4.10-4) installed in root is up to date.

root@Pineapple:/# iptables

iptables v1.4.10: no command specified

Try `iptables -h' or 'iptables --help' for more information.

Perhaps i should get another thread going on this. It would be great if we could get some collective minds working on this!

thanks,

Isolot.

isolot WM is in the process of trying to get ettercap working, that way almost all pages can be injected with the key-logger code, I can't wait:-D

Link to post
Share on other sites
Posted (edited) · Hidden by AnonEcon, April 26, 2012 - av
Hidden by AnonEcon, April 26, 2012 - av

I would love to see a video of this (install and application). You could put it on SecurityTube and/or YouTube.

Was there a D/L link?

Clearly, if this works it's the best part of the Pineapple thus far.

Edited by AnonEcon
Link to post

Has anyone else had an issue with this not logging all keys entered?

I.E with the gmail template, i enter Bill as the username, Smith as the Password.

all i see in the Keylogger interface is.

* gmail

* Keys

> mih -which should really be Smith.

Any Ideas?

Link to post
Share on other sites

the issue may be because javascript is not fast enough to get all the keys from the beginning.

Whatever, I'm currently working on a generic version which does not use templates but ettercap. I'm still getting some problems with ettercap though :o

Link to post
Share on other sites

Sebkinne,

That is amazing news, if you wouldn't mind after you release the details to explain why it didn't work WM and myself have been working on this with no progress or understanding of why it does not seem to function, and I found little on other sites detailing the issue.

Link to post
Share on other sites

Sebkinne,

That is amazing news, if you wouldn't mind after you release the details to explain why it didn't work WM and myself have been working on this with no progress or understanding of why it does not seem to function, and I found little on other sites detailing the issue.

I totally agree :P Everything is ready, just waiting for a solution for ettercap working!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.


×
×
  • Create New...