blackass Posted April 18, 2012 Share Posted April 18, 2012 (edited) Two fine hams Edited May 16, 2012 by blackass Quote Link to comment Share on other sites More sharing options...
digininja Posted April 18, 2012 Share Posted April 18, 2012 What do you mean by a software *USB* keylogger? Do you mean one that logs keystrokes from a USB keyboard as opposed to a PS2 one? If so I wouldn't have thought it would matter what the input source was, a keylogger should just hook into the keyboard buffer. Depending on how you want to do it Meterpreter from Metasploit can easily log keystrokes from the windows login, search Room362 for a post Mubix did about automating capturing login credentials. Quote Link to comment Share on other sites More sharing options...
blackass Posted April 18, 2012 Author Share Posted April 18, 2012 · Hidden by blackass, May 16, 2012 - sec Hidden by blackass, May 16, 2012 - sec I think blackass means a logger that is based out of a flash drive. You plug in the flash drive, it records keystrokes, then you remove it when done. I've seen these for sale but I haven't bought one. Right, sorry, that is what I meant. Not hardware like the ones that go right on the keyboard. But one you put on your thumb drive and stick it in. Link to comment
digininja Posted April 18, 2012 Share Posted April 18, 2012 You might be able to get something from Metasploit to do it then but you'll have to play with the Meterpreter autorun stuff. Quote Link to comment Share on other sites More sharing options...
blackass Posted April 18, 2012 Author Share Posted April 18, 2012 thank you. i had a look but unfortunately i think metasploit is too advanced for me. Quote Link to comment Share on other sites More sharing options...
psydT0ne Posted April 19, 2012 Share Posted April 19, 2012 Metasploit may be a little advanced now...but don't give up on it dude...thats how you learn. I haven't got a fuckin clue half the time but that doesn't stop me from trying stuff. :) Quote Link to comment Share on other sites More sharing options...
digininja Posted April 20, 2012 Share Posted April 20, 2012 Good attitude! Quote Link to comment Share on other sites More sharing options...
Atomix.Gray Posted April 20, 2012 Share Posted April 20, 2012 What you are looking for is called a Human Interface Device. These USB devices when plugged in act as a 'keyboard' Many companies block USB - storage devices via GP. These HIDs sneak right around that. You can create MANY different kinds of Payloads on these - ( a lot of them are already wrote for you) Thus introducing the Rubber Ducky - http://hakshop.myshopify.com/products/usb-rubber-ducky I believe to capture the windows login - you will need a Shell and migrated payload to the winlogin process. Good luck! ! Report back! Quote Link to comment Share on other sites More sharing options...
bobbyb1980 Posted April 21, 2012 Share Posted April 21, 2012 In theory one would be able to insert a USB drive or Rubber Ducky and get it to deliver a meterpreter payload that has a listener setup with "run keyscan_start" to autorun in the options setting of the listener. Quote Link to comment Share on other sites More sharing options...
blackass Posted May 6, 2012 Author Share Posted May 6, 2012 Metasploit may be a little advanced now...but don't give up on it dude...thats how you learn. I haven't got a fuckin clue half the time but that doesn't stop me from trying stuff. :) Thank you, Mnemonic. I wanted to thank you for your comment immediately but I couldn't remember my password at the time and I have not logged in in a while. The thing I was doing at the time was needed kind of urgently so I didn't have time to learn but I took your advice and gave learning metasploit a go. I'm still basically just reading the intro of a book on it, but we'll see if I can Forest Gump my way thru it :) Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted May 6, 2012 Share Posted May 6, 2012 Thank you, Mnemonic. I wanted to thank you for your comment immediately but I couldn't remember my password at the time and I have not logged in in a while. The thing I was doing at the time was needed kind of urgently so I didn't have time to learn but I took your advice and gave learning metasploit a go. I'm still basically just reading the intro of a book on it, but we'll see if I can Forest Gump my way thru it :) I don't know if you know, but there is a hardware keylogger, you could buy. http://www.keelog.com/ Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.