Jump to content
Sign in to follow this  
WhiteWolf

Stupid idea?

Recommended Posts

Hello, my name is Allen I am currently getting in to the computer world. I had an idea of an injection key logger. But only accepts charicters entered 1-16 charicters that do NOT include a space charicter. Most of our valuable information is written in 1-16 characters without spaces. 

Please, thoughts negative or positive are greatly appreciated.

Share this post


Link to post
Share on other sites

@WhiteWolf

An "injection keylogger" sounds like a device that injects data and then records it? That does not make sense to me.

Are you suggesting a device that will try to brute force a password of 1-16 characters when plugged in? In that you would find a place where there is a password prompt and then plug in / trigger the device?

If so, a simple password (English) of 16 characters with no spaces has 62 possibles for each character (A-Z, a-z, 0-9). To start at 1 character and gradually increase to 16 characters would mean that the device would have to:

Try all 62 characters once (621)
Then try all combinations of two characters (622)
Then try all combinations of three characters (623)
Then try all combinations of four characters (624)
...
All the way up to all combinations of sixteen characters (6216)

Even if your inject device could try 1,000,000,000 passwords per second it would take about 2,550,439,589,685 years to check every one. Of course this does not take into consideration any anti-brute force software on the target system (for example see "fail2ban") or even just having to clear any "Invalid Password" messages.

Of course if you meant something else I apologise for not understanding.

Edited by aethernaut

Share this post


Link to post
Share on other sites

@WhiteWolf

Thinking about it, if you meant that the keylogger only recorded text that was 1-16 characters without spaces then that would be pretty much everything typed anyway and recording everything possible is what a keylogger already does.

For example if the rule "record any text typed without spaces that is under 16 characters" was applied to your first message you would get (when de-duplicated and sorted),

1-16
a
accepts
Allen
am
an
appreciated.
are
But
characters
charicter.
charicters
computer
currently
do
entered
getting
greatly
had
Hello,
I
idea
in
include
information
injection
is
key
logger.
Most
my
name
negative
NOT
of
only
or
our
Please,
positive
space
spaces.
that
the
thoughts
to
valuable
without
world.
written

which is the all the words in the message.

Again, if you meant something else I apologise for not understanding.

Share this post


Link to post
Share on other sites
On 12/10/2019 at 9:36 AM, aethernaut said:

@WhiteWolf

Thinking about it, if you meant that the keylogger only recorded text that was 1-16 characters without spaces then that would be pretty much everything typed anyway and recording everything possible is what a keylogger already does.

For example if the rule "record any text typed without spaces that is under 16 characters" was applied to your first message you would get (when de-duplicated and sorted),


1-16
a
accepts
Allen
am
an
appreciated.
are
But
characters
charicter.
charicters
computer
currently
do
entered
getting
greatly
had
Hello,
I
idea
in
include
information
injection
is
key
logger.
Most
my
name
negative
NOT
of
only
or
our
Please,
positive
space
spaces.
that
the
thoughts
to
valuable
without
world.
written

which is the all the words in the message.

Again, if you meant something else I apologise for not understanding.

No you both are correct. I'm new to this computer world.  Most of my paragraph would fit that description but again I am typing spaces between words the program would only take the data if there was no space.. I'm just trying to find ways around things and to get in to systems. Thanks guys for not slaying me for a dumb idea.

Share this post


Link to post
Share on other sites

The 16 characters would most likely not be a password but a bank card or something along those lines .. my point was is we know no one is using a 15 letter password.. or a 2 letter password. We can narrow how many charicters and most commonly used ones to help the computer further crack the pass word instead of having it run every option possible..  no ones password is 1, but maybe it could be 1234567 what ever the min character you can set for the password so we lessen the chance of it running those options as well

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...