Key logger running from a u3 flash drive, How can it be done?

[lucidnightmare]

I'm a newb, I've read previous posts, but I still can't get a keylogger to auto run of my thumb drive.  Like I said its a u3 enabled, cruzer micro 1gb drive.  I'm confused about the scripts, finding a free keylogging program to run from the script, and saving the script to the u3 file system.  If someone could post step by step instructions that would be great! Thanks! (Do I need a script or do I use the u3 script).

I've been told I need to modify the read-only "CDROM" division of a U3 drive to read and write access.  How can this be done?

A user from the binary revolution forum gave this link.  I'm kinda confused on the instructions so if someone could make it simpler for me that would be great!  hxxp: mcgrewsecurity. com/research/hackingU3/

Can this be done without the user knowing or having to open anything. I want to be able to plug this in, have it run in the background, and record key strokes when I'm not in the class room.

Edit-- In case your wondering the reason, we're having a problem with kids using the media laptop to check myspace at school and its really annoying and hard to catch them.  I'm only in the room maybe 1 or 2 periods a day so its really hard to keep any eye on it.  It is the only laptop in the entire school that has admin privileges on the network firewall.  On occasion we use a clip or two from youtube or myspace in the monthly video we produce.  This is not malicious in any way!!! (I don't know the forum rules yet). I eventually want to publish a simple walk through for hacking the u3 if it hasn't been done.

P.s. This like is NOT helpful. Where is the "step 2" zip file it mentions??? http://wiki.hak5.org/wiki/Sandisk_U3_ISO_Hack

[lucidnightmare]

I don't want anything complicated just a keylogger that saves the key strokes to the flash drive.  I do not want it sent over the school's network.

It would be nice if when I pulled the drive nothing was left of the computer and could be used again if needed.

[remkow]

So you mean it'd log the keys to the flash drive as long it is inserted, then when it's removed it stops logging, and disappears from the pc?

I guess that can be done, won't be too hard. Just learn a little programming, it can easily be done. That's better than asking here for someone to just give it to you, because most won't help you if it's for something that is almost definately for a malicious purpose.

[sablefoxx]

Ok first a little advice,

I'm a newb,

Yes, we can see that, no need to say it.

I do not want it sent over the school's network.

Do NOT flat out tell the public what you are going to use the program for, especially if its something illegal!

Its great that you at least tried to read previous posts.

However say you wanted an easy way to log your own keystrokes from your own computer, because you computer crashes alot and you use the key logs as a backup for a research paper you are writing.  Well then we maybe able to help  :D

[moonlit]

However say you wanted an easy way to log your own keystrokes from your own computer, because you computer crashes alot and you use the key logs as a backup for a research paper you are writing.  Well then we maybe able to help  :D

...and we'll know you're still talking BS.

[lucidnightmare]

Thanks for the tips everyone! Here's what I don't know.....

Hacking the Drive

1. How can I set up a temporary apache server to flash the drive from.

It's one of the steps close to the bottom.  http://mcgrewsecurity.com/research/hackingU3

2. How do I write an iso file that will open a keylogger. How do I write an iso? What language should I learn? Is there an example I can learn from? Does any one know of any iso already made for my drive I can modify?

Setting up the keylogger

1.What is a free keylogger that I can... install to the flash drive, leaves no trace, and stops when I remove it, and did I mention free?

2. Needs to be simple and compiled. I guess I could compile the code but I really don't know how to work a compiler since I've never coded.

(Huge newb)

The reason I don't want to leave a trace is the laptop belongs to the school and I.T. strongly discourages installing anything. (I once had a problem installing firefox on the same laptop.)     

[lucidnightmare]

So you mean it'd log the keys to the flash drive as long it is inserted, then when it's removed it stops logging, and disappears from the pc?

Exactly!!!

[Guest MaxDamage]

XXX

[moonlit]

First of all why is everyone so judgmental on this site.  I got so much negative BS from you after developing the hacksaw and giving it to you for free!  So I didn’t visit for six month and come back to find you are still at it!!

I've a few things to mention here. The first is that you do not tell us how the hell to act. Second is that anyone with a single brain cell is well aware of what people can and undoubtedly will do with these tools and we just get a little concerned that some people really shouldn't be using them or really shouldn't be using them the way they wish to. Granted, it's ultimately their decision when, where, how and on what they use them, but it's also our decision how to react to someone asking for help. A warning never hurt anyone.

Lastly, this thread is actually one of the least flame-grilled threads on the subject of logging or abusing school networks or computers. The OP clearly isn't in deep distress that someone warned him that it might not be the best idea to do something and no-one was an asshole.

I see no problem with this thread or the posts and posters in it. Go jump.

As you were.

[Guest MaxDamage]

First,  Don’t tell me what I can and can’t tell you what to do.  LOL

Second,  please remove my account.  It won’t be needed any longer.

Third,  “BITE ME” you self opinionated megalomaniac.

[K1u]

First,  Don’t tell me what I can and can’t tell you what to do.  LOL

Second,  please remove my account.  It won’t be needed any longer.

Third,  “BITE ME” you self opinionated megalomaniac.

Dood, to your original reply about people being judgmental and giving you alot of bs. I can understand that, but you cannot change how people talk or act. Sometimes you just have to deal with it. We are on a public forum and there are always people who want to start something or have a desire to hate you... but this we just have to deal with. If everyone else is acting mean or wrong to you, the last thing you should do is flame or attack them but be the bigger man and let it drift as if it never happened... almost all forums on the internet have these problems... but this is a community and a community interacts a community fights and at the end the community grows.

[Guest MaxDamage]

Hey K1u

I agree with you.  I have been contributing to this sort of comunity since before the internet existed.  I ran a BBS for 5 years back in 1975!

However, it is the attitude that bugs me.  moonlit needs a lesson in humility.  Unfortunately I am not in a position to give one and I cant be botherd to put myself in the position to give one.  But I appreciate your opinion and understand what you where saying.  I will just vote with my feet :).

Kind regards from a comunity member that was driven away twice! by moonlit.

[moonlit]

Vote however you like, you're one of a very few people who can't see where I'm coming from. I try to be as fair as possible whilst also making it plainly obvious that these things will get you in to trouble. If you want to set up a site explaining to kids how to view MySpace at school then that's your business.

Anyway, I think it's time this thread got back on track.

[K1u]

Vote however you like, you're one of a very few people who can't see where I'm coming from. I try to be as fair as possible whilst also making it plainly obvious that these things will get you in to trouble. If you want to set up a site explaining to kids how to view MySpace at school then that's your business.

Anyway, I think it's time this thread got back on track.

Good that this is settled, now lets get back on topic!

[lucidnightmare]

Back on topic.... I found a guy who modified his own key logger just for this project. The URL is from another forum I posted the same question on. (You can download it there)

(Where can I post this so people don't have to sign in on binary revolution's forum?) 

Modified Version http://www.binrev.com/forums/index.php?act...ost&id=2583

Original Version  http://www.binrev.com/forums/index.php?act...ost&id=2557

Now that I found a key logger, can someone point me to a tutorial on how to hack my u3 sandisk cruzer micro to open this program automaticlly when inserted?

Should I start a new thread? This one seems to have gotten off topic...

[Leapo]

I'm working on moding the USB wiretap to email logs off daily, that what you're looking for?

[lucidnightmare]

I'm working on moding the USB wiretap to email logs off daily, that what you're looking for?

No, but thanks. What I want to do is hack my sandisk  micro cruzer so it launches the keylogger when its plugged in (instead of u3) and runs it till I snatch the flash drive out.

I want to be able to plug the drive in , walk away, and  have the keylogger record keystrokes to the flash drive. I have the keylogger, now I just want it to open using the micro cruzer's virtual cd drive.

I found a tutorial, but it is WAY over my head. http://mcgrewsecurity.com/research/hackingU3/

All I need is some one to explain is....

1. Whats happening when I hack the drive.

2. How to set up the hack (how to flash a new iso to the drive)

3. How to code an iso that will open the keylogger whenever the flash drive is inserted.

From what I understand any computer will let the keylogger automatically run because it shows up as a cd.

[lucidnightmare]

Some one sent me a like to a program called winimage. Heres the link http://www.winimage.com/winimage.htm

From what I understand this will help me make an iso for my drive. Does wininage make iso files or does it convert scripts to iso files?

(Still confused and a Newb)

[lucidnightmare]

Could I use this to help me create the iso? http://wiki.hak5.org/wiki/Universal_U3_LaunchPad_Hacker

---I just read the Mcgrew secrity ariticle again and found this little gem.

"So a lot of the steps I've outlined below are actually a bit more complicated than you really need to do. The Sandisk installer looks in the local directory for ISOs first, so you won't have to spoof their website anymore ;) "

Now the question is what directory it looks in? Anybody have an idea?

Guess all I need to do is create an iso and put it in the local directory?

[lucidnightmare]

Thanks to the person who told me about the u3 custon installer!!!!!!

I used the u3 custom installer, created the iso, and installed it. Now when I plug my flash drive the file the program is stored in opens and thats it. How do I change it so nothing happens and the keylogger runs?

Heres whats happening. http://www.youtube.com/watch?v=q8zE2D2x0do

How can I get it to launch silently?

[bloodsplat]

hey could u provide a link to that U3 custom installer?

im kinda in the same position as you. and if your still tryng to make trojan undicoverabe for AV's just ask me how lol :D

thanks

[lucidnightmare]

hey could u provide a link to that U3 custom installer?

im kinda in the same position as you. and if your still tryng to make trojan undicoverabe for AV's just ask me how lol :D

thanks

Link-  http://www.hak5.org/packages/files/Universal_Customizer.

What I did was drop the keylogger into the custom iso folder and created the iso with the create iso command. The problem is when I plug in the drive in the iso just opens the file the keylogger is in. Better explained in the video I prevously posted.

[bloodsplat]

ok i think i see you problem as well as putting the keylogger into the .iso you need to put ur own autorun.inf which will tell the comp to run the logger.

do u have that?

if you do and the logger actually does start working the problem you have is that your opening the non cd partion of the usb by the dam window thingy and selectin view folders and files or watever thats why its comming up. because your usb is U3 with the custom iso on it all you have to do is insert it wait for U3 to kick in like 10 secs max probs (unless its 1st time inserting into the comp) then pul it out without clicking or touching anything :D

[lucidnightmare]

Thanks, about that iso thought I don't know how to make one. If someone would show me I'd give it a shot.

[bloodsplat]

ok i just figgured this out for myself, im assuming u have the universal customizer on your computer right? well if you do go to the directory of it, then go to the U3CUSTOM folder. place anyfiles you want in here, just your autorun will be fine as it will point to the non cd partion. ok now go back one directory to the universal customizer folder and click on the ISOcreate.cmd file. this will create your iso in the bin folder for you. ok leave it there for now because its in the right spot. now run the universal customiser and install wat ever to ur U3 drive. done! you might want to back it up first or if you have the latest u3 update for ur usb you can just use that to make everything back to normal.