Thursday, 26 January 2017

Types of Keylogger



As mentioned in my previous article, keyloggers are applications that monitor a user's keystrokes and then send this information back to the malicious user. This can happen via email or to a malicious user's server somewhere on the Internet. These logs can then be used to collect email and online banking usernames and passwords from unsuspecting users or even capture source code being developed in software firms. To know more, click here..

Keyloggers are divided into different categories depending upon system layer they run. Here, we will consider two system layers, namely : Application Layer and Internal Layer.

There are in general two types of Keyloggers :
  • Software Keyloggers : It is defined at application level. This type logging is accomplished by using the Windows function SetWindowsHookEx() that monitors all keystrokes. The spyware (keylogger) will typically come packaged as an executable file that initiates the hook function, plus a DLL file to handle the logging functions. An application that calls SetWindowsHookEx() is capable of capturing even autocomplete passwords. Here, it will over-ride the control of SetWindowsHookEx() - The function in windows which controls the keystrokes and also autocomplete actions of system.
  • Hardware Keyloggers : It is defined at internal level. These are small inline devices placed between the keyboard and the computer. Because of their size they can often go undetected for long periods of time -- however, they of course require physical access to the machine. These hardware devices have the power to capture hundreds of keystrokes including banking and email username and passwords.

Software Keyloggers :

A Software Keylogger is further divided into many types depending on the method it uses to save and transfer logs from victims' computer to the attacker.
  • Offline Keylogger : Here, the keylogger stores all the keystrokes offline i.e on the victim's device without his awareness. Obviously, the attacker here needs a physical access to victim's computer to get the log file (The file in which keystrokes are stored). The attacker knows the path at which the log file is located.
  • FTP Keylogger : It is an extended part of Offline Keylogger. The process of saving the keystrokes is same as that of offline keylogger. That means, it stores the log file at a specified location. Now, when the victim's computer gets access to the internet, the keylogger sends the log file with the help of FTP protocol to the attacker's server. Hence, FTP keylogger differs from Offline keylogger in the process of transferring log file.
  • Email Keylogger : An Email keylogger is similar to FTP keylogger (also an extended part of Offline keylogger). It differs from the FTP keylogger in the process of transferring the log file. Here, when the victim's computer gets connected to the internet, the keylogger sends an Email from its in-built Email sender to the attacker's Email. Hence, here log file is transferred via email.
  • PHP Keylogger : PHP keylogger is different from above defined keyloggers. In PHP keylogger, live data is captured. That means, when the victim types something, the keystrokes are captured (but not saved to log file) and are instantly transferred to the attacker's server via internet. The attacker's server contains PHP script which handles the incoming data (keystrokes) and hence keystrokes are saved on the attacker's server. Here, the most important element is internet -- The victim's computer should have internet connection and also the attacker's server should be online all the time. In case where victim's device does not possess internet, the keystrokes are lost or queued (saved temporarily until the device acquires internet).

Kernel Keyloggers :

Kernel Keyloggers are neither hardware nor software keylogger. As we know, kernel is something which operates between hardware and software of the system but is a combination of Hardware (ROM) and Software (HDL - Hardware Definition Language). The same are Kernel Keyloggers.

This type of keylogger is at the kernel level and receives data directly from the input device (typically, a keyboard). It replaces the core software for interpreting keystrokes. It can be programmed to be virtually undetectable by taking advantage of the fact that it is executed on boot, before any user-level applications start. Since the program runs at the kernel level, one disadvantage to this approach it that it fails to capture autocomplete passwords, as this information is passed in the application layer.

NOTE : The most used of the above types is Software - email keylogger,  as it is easy to design and use. Also it can capture the autocomplete keywords stored in device.

6 comments:

  1. Nice article,kudos bro. And please help on how to get Email-keylogger. I really need to have one.

    ReplyDelete
    Replies
    1. I tried to make it but was not successful..
      I will provide you the link to download one

      Delete
    2. Types Of Keylogger ~ The Hacker'S Library >>>>> Download Now

      >>>>> Download Full

      Types Of Keylogger ~ The Hacker'S Library >>>>> Download LINK

      >>>>> Download Now

      Types Of Keylogger ~ The Hacker'S Library >>>>> Download Full

      >>>>> Download LINK Qu

      Delete
  2. **SELLING SSN+DOB FULLZ**

    CONTACT
    Telegram > @leadsupplier
    ICQ > 752822040
    Email > leads.sellers1212@gmail.com

    >>1$ each without DL/ID number
    >>2$ each with DL
    >>5$ each for premium (also included relative info)

    *Will reduce price if buying in bulk
    *Hope for a long term business

    FORMAT OF LEADS/FULLZ/PROS

    ->FULL NAME
    ->SSN
    ->DATE OF BIRTH
    ->DRIVING LICENSE NUMBER WITH EXPIRY DATE
    ->COMPLETE ADDRESS
    ->PHONE NUMBER, EMAIL, I.P ADDRESS
    ->EMPLOYMENT DETAILS
    ->REALTIONSHIP DETAILS
    ->MORTGAGE INFO
    ->BANK ACCOUNT DETAILS

    >Fresh Leads for tax returns & w-2 form filling
    >Payment mode BTC, ETH, LTC, PayPal, USDT & PERFECT MONEY

    ''OTHER GADGETS PROVIDING''

    >SSN+DOB Fullz
    >CC with CVV
    >Photo ID's
    >Dead Fullz
    >Spamming Tutorials
    >Carding Tutorials
    >Hacking Tutorials
    >SMTP Linux Root
    >DUMPS with pins track 1 and 2
    >Sock Tools
    >Server I.P's
    >HQ Emails with passwords

    Email > leads.sellers1212@gmail.com
    Telegram > @leadsupplier
    ICQ > 752822040

    THANK YOU

    ReplyDelete
  3. i want to shear a life changing story with everyone who cares to read this testimony. Blank atm cards are real and are effective all over the world. i live in SPAIN . I got this card fromI [skylink technology] a month ago. this card has really help me pay my debts and now i am free from all financial problems. I no this is hard to believe , but i never knew there was this kind of card until i got one. This card withdraw more than €6000 daily and it is very easy to use. But you have to be very careful in other not to be caught by the police because it is illegal. If you want more information on this card and how to get one just contact the hackers by this address ....skylinktechnes@yahoo.com or whatsapp/telegram +1(213)785-1553

    ReplyDelete
  4. Types Of Keylogger ~ The Hacker'S Library >>>>> Download Now

    >>>>> Download Full

    Types Of Keylogger ~ The Hacker'S Library >>>>> Download LINK

    >>>>> Download Now

    Types Of Keylogger ~ The Hacker'S Library >>>>> Download Full

    >>>>> Download LINK

    ReplyDelete

Thanks for reading this article.
Please comment your reviews..This will help us improve.

Popular Posts