Re: Keystroke logging

From: ChayoteMu (chayotemu_at_gmail.com)
Date: 07/02/05

  • Next message: Joachim Schipper: "Re: Remote Desktop/Term. Serv information leakage"
    Date: Fri, 1 Jul 2005 17:52:49 -0700
    To: Guillaume Vissian <somebodyishere@gmail.com>
    
    

    This is mostly a question of curiosity. For the option of using a
    proxy would it be possible to SSH to the proxy then generate a new SSH
    from the proxy to the PC your getting into, and have the proxy log all
    info that way? It may not be doable for all situations because I
    figure you'd need to setup a hardend proxy on the network for that,
    but as I said, I'm mainly curious if that would work.

    On 7/1/05, Guillaume Vissian <somebodyishere@gmail.com> wrote:
    >
    > The proxy will not see everything, if the connection is encrypted with SSL,
    > or for some other connection like ssh , and more : ssh tunneling the user
    > will make the proxy logs unusable...
    >
    > G.
    >
    > -----Message d'origine-----
    > De: Kurt Keys [mailto:KKeys@sddpc.org]
    > Envoyé: vendredi 1 juillet 2005 16:45
    > À: pentest@jitonline.net; pen-test@securityfocus.com
    > Objet: Re: Keystroke logging
    >
    > Instead of a Keystroke logger, setup a proxy for your pen-test systems to
    > use
    > on their outbound connection to the target. Then have the proxy log
    > everything
    > and although you may not have all the mouse clicks and commands typed, you
    > will have a log of the traffic to and from the target network. To me that is
    > infinitely
    > more valuable. But that's just me.
    > Good Luck,
    >
    > Kurt Keys
    > Information Security Specialist
    > Information Security Department
    > San Diego DPC
    >
    >
    > >>> "JB" <pentest@jitonline.net> 6/30/2005 12:36:24 PM >>>
    > I'm wondering if anyone has either a kernel level keystroke logger for the
    > Linux 2.6, or a userspace keystroke logger for Linux. As part of our
    > penetration testing, we are required to give the client a log of all
    > actions performed - so this would be a good way of logging all linux
    > commands. Also - if you know of the same sort of tool for windows - that
    > would also be appreciated.
    >
    > -J
    >
    >
    >
    >
    >

    -- 
    "To catch a thief, think like a thief. To catch a master thief, be a
    master thief."
    

  • Next message: Joachim Schipper: "Re: Remote Desktop/Term. Serv information leakage"