Keylogging internet cafes
A friend of mine got the idea of doing this in hope that he may get some sensitive PI and possibly purchase items and have them dropped off to another house. However, he's new to this sort of stuff.
What keylogger would be recommended for such task? Could the logs be mailed to a server or would he have to use a USB flash drive for every single computer and come back at a later time to copy the logs? What's the difference between a hardware keylogger and a software keylogger? Both log keystrokes; is there a benefit to a hardware keylogger?
What keylogger would be recommended for such task? Could the logs be mailed to a server or would he have to use a USB flash drive for every single computer and come back at a later time to copy the logs? What's the difference between a hardware keylogger and a software keylogger? Both log keystrokes; is there a benefit to a hardware keylogger?
Comments
Best bet would be to try and program one from scratch. Plenty of tutorials around there.
Software keyloggers are always easily rooted out.
Hardware keyloggers generally have one rule: the harder it is to install, the harder it is to find. Generally, unless you can get quite, uninterrupted access to the computers, don't do either, it's a stupid idea.
And it would be impossible to setup a camera. The location is an internet cafe and is monitored.
The cafe uses cleanslate so the PCs have no antivirus software installed. One thing that worried my friend is that cafes use internet cafe monitoring devices in order to set the time and what not. Which means that the owner/manager will see (if he's nosy) the client's screen in real-time from his server.
Using MITM attacks, you can log people's usernames and passwords to websites which they log into, which is where you'd get your personal information that you're looking for.
Another option would be to take your laptop to the internet cafe and start looking for vulnerable machines. If you can hack into one of them, you can get a shell and start logging keystrokes.
Can this man in the middle attack be done via lan?
This is where a tool called SSLstrip comes in handy. You arpspoof, then fire up SSLstrip and start capturing packets. You can then remove the SSL encryption from the connection, grab the information you need and then convince the target machine that they're still using a secure connection.
Clever shit.
This is exactly why I own a laptop. I never use other people's computers.
At least carry a small bootable linux flash drive and boot the machine with that (after checking for physical keyloggers).
Any ideas?
Is there any reputable software that detects well known keyloggers made by Ardamax and Award? I know A/Vs are pretty shitty at picking them up. When I tested one on my pc some time ago, avast didn't do shit. Fucking shady ass internet cafes
If SSL sessions can be intercepted, there's not much else you can do short of tunneling through a secure Internet connection. You can pretty much tunnel from everywhere, even if filtering is in place. You can tunnel over UDP 53, since DNS is always allowed - it's slow but it works.
I know a lot of people going back to telephone banking, simply for security reasons. Shit, even fax machines are a hell of a lot more secure than email.
I often wonder about TOR - I'm sure there is plenty of packet inspection going on by not-so-honest people setting up relays. Unless I'm mistaken about TOR works, what's to stop them from intercepting any session?