How do I get keylogging to stop?
66 views
Skip to first unread message
Dillon Korman
Nov 9, 2012, 12:55:37 AM11/9/12
to kautily...@googlegroups.com
Hello. I recently keylogged my own machine by using kautilya on a Teensy 2.0++. This was just a test to see if it worked. I once only had pastebin free, so when I stopped getting pastes in my pastebin, I assumed the keylogging stopped after I unplugged the USB device. This is not the case, however, as a pastebin free account limits the number of private pastes to 10. Once I upgraded to PRO, I received 100's of pastes about my keylogging so long as my computer was connected to the internet (I would have received thousands had I not put it to sleep). Since this test is already over and I now know how this works, how do I stop getting pastes to my pastebin account? Please help. Thanks!
Nikhil Mittal
Nov 9, 2012, 8:18:32 AM11/9/12
to kautily...@googlegroups.com, Dillon Korman
Hi Dillon,
You are right. Pastebin does not allow more than 10 private pastes per
day for a free account. If you want more pastes for free, you can use
Tinypaste with small modifications in the source. I prefer pastebin as
it has more chances of being whitelisted in a network.
To stop the keylogger, look for a powershell process in your task
manager. Though bad for its intended usage, you can kill the keylogger
by killing the powershell process which is running the keylogger. You
can figure out the keylogger by having a look at the "command line"
option in taskbar....Shhh ;)
Though this will not be similar in a future version for which more
persistence and stealth is being implemented. There would be other ways
to tell the Keylogger to stop like instructions from DNS TXT records,
pastebin or email.
Suggestions are welcome.
Nikhil "SamratAshok" Mittal
--
Regards,
Nikhil
http://labofapenetrationtester.blogspot.com/
@nikhil_mitt
You are right. Pastebin does not allow more than 10 private pastes per
day for a free account. If you want more pastes for free, you can use
Tinypaste with small modifications in the source. I prefer pastebin as
it has more chances of being whitelisted in a network.
To stop the keylogger, look for a powershell process in your task
manager. Though bad for its intended usage, you can kill the keylogger
by killing the powershell process which is running the keylogger. You
can figure out the keylogger by having a look at the "command line"
option in taskbar....Shhh ;)
Though this will not be similar in a future version for which more
persistence and stealth is being implemented. There would be other ways
to tell the Keylogger to stop like instructions from DNS TXT records,
pastebin or email.
Suggestions are welcome.
Nikhil "SamratAshok" Mittal
Regards,
Nikhil
http://labofapenetrationtester.blogspot.com/
@nikhil_mitt
Nikhil Mittal
Nov 11, 2012, 12:46:57 PM11/11/12
to Dillon Korman, kautily...@googlegroups.com
Thanks for the feedback. I will include "labeling" of keylogs by
computer name in the next update. Stealth and persistence may also
be included. Other things are not planned for a near future release.
Nikhil "SamratAshok" Mittal
Nikhil "SamratAshok" Mittal
On 10-11-2012 10:51, Dillon Korman
wrote:
Also, the keylogger is very limited in what it does. Maybe you could give a link to a screenshot or the process/app that is running. If it's a browser, maybe you could give us the website in which are logged. Thanks.
On Fri, Nov 9, 2012 at 6:47 PM, Dillon Korman <dkki...@gmail.com> wrote:
Thanks for the help! It worked. I got Pastebin PRO, so I don't need to use tinypaste. I can't wait for stealth and persistence. Please try to label the keylogs when they are being uploaded to Pastebin. The computer name or something similar in the title would be helpful. Please do try to add more OSX exploits. Also, if I were on the same LAN (Wi-fi network) as someone, and I wanted to get a meterpreter session on their computer, what would be the easiest, simplest, and/or most effective method for doing that? Thank you for making this project and I look forward to all the updates!
Reply all
Reply to author
Forward
0 new messages