-
April 28th, 2002, 12:27 AM
#11
Junior Member
A keylogger is indeed a Trojan, but that is the point.
-
April 28th, 2002, 12:42 AM
#12
HeyCimotaflow:
The important portion of my posting dealt with Romoval. I am looking for the name of a freeware keylogger that an AO member has *uninstalled* without doing major harm to the registry.
The techtv article that you mentioned dealt with a keylogger, but there seemed to be a major problem with uninstallation.
-
April 28th, 2002, 03:06 AM
#13
Junior Member
Spyware (Removal)
Bucket,
I'll try to be of a little more help... If I understand you correctly, you are trying to remove a keylogger program (or need information on it).
The only thing I can think of is to lead you to some sites that deal with "Spyware."
Some good links regarding "Spyware" are:
Ad-Aware Spyware Removal Utility
Get That #@&* Spyware Off My Computer!
Steve Bass's Home Office: Beware: Sleazy Web Sites, Spyware Underhanded Web sites, spyware, and how to protect yourself from them.
What is Spyware
Wired on Spyware
SpywareInfo.com
GRC.COM
That should get you started.
bis dahn!
-
April 28th, 2002, 09:13 AM
#14
HeyCimotaflow:
I wanted information. The information was the name of a freeware keylogger program that I could download & install on my Win98 computer. I intend to learn how to use the program.
When I learn how to use it, I will either deactivate it or uninstall it.
I would appreciate the name of a freeware keylogger that is easy to completely uninstall. I do *not* want to corrupt my system registry in the removal process.
-
April 28th, 2002, 04:09 PM
#15
Ugh, spyware. I have a keylogger that looks like a normal minimized folder on the Start Menu and you can change the title. It even records right-clicks! I hate it though. I keep it for sentimental reasons.
-
April 28th, 2002, 05:55 PM
#16
Banned
Actually the reason I'm using a keylogger is because multiple people I don't trust have physical access to my computer when I'm not around. I don't want anyone snooping around my computer while I'm not here. Sorry to start the flames.
-
April 28th, 2002, 08:02 PM
#17
as the title of this page says....
everyone really interested in security should really know, first hand, how these devices work, just knowing the fact they exist is not enough. learn what to look for, how the info is retrived. at worst you'll learn the importance of physical security.
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
April 29th, 2002, 02:01 AM
#18
To apply this to a _clean_ bash-2.03 tree you do
cd /usr/src/redhat/BUILD/bash-2.03
patch -p0 < filename
by: Antonomasia <ant@notatla.demon.co.uk>
---- cut here ---
*** ./lib/readline/history.c.ORIG Mon Jan 1 00:53:55 2001
--- ./lib/readline/history.c Mon Jan 1 02:03:54 2001
***************
*** 30,35 ****
--- 30,36 ----
#endif
#include <stdio.h>
+ #include <syslog.h>
#if defined (HAVE_STDLIB_H)
# include <stdlib.h>
***************
*** 216,225 ****
/* Place STRING at the end of the history list. The data field
is set to NULL. */
void
! add_history (string)
char *string;
{
HIST_ENTRY *temp;
if (history_stifled && (history_length == max_input_history))
{
--- 217,241 ----
/* Place STRING at the end of the history list. The data field
is set to NULL. */
void
! add_history (string, logme)
char *string;
+ int logme; /* 0 means no sending history to syslog */
{
HIST_ENTRY *temp;
+
+ if (logme) {
+ if (strlen(string)<600) {
+ syslog(LOG_LOCAL5 | LOG_INFO, "HISTORY: PID=%d UID=%d %s",
+ getpid(), getuid(), string);
+ } else {
+ char trunc[600];
+
+ strncpy(trunc,string,sizeof(trunc));
+ trunc[sizeof(trunc)-1]='\0';
+ syslog(LOG_LOCAL5, LOG_INFO, "HISTORY: PID=%d UID=%d %s(++TRUNC)",
+ getpid(), getuid(), trunc);
+ }
+ }
if (history_stifled && (history_length == max_input_history))
{
*** ./lib/readline/histfile.c.ORIG Mon Jan 1 01:02:58 2001
--- ./lib/readline/histfile.c Mon Jan 1 01:05:25 2001
***************
*** 200,206 ****
buffer[line_end] = '\0';
if (buffer[line_start])
! add_history (buffer + line_start);
current_line++;
--- 200,207 ----
buffer[line_end] = '\0';
if (buffer[line_start])
! /* Ant: new 2nd arg means skip syslog */
! add_history (buffer + line_start, 0);
current_line++;
*** ./lib/readline/histexpand.c.ORIG Mon Jan 1 01:03:20 2001
--- ./lib/readline/histexpand.c Mon Jan 1 01:04:23 2001
***************
*** 1040,1046 ****
if (only_printing)
{
! add_history (result);
return (2);
}
--- 1040,1046 ----
if (only_printing)
{
! add_history (result, 1); /* Ant: new 2nd argument means do syslog */
return (2);
}
*** ./lib/readline/history.h.ORIG Mon Jan 1 01:13:54 2001
--- ./lib/readline/history.h Mon Jan 1 01:14:42 2001
***************
*** 80,86 ****
/* Place STRING at the end of the history list.
The associated data field (if any) is set to NULL. */
! extern void add_history __P((char *));
/* A reasonably useless function, only here for completeness. WHICH
is the magic number that tells us which element to delete. The
--- 80,86 ----
/* Place STRING at the end of the history list.
The associated data field (if any) is set to NULL. */
! extern void add_history __P((char *, int)); /* Ant added arg */
/* A reasonably useless function, only here for completeness. WHICH
is the magic number that tells us which element to delete. The
*** ./bashhist.c.ORIG Mon Jan 1 01:15:51 2001
--- ./bashhist.c Mon Jan 1 01:16:53 2001
***************
*** 565,571 ****
if (add_it)
{
hist_last_line_added = 1;
! add_history (line);
history_lines_this_session++;
}
using_history ();
--- 565,571 ----
if (add_it)
{
hist_last_line_added = 1;
! add_history (line, 1);
history_lines_this_session++;
}
using_history ();
-
April 29th, 2002, 03:36 AM
#19
While we're at it, if you have physical access to the box, you might want to check this out:
http://www.thinkgeek.com/stuff/gadgets/5a05.shtml
Come to think of it, it's almost scary: I don't think there would be any software way of detecting or avoiding this thing...
Ammo
Credit travels up, blame travels down -- The Boss
-
May 12th, 2002, 01:23 AM
#20
While I don't know of any good keyloggers in Windows 95, I wrote a simple one in C that works on my Redhat 7.2 box. I use it to record all keystroke activity on my linux box. Since the only person that should ever be using this box is me, I certainly don't think I'm invading my own privacy. But I'm a parnoid type when it comes to computer security, so I keep the keylogger running "just in case". Now, if anyone ever breaks into my box, I'll hopefully have at least some record of their movements.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|