World's Smallest Functional Keylogger Project 3,584 Bytes Small 3.5k
Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: World's Smallest Functional Keylogger Project 3,584 Bytes Small 3.5k

  1. #1
    Junior Member
    Join Date
    Jul 2005
    Posts
    26

    World's Smallest Functional Keylogger Project 3,584 Bytes Small 3.5k

    This Project is now a Featured Article on RootKit.com :-)

    The Programs and Files included are Copyright 2005, by ZOverLord, All Rights Reserved

    This is a Proof Of Concept for Educational Purposes ONLY!

    Notes:

    This program is 3.5K small, as in 3,584 bytes and can do ANYTHING other Key-Loggers claim, this is Version 1.0, a Stealth version will be next to show Hiding concepts.

    The program was created because MANY people claimed that you could NOT use a Stand-Alone program ("Without the Global hook procedure being located in a DLL") to do
    low-level keyboard Key-Logging. As I say.....

    "We Don't NEED NO STINKIN DLL!"

    The Goals of this project were:

    1. Keep it Small.
    2. Minimize as much as possible, CPU overhead.
    3. Make sure only ONE copy per user can run but support fast user switching.
    4. Allow logging files on a per user basis.
    5. Provide as much information as possible of WHERE the key strokes came from.
    6. Allow this to be installed and run using a non ADMIN account.
    7. Don't place the Global Low-Level Hook procedure in a .dll.
    8. Allow a Hot Key combination to stop it.
    9. Show others for educational purposes how it was done.

    Download the Entire Project Including Source, Pre-Complied Example, Build File and Documentation Here:

    http://testing.onlytherightanswers.c...article&sid=33
    Where Black, Gray and White Hats Unite to help protect YOU from current and future Exploits http://testing.OnlyTheRightAnswers.com

  2. #2
    Senior Member PacketThirst's Avatar
    Join Date
    Aug 2004
    Posts
    258
    Check this keylogger out



    Chota Worlds Smallest Keylogger


    Win32 PE File
    Win 98 Only

    Actual Code Size = 62 Bytes
    Header Size = 512 Bytes \ Essential Parts Of
    Import Table = 106 Bytes / PE File..
    ---
    Total Size = 680 Bytes

    http://www.infogreg.com/source-code/...keylogger.html

  3. #3
    Junior Member
    Join Date
    Jul 2005
    Posts
    26
    The Key here is the word "FUNCTIONAL!"

    Using that code:

    1. What was the Computer Named that Entered the Keystrokes?
    2. What was the Domain Name of the Domain the computer was on?
    3. What was the User name on the computer that entered the keys?
    4. What date were those keystrokes entered?
    5. What time were those keystrokes entered?
    6. What application did the keystrokes come from?
    7. What was the Window Title of where the Keystrokes came from?
    8. What was the Windows Class of the program that handled the keys?
    9. Can more than ONE copy be accidentally started?
    10. What Hot-Key Can stop the program?

    ALL of the above information and or functions cannot be done by your example. Additionally, the program you link to also states it is VERY VERY CPU intensive.

    Yet ALL the above are done with this, and with minimum CPU overhead.

    This is WHY this is called The World's Smallest Functional KeyLogger
    Where Black, Gray and White Hats Unite to help protect YOU from current and future Exploits http://testing.OnlyTheRightAnswers.com

  4. #4
    AO's MMA Fanatic! Computernerd22's Avatar
    Join Date
    Mar 2003
    Location
    Miami, FL
    Posts
    795
    ZOverLord nice work.

  5. #5
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884
    Become a MEMBER and DOWNLOAD It NOW!...
    While your work seems to be legit, I always question the "register now" approach to getting free code. It makes you look like just another internet huckster and that may be the farthest thing from the truth. None the less, it is what it is - an advertisement to drum up registration on a website. Small keyloggers aren't exactly hard to come by these days.

    --Th13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  6. #6
    Junior Member
    Join Date
    Jul 2005
    Posts
    26
    Well, I call it source code control, if someone wants it bad enough, it should be NO big deal to register to get it.
    Where Black, Gray and White Hats Unite to help protect YOU from current and future Exploits http://testing.OnlyTheRightAnswers.com

  7. #7
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884
    Well I can see why you, as the code author, might want to know who is grabbing copies of the code. However, you can't validate who is actually getting their hands on the code using a simple web registration process.

    This is one of the reasons I question the approach. Many great open source sites (such as sourceforge.net) do not require registration and they have many keylogger projects which are of excellent quality.

    So this brings me back to thinking about why one would require registration for open source code. I'm not sure how this process controls your source code. Once I have it, I can throw it on my own site and serve it up to the world.

    Again, I'm not trying to accuse you of anything but personally I never feel the need to register for open source code.

    Just one man's opinion.


    --TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  8. #8
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Location
    Beverwijk Netherlands
    Posts
    2,534
    I agree with thehorse13 I do all my opensource development in a publicly accessable (subversion) repository..
    Anyone can read.. and only a limited number of developers have write access to the repo..

    Choosing a propper licence is better then just popping up arbitrary obstacles that will stop more legitimate people looking then scriptkiddies stealing..

    But to each his own..
    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

  9. #9
    Junior Member
    Join Date
    Jul 2005
    Posts
    26
    Well, if you notice, I state in the download area, that they agree to terms before they download it.

    Also, this is a work in progress, the first stage is SMALL, no Stealth, the Second is HIDING, the Third EMAIL and or FTP.

    I really don't want to open up my download area to the public, and this allows me if needed to inform people when stage 2 is done, and so on.

    I really don't want to go from site to site, where after 24 hours I can't UPDATE an original post, or I need to upload here and there.

    So, it makes more sense to do it this way.

    Some may not agree, but hey, it allows people to be informed of new versions.
    Where Black, Gray and White Hats Unite to help protect YOU from current and future Exploits http://testing.OnlyTheRightAnswers.com

  10. #10
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884
    Well, if you notice, I state in the download area, that they agree to terms before they download it.
    Well, I see this:
    You will receive a confirmation email with a link to a page you should visit to activate your account in the next 24 hours.

    Notice: Account preferences are cookie based.
    As a registered user you can:

    Post comments with your name
    Send news with your name
    Have a personal box in the Home
    Select how many news you want in the Home
    Customize the comments
    Select different themes
    Access to Downloads
    Access to Members List
    Access to Search
    Access to Statistics
    Access to Top 10
    Access to User's Custom Box
    Create your own Journal
    Read custom headlines
    some other cool stuff...
    Register Now! It's Free!
    We don't sell/give to others your personal info.
    Items in bold raise my eyebrow given your explanation of why one must register. Also, for true open source code, I expect to see nothing other than a reference to the GNU GPL.

    SourceForge.net (and others) have a listserv that you can subscribe to so that when updates are available, an e-mail notice goes out to all that are registered to the project.

    So as I ask more and more questions, and after reading the post title as more of an advertisement than a project announcement, I have to say that I feel that my instincts may be correct on this one.

    --TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •