Posted by: GuyPardon
This video features Shreeraj Shah, one of the founders of NetSquare, speaking about defending Web applications and kernel keyloggers at the HackInTheBox Conference in 2003. Fast forward to 2:40 to skip the introduction.
[kml_flashembed movie="http://video.google.com/googleplayer.swf?docid=3945649297295454257" width="400" height="326" wmode="transparent" /]
From the show notes on Google Video:
This presentation discusses some of the more advanced techniques in writing kernel based keyloggers and presents the newest release of THC-vlogger 2.1 with new keystroke logging techniques and more features such as centralized logging. THC-vlogger, first presented in Phrack Magazine #59, enables the capability to log keystrokes of all administrator/user’s sessions via console, serial port and Telnet/SSH remote sessions, switching logging modes by using magic passwords, stealthily sending logged data to centralized remote server. Its smart mode can automatically detect password prompts to log only sensitive user and password information. This talk also discusses the recently published tool in PHC’s ‘fake’ phrack #62 dealing in the detection and disabling of Sebek, a host based honeypot monitoring tool of the Honeynet project. The presentation also discusses the advantages of THC-vlogger 2.1 over Sebek and other similar keylogger tools.
In looking for videos related to typeprint analysis and keyloggers, I came across many, many tutorials that can easily equip a high school student with the tools to embed keyloggers on Web pages and viral emails. Scary stuff.