|
Penetration Testing
mailing list archives
Re: Keystroke logging
From: Guillaume Vissian <somebodyishere () gmail com>
Date: Fri, 1 Jul 2005 11:41:45 +0200
Be carefull the history logs only show the common commands input on
the shell, this didn't show everything wrappen on it. Only keyloggers
can do that. If history remember all it would be a major security
failure... For example with shells history logs you can't see the vim
editing sequences, and for sure the password entries. And the real,
and only for me, utility of a keylogger is to log thoses pass entries.
A good keylogger have to, in my mind, be directly implanted in the
kernel, the shells let to much ways to escape from the logs...
A way to search :
http://linux.ittoolbox.com/documents/document.asp?i=2284
Google is your friend
G.
2005/7/1, Joshua Hamor <josh () cnemedia com>:
Agreed. Most modern shells have history logs. You should be able to save
this text file for your tests.
-J also
Jeff Miller wrote:
I've used bash shell logging before for similar situations. just grab
the source and compile with the syslogging option.
On Jun 30, 2005, at 2:36 PM, JB wrote:
I'm wondering if anyone has either a kernel level keystroke logger
for the
Linux 2.6, or a userspace keystroke logger for Linux. As part of our
penetration testing, we are required to give the client a log of all
actions performed - so this would be a good way of logging all linux
commands. Also - if you know of the same sort of tool for windows - that
would also be appreciated.
-J
 By Date 
By Thread
Current thread:
|
Intro
