kernel-based keylogger for Linux

		Exetools > General > Source Code
kernel-based keylogger for Linux

Thread Tools

Display Modes

10-20-2017, 18:13

Mkz

Friend

Join Date: Jan 2002

Posts: 98

Rept. Given: 0

Rept. Rcvd 2 Times in 2 Posts

Thanks Given: 5

Thanks Rcvd at 25 Times in 17 Posts

My guess is that even if you intercept the ssh data (using the system calls), that wouldn't be enough as it's encrypted and it's decrypted and interpreted (executed, etc.) on user space by the ssh daemon, the shell, etc.

You could still "strace" on a kernel module all kinds of activity that the ssh connection triggers - processes being spawned, received arguments - but not the actual keypresses on the remote terminal window and the sshd receiving each of them, as this last part happens in user space.

Tags

keylogger, loadable kernel module

« Previous Thread | Next Thread »

Thread Tools
Show Printable Version Email this Page
Display Modes
Switch to Linear Mode Hybrid Mode Switch to Threaded Mode

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts BB code is On Smilies are On [IMG] code is On HTML code is On Forum Rules

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Systrack - Linux kernel syscall implementation tracker	blue_devil	Community Tools	0	03-21-2024 15:06
Hades:Windows kernel driver lets reverse engineers monitor user and kernel mode code	sh3dow	Source Code	0	05-12-2016 03:15
IDA remote debug Linux Kernel	Sergey Nameless	General Discussion	3	04-03-2012 04:12

All times are GMT +8. The time now is 00:55.