יום שבת, 28 בנובמבר 2009

Wireless Keylogger

Keylogger הוא רכיב המאפשר לבצע האזנה להקלדות תווים על המקלדת, רכיב ה - Keylogger

יכול להיות הן חומרתי והן תוכנתי.

קיים היתרון משמעותי לרכיב Keylogger חומרתי מכיוון שהוא יכול לתפוס את כל הקלדות

המשתמש ללא תלות ב - Process קיים או לחילופין באיום של תוכנת ה - Antivirus הקיימת

על המחשב.

אבל הבעיה הקיימת ברכיב זה שהוא דורש פעם אחת התקנת פיזית ופעם שנייה שליפה של

הרכיב ולכן דורש שני גישות פיזיות למחשב.

אבל בשביל זה אני פה מה דעתכם על Keylogger עם התקנה פיזית הדורש גישה אחת בלבד,

למה אני מתכוון חישבו מה היה קורה אם היה לכם Keylogger שהתקנתם על המחשב וכל התווים

היו משודרים על גבי גלי רדיו למחשב שלכם ללא צורך לקבל גישה פיזית נוספת למחשב.

מי רוצה לבנות אחד כזה ? :)

Introduction

Familiar with the concept of hardware keylogging? A hardware keylogger is a perfect solution for monitoring user activity, at very low risk of disclosure. A hardware keylogger is a purely electronic device, so no access to the operating system is required, no traces are left, and software has no possibility of detecting such a device. However, the hardware keylogger concept inherits one weakness: physical access to the keylogger is required for retrieving captured data. This problem has finally found its solution: a Wireless Keylogger.

KeeLog has already released one open source PS/2 hardware keylogger design to the public. Now, we are doing it again with the DIY Wireless Keylogger. This design is fully free for private and commercial use, with the following restrictions:
  1. All materials presented on this web page are the intellectual property of KeeLog and using them constitutes acceptance of the license terms below and the general User Agreement.
  2. This Wireless Keylogger project is provided as is, with all faults, and with no warranty whatsoever.
  3. Reproduction of this article, or any materials contained within, are allowed only if given proper credit to it's authors in the form of a link to the source webpage:
    http://www.keelog.com/wireless_keylogger.html

You should not use the Wireless Keylogger to intercept data you are not authorized to possess, especially passwords, banking data, confidential correspondence etc. Most countries recognize this as a crime.

The Wireless Keylogger consists of two main building blocks: the transmitter, and the receiver. The actual keylogging takes place in the transmitter, which is in fact a PS/2 hardware keylogger, with a built-in 2.4 GHz wireless module. Captured keystroke data is transmitted through the radio-link in real-time, rather than getting stored. The receiver on the other hand, is a wireless acquisition unit with a USB interface. All keystroke data received from the transmitter is sent to the host computer via USB. From the software side, this data is available through a virtual COM port, allowing any terminal client to be used for visualizing keystroke data.

Wireless Keylogger block scheme
Wireless Keylogger block scheme
The entire system works in real-time, so text typed on the remote computer is seen immediately on the receiver side. The system has a maximum range of around 50 yards (meters). This corresponds to an effective range of around 20 yards (meters) through 2-4 walls, depending on their thickness.
Wireless Keylogger transmitter Wireless Keylogger receiver
Wireless Keylogger transmitter
Wireless Keylogger receiver
Both the transmitter and the receiver are based on the same schematics and circuit board. Both have the same form factor, and are intended for mounting on PS/2 and USB extension cables. The recommended housing is an EMC-balun enclosure, which makes the device resemble a standard extension cable.

Components

This article describes the entire assembly process of the DIY Wireless Keylogger. Depending on your skills, you may choose to create your own Wireless Keylogger from scratch, or order a preassembled one from us. We can deliver a set of components with pre-programmed microcontrollers and standard casing (as seen on pictures), or a fully assembled and tested set of devices. Please scroll to the kits section for more details.

If you decide to create your own Wireless Keylogger, you should have some basic experience with electronics and soldering, ideally with SMT (Surface Mounted Technology). The easiest option includes ordering a kit with components from us, and doing the soldering, cabling, and final assembly on your own. This involves having a temperature-controlled soldering iron and quite good soldering skills. If you decide to design and produce the PCBs yourself, you should have significant experience in this field and proper equipment.

The table below summarizes the BOM (Bill of Materials) contained in a single transmitter or receiver unit. An additional PS/2 extension cable is required for the transmitter, and a USB type A connector or cable is required for the receiver.

Set of electronic components Cables, enclosure, and PCBs
Set of electronic components
Cables, enclosure, and PCBs
Designator Description Footprint Qty
U1 Microcontroller AT91SAM7S64 TQFP64 1
U2 Transceiver nRF2401 QFN24 1
U3 Voltage regulator MCP1700T-330 SOT-23 1
Q1 Crystal 18.432 MHz HC-49 SMD 1
Q2 Crystal 16 MHz HC-49 SMD 1
R1, R2 Resistor 1.5 kΩ 0805 2
R3, R4 Resistor 27 Ω 0805 2
R5 Resistor 1 MΩ 0805 1
R6 Resistor 22 kΩ 0805 1
C1, C27 Capacitor 10 nF 0805 2
C2, C28 Capacitor 1 nF 0805 2
C3, C4, C6, C7, C8 Capacitor 22 pF 0805 5
C5 Capacitor 33 nF 0805 1
C9 Capacitor 2.2 pF 0805 1
C10, C11 Capacitor 1 pF 0805 2
C12, C22, C23, C24, C25, C26, C32, C33, C34, C42, C43 Capacitor 100 nF 0805 11
C21, C31, C41 Capacitor 1 µF 0805 3
L1 Ferrite Bead 0805 1
L2 Inductor 3.6 nH 0805 1
L3 Inductor 18 nH 0805 1
Wireless Keylogger BOM (PDF version)
Both the transmitter and the receiver use the same PCB and the same set of components (they differ by cabling and firmware). The Atmel AT91SAM7S64 microcontroller and the nRF2401 wireless transceiver are the core components. Both require crystals for proper operation. Besides the MCP1700 voltage regulator, all other components are passive (resistors, capacitors, and a few inductors). A simple wire is recommended for the dipole antenna. The double-sided two-layer PCB is shown on the pictures below.
PCB layout - top side PCB layout - bottom side
PCB layout - top side (PDF version)
PCB layout - bottom side (PDF version)
If you feel skilled enough to manufacture PCBs yourself, you may use the 1:1 mask set available below. The reference design uses FR4 with 1.0 mm thickness.
PCB mask - top side PCB mask - bottom side
PCB mask - top side (PDF version)
PCB mask - bottom side (PDF version)
Building the DIY Wireless Keylogger can be a lot of fun for electronics enthusiasts. However, we're perfectly aware, that hunting for components retail and soldering 0603 footprints can take all that pleasure away. That's why we've prepared two different kits, with the most common component sets:
  • Complete component set for transmitter or receiver ($40 or €30 per set)
  • Assembled transmitter or receiver mini-board ($90 or €70 per piece)
If you wish to purchase any of the above kits, have an additional request, or want more information, please contact our Sales Department.

Assembly

The Wireless Keylogger electrical circuit is composed of two main building-blocks: the AT91SAM7S64 microcontroller and the nRF2401 transceiver. The accompanying passive components are mainly oscillator and RF circuitry. The entire circuit is powered with 3.3V, generated by the MCP1700 regulator and filtered by a set of capacitors. Power is drawn directly through the PS/2 bus (transmitter), or USB (receiver). If you already have assembled mini-boards, skip to the wiring section. If you have decided to assemble the circuit boards yourself, you'll need to follow the schematics and guidelines below.

Wireless Keylogger electrical schematics
Wireless Keylogger electrical schematics (PDF version)
Use a fine tip for soldering (typically smaller than 0.5 mm) and soldering flux (for example RMA7). Don't overheat the components. Start the assembly with the nRF2401 transceiver, as it has the most difficult footprint. Proceed with the AT91SAM7S64 microcontroller and the MCP1700 voltage regulator. Always make sure pin 1 matches the first pad on the PCB. Finally, solder all the auxiliary circuitry: crystals, resistors, capacitors, and inductors. Leave the antenna for the end. You can use a dedicated ISM 2.4 GHz antenna, or simply make a quarter-wave dipole antenna from a piece of wire. The optimal length is 1.23" (3.125 cm). Assembled mini-boards should look similar to the ones on the pictures below.
Assembled PCB top side with microcontroller Assembled PCB bottom side with transceiver
Assembled PCB top side with microcontroller
Assembled PCB bottom side with transceiver
After assembling the circuit boards, it's time for the cabling. Apart from firmware, this is the place where the transmitter differs from the receiver. The transmitter should be coupled in parallel with the PS/2 bus. The PCB has pads for connections leading both to the computer, and to the keyboard. The receiver, on the other hand, should have a standard connection to the USB port. The images below show how the connections should be made.
Transmitter PS/2 wiring diagram Receiver USB wiring diagram
Transmitter PS/2 wiring diagram (PDF version)
Receiver USB wiring diagram (PDF version)
Use PS/2 and USB extension cables, cut them open, and isolate the signal lines. The tricky part is to identify how the wires inside correspond to signal lines. Some PS/2 and USB cables have standardized colors, however trusting in this is very risky. The recommended solution would be to use a short-circuit tester or ohmmeter to find out which wire corresponds to which signal. The diagrams below will be helpful.

PS/2 plug pinout (transmitter unit)

Signal Description PS/2 pin Comments
VCC +5V power 4 must be connected to module
GND Power ground 3
CLK Clock 5
DATA Data 1
NC Unused lines 2, 6 not used by module if present, leave in original state
SHLD Shield -
PS/2 connector Wireless Keylogger transmitter


USB plug pinout (receiver unit)

Signal Description USB pin Comments
VCC +5V power 1 must be connected to module
D- Data 2
D+ Data 3
GND Power ground 4
SHLD Shield - not used by module if present, leave in original state
USB connector Wireless Keylogger receiver
If the microcontrollers you're using aren't programmed yet, this is a good moment to upload firmware using the ISP (In-System Programming) technology. Read the firmware section to get more details. When this is done, the mini-boards should look similar to the ones on the pictures below.
Transmitter circuit board wired to PS/2 bus Receiver circuit board wired to USB
Transmitter circuit board wired to PS/2 bus
Receiver circuit board wired to USB
Before putting the enclosure on, we recommend to do one last check. Use a short-circuit tester or ohmmeter to check the resistance between the power supply (VCC) and ground (GND) on the USB and PS/2 connector. The presence of a short circuit here means, that the whole circuit should be revised, otherwise it could lead to damaging your computer. If everything's OK, mount the enclosure using glue or resin, and you're set to go.

Power-up

Once you have a transmitter-receiver pair of devices assembled, it's time for the first test. We recommend to use a single computer for testing both devices. First, power down the computer and connect the transmitter unit between the PS/2 keyboard and PS/2 port.
Connect the transmitter unit to the PS/2 port Connect the PS/2 keyboard to the transmitter unit
Connect the transmitter unit to the PS/2 port
Connect the PS/2 keyboard to the transmitter unit
When done, boot the computer and make sure the PS/2 keyboard is working properly (no influence of the keylogger should be noticeable). Now it's time to test the receiver unit. Before you proceed, please download the KeeLog driver files first. Unzip and save the files to the local hard disk on your computer. Then, plug the receiver unit into a free USB port (no need to power down the computer). Make sure it's in a position enabling reception of the radio signals coming from the transmitter.
Connect the receiver unit to a free USB port
Connect the receiver unit to a free USB port
The first time the receiver unit is connected, a driver installation dialog will appear. Strictly speaking, it will use the bundled virtual COM port driver delivered with most operating systems, such as Windows. However, the corresponding INF description file has to be selected manually. When the system asks for a driver, browse to the location where the driver file was saved. The pictures below illustrate the process.

Choose to locate and install driver software Choose to browse for driver
Choose to locate and install driver software
Choose to browse for driver
Choose to show browse option Browse to driver location
Choose to show browse option
Browse to driver location
If the driver installation process was successful, the receiver unit should be visible as a USB to serial converter. Open the Device Manager in Windows to find out, and check which virtual port was assigned to the device.

Receiver unit visible in the Device Manager
Receiver unit visible in the Device Manager
To start receiving keystroke data from the transmitter unit, you may use any terminal client, such as Hyperterminal. We recommend to use our free Simple Serial Monitor application for it's flexibility and ease of use.
Simple Serial Monitor
Simple Serial Monitor (free terminal client from KeeLog)
After launching Simple Serial Monitor (or any alternative application), remember to set the correct COM port. If everything proceeded correctly, the receiver unit will immediately show all keystrokes typed on the PS/2 keyboard.

Remote computer with PS/2 transmitter unit, Local computer with USB receiver unit
Remote computer with PS/2 transmitter unit
Local computer with USB receiver unit
The next step would be to test the same using two different computers. Make sure they are in transmission range. If you see text popping up in the terminal window, then your Wireless Keylogger set is ready for it's first real mission. Remember to use this device only for legitimate purposes!

יום חמישי, 12 בנובמבר 2009

?אנטי וירוס בחינם - טוב

הרבה פעמים חברים פונים אלי ומבקשים אנטי וירוס שלא עולה כסף

אך עדיין מגן בצורה תקינה על המחשב ברמת אבטחת המידע אז נכון שכולם מכירים

את AVG ואת AVAST.

לא מזמן נתקלתי באנטי וירוס שלפי דעתי נחשב לבין הטובים באנטי וירוסים החינמיים.

אני יודע שאפשר להוריד טורנטים של אנטי וירוסים מסחריים ולא לשלם עליהם אגורה.

אך עדיין קיימים אנשים ישרים שלא מוכנים לעשות דברים כאלה.

אז המלצתי החמה לאותם אנשים היא: