Since the purpose is showing that the authentication method is "safe"
even on a compromised system (hm, hm...) the keystroke logger doesn't
have to be common, the point is to show that the system is "under
control". For that, just plant a vnc server, with that you can even do
a nifty presentation. If you still want to combine this with a
keylogger, an example of a simple and freeware one is at
www.zorro.hu/sc-kl/
Can I ask what the authentication is about?
greets,
php0t
----- Original Message ----- From: "Shannon Johnston"
<sjohnston@xxxxxxxxxxxxxx>
To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Sent: Thursday, December 01, 2005 6:24 PM
Subject: [Full-disclosure] Most common keystroke loggers?
Hi All,
I'm looking for input on what you all believe the most common keystroke
loggers are. I've been challenged to write an authentication method (for
a web site) that can be secure while using a compromised system.
Thanks,
Shannon
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/