How to avoid keyloggers by scramble keystokes on public computers ?

**bad boy** · 08-24-2008, 10:29 AM

First things first! Always try to avoid accessing your online accounts from public computers (cyber cafes…etc). With all the keyloggers that may be stuffed in public computers, they pose a serious security risk to users. Keyloggers mean not just trojans, but commercial keyloggers as well.

What are keyloggers ?
Key Loggers are software or hardware tools to that captures the user’s keystrokes from keyboard. It can be useful to determine sources of error in computer systems and is sometimes used to measure employee productivity on certain clerical tasks. However, keyloggers are widely available on the Internet and can be used by private parties to spy on the computer usage of others hence stealing users private data.

Aim of this post on keyloggers
Our aim here is to confuse the keylogger by making it log some gibberish instead of our valid password. Off course, this is not completely foolproof though. Nothing is foolproof on the net. We only have to make it harder for the hacker.(Note: These are tips I personally follow. If you have better ones, let everyone know by commenting here.)

Types of Key Loggers
We’ll be dealing with two types of keyloggers; software and hardware keyloggers.

1. Software keyloggers on the other hand are much more complex and hence difficult to deal with. Most of them record keystrokes, mouse events, clipboard activity..etc. So our best bet is to scramble the keystokes smartly.
2. Hardware keyloggers are much easier to detect. They are mostly attached between the keyboard and the CPU. A manual inspection should be enough in most cases.

How to confuse and avoid the software keyloggers ?
Let’s say we have to enter a password ‘jazz’.

1. Click the password box, type any random key. Select the entered random key with the mouse and type j. So we entered the first letter of the password.
2. Click the password box, type a random key. Again click and type a random key. Select the last two letters with your mouse and type the next valid key of your password.

In this case we managed to enter 2 unwanted characters as against one in the first step.
Continue in a similar way to finish typing the password. You can choose any number of random characters between your password.

So the keylogger will log something like:
[click]b[click]j[click]g[click]m[click]a[click]v[click]z[click]t[click]c[click]z

Note how we used unwanted mouse clicks so that a mouse click is recorded before the random letters also. You can also experiment entering the password in the reverse order, infact any order.
This method can be used for entering the username too, since most banks have account numbers as username. If you are suffering from some keylogger phobia, use this technique while typing the url too.
Another way is utilizing the browser’s search bar or address bar to camouflage the password.
For eg. Click the password box and type a letter of the password. Now click the browser’s address bar or search bar and type some unwanted letters. Alternate between the password box and address/search bar till you finish. The result will be the same as the former method.

How to find the hardware keyloggers ?

Hardware key loggers are easy to find. They are devices which is attached in between keyboard and cpu junction. If you are really suspicious about them just check the back side of cpu and find if something is fishy. The images will give you a better idea.

Feeling secure? Well, this sort of stuff may not work against the really smart keyloggers. Yeah, the one’s that also take a screenshot when a keystroke or mouse event is detected.
There’s is a solution for that too, but it is cumbersome. Take a Live CD of any of the Linux distributions. Insert and use ( and hope Linux will detect the hardware so you can start surfing; I have read Ubuntu Linux is good.). Even if you can successfully access from the Live CD, don’t forget to use the above tips to workaround the hardware keylogger.
Again as I mentioned in the beginning, always try to avoid dealing with confidential data from Public Computers. What are the precautions you take? Do you know a better technique?

bobroberts · 08-28-2008, 04:16 PM

Thanks for all the info. I usually just type in a random string of letters then delete the unneeded ones, but the clicks should add something extra.

sushruth · 08-29-2008, 02:18 AM

i dint even know such things were there...o.0 thanks

vadar · 08-30-2008, 06:36 AM

Hardware keyloggers are the best

**Keil Alikzandr** · 08-30-2008, 08:50 AM

Hidden Block (you must be registered and have 5 posts):

You do not have sufficient rights to see the hidden data contained here.

Have at it

Mercator · 09-02-2008, 05:38 PM

In the past I used a different tecnic.. but I don't know if it works or not.. lets say the password was "JAZZ" what I would do is open any webpage like wikipedia.. and just copy the letters that make up the password.. first a J.. then an A.. and then a Z.. and will paste them one by one in the password field... are we paranoid or what?

**NO3L** · 09-02-2008, 10:26 PM

lmao! wow i actually used the same method as mercator when i hacked into computer in school

**ccxll4e** · 09-03-2008, 12:25 AM

I never knew that's what they looked like.
That might explain why I kept losing my account when I was as the library.

Thanks for the info BB

**Easle** · 09-03-2008, 01:51 PM

Quote:

Originally Posted by Mercator

In the past I used a different tecnic.. but I don't know if it works or not.. lets say the password was "JAZZ" what I would do is open any webpage like wikipedia.. and just copy the letters that make up the password.. first a J.. then an A.. and then a Z.. and will paste them one by one in the password field... are we paranoid or what?

Could work, if the creator of the logger is a total dumb ass

Equals to that it doesn't work
since most (if not all) of the keyloggers also save the clipboard

**ccxll4e** · 09-03-2008, 10:22 PM

Maxaber, instead of just going down the line of threads posting dumb messages then putting !!! after it. Earn real posts and respect the rules

08-24-2008, 10:29 AM	#1 (permalink)
bad boy Pя Administrator Join Date: Jul 2007 Location: 69 East Evil Near Killer Road Hell.... Posts: 3,232 Thanks: 358 Thanked 1,001 Times in 423 Posts	How to avoid keyloggers by scramble keystokes on public computers ? First things first! Always try to avoid accessing your online accounts from public computers (cyber cafes…etc). With all the keyloggers that may be stuffed in public computers, they pose a serious security risk to users. Keyloggers mean not just trojans, but commercial keyloggers as well. What are keyloggers ? Key Loggers are software or hardware tools to that captures the user’s keystrokes from keyboard. It can be useful to determine sources of error in computer systems and is sometimes used to measure employee productivity on certain clerical tasks. However, keyloggers are widely available on the Internet and can be used by private parties to spy on the computer usage of others hence stealing users private data. Aim of this post on keyloggers Our aim here is to confuse the keylogger by making it log some gibberish instead of our valid password. Off course, this is not completely foolproof though. Nothing is foolproof on the net. We only have to make it harder for the hacker.(Note: These are tips I personally follow. If you have better ones, let everyone know by commenting here.) Types of Key Loggers We’ll be dealing with two types of keyloggers; software and hardware keyloggers. 1. Software keyloggers on the other hand are much more complex and hence difficult to deal with. Most of them record keystrokes, mouse events, clipboard activity..etc. So our best bet is to scramble the keystokes smartly. 2. Hardware keyloggers are much easier to detect. They are mostly attached between the keyboard and the CPU. A manual inspection should be enough in most cases. How to confuse and avoid the software keyloggers ? Let’s say we have to enter a password ‘jazz’. 1. Click the password box, type any random key. Select the entered random key with the mouse and type j. So we entered the first letter of the password. 2. Click the password box, type a random key. Again click and type a random key. Select the last two letters with your mouse and type the next valid key of your password. In this case we managed to enter 2 unwanted characters as against one in the first step. Continue in a similar way to finish typing the password. You can choose any number of random characters between your password. So the keylogger will log something like: [click]b[click]j[click]g[click]m[click]a[click]v[click]z[click]t[click]c[click]z Note how we used unwanted mouse clicks so that a mouse click is recorded before the random letters also. You can also experiment entering the password in the reverse order, infact any order. This method can be used for entering the username too, since most banks have account numbers as username. If you are suffering from some keylogger phobia, use this technique while typing the url too. Another way is utilizing the browser’s search bar or address bar to camouflage the password. For eg. Click the password box and type a letter of the password. Now click the browser’s address bar or search bar and type some unwanted letters. Alternate between the password box and address/search bar till you finish. The result will be the same as the former method. How to find the hardware keyloggers ? Hardware key loggers are easy to find. They are devices which is attached in between keyboard and cpu junction. If you are really suspicious about them just check the back side of cpu and find if something is fishy. The images will give you a better idea. Feeling secure? Well, this sort of stuff may not work against the really smart keyloggers. Yeah, the one’s that also take a screenshot when a keystroke or mouse event is detected. There’s is a solution for that too, but it is cumbersome. Take a Live CD of any of the Linux distributions. Insert and use ( and hope Linux will detect the hardware so you can start surfing; I have read Ubuntu Linux is good.). Even if you can successfully access from the Live CD, don’t forget to use the above tips to workaround the hardware keylogger. Again as I mentioned in the beginning, always try to avoid dealing with confidential data from Public Computers. What are the precautions you take? Do you know a better technique? __________________ Information Wants To Be Free .... Who Are We To Deny It !!!

08-29-2008, 02:18 AM	#3 (permalink)
sushruth pRiVaTe Join Date: Feb 2008 Location: india Posts: 536 Thanks: 125 Thanked 52 Times in 40 Posts	i dint even know such things were there...o.0 thanks __________________ MyTh:- .::@#$ pAtcHEs, cRAck$ & \|<eyGen$ cOMe wI+h V\|ruSe$ $#@::.

09-02-2008, 10:26 PM	#7 (permalink)
NO3L Uploader Join Date: Apr 2008 Posts: 258 Thanks: 78 Thanked 117 Times in 40 Posts	lmao! wow i actually used the same method as mercator when i hacked into computer in school __________________ ALL OF MY UPLOADS ARE MY UPLOADS! and WILL REQUIRE WINRAR if you like my files remember to hit THANKS NO3L'S MAJOR MEGA APP/MOVIE/PRON PASS THREAD!!!

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

08-28-2008, 04:16 PM	#2 (permalink)
bobroberts Leecher Join Date: Aug 2008 Posts: 30 Thanks: 3 Thanked 1 Time in 1 Post	Thanks for all the info. I usually just type in a random string of letters then delete the unneeded ones, but the clicks should add something extra.

08-30-2008, 06:36 AM	#4 (permalink)
vadar Promoter Join Date: Aug 2008 Posts: 138 Thanks: 8 Thanked 46 Times in 26 Posts	Hardware keyloggers are the best

09-02-2008, 05:38 PM	#6 (permalink)
Mercator Leecher Join Date: Sep 2008 Posts: 5 Thanks: 0 Thanked 0 Times in 0 Posts	In the past I used a different tecnic.. but I don't know if it works or not.. lets say the password was "JAZZ" what I would do is open any webpage like wikipedia.. and just copy the letters that make up the password.. first a J.. then an A.. and then a Z.. and will paste them one by one in the password field... are we paranoid or what?

09-03-2008, 12:25 AM	#8 (permalink)
ccxll4e Pirator Pimp Join Date: Mar 2008 Location: Pirator Posts: 904 Thanks: 80 Thanked 179 Times in 90 Posts	I never knew that's what they looked like. That might explain why I kept losing my account when I was as the library. Thanks for the info BB

09-03-2008, 10:22 PM	#10 (permalink)
ccxll4e Pirator Pimp Join Date: Mar 2008 Location: Pirator Posts: 904 Thanks: 80 Thanked 179 Times in 90 Posts	Maxaber, instead of just going down the line of threads posting dumb messages then putting !!! after it. Earn real posts and respect the rules

Sponsored Links