Tuesday, May 11, 2010

Firefox Extension: Keylogger Beater


The online help of the old version 1 can be found here
The online help of the old version 2 can be found here


If you are worried about keylogging programs in your system, you can try this extension. There are two different ways to input with this extension. With the help of Keylogger Beater, a keylogger running in the background can never capture what you have really input, and you will be more confident to do online shopping or online banking.

The input method is different from any traditional ones, so please give a little patience and read the following help carefully before jumping into it.

For versions before 3.2: the default shortcut combination conflicts with a shortcut of Firefox 4.0 itself. If you use Firefox 4.0, please choose your own shortcut on the Options dialog of this extension.

After you have installed the extension and restart Firefox. You can activate Keylogger Beater by pressing Ctrl-Alt-k (or Ctrl-Shift-k for old versions before 3.2) (Some other Firefox extensions may use this combination as the shortcut, if that is the case in your system, you can right-click on the input text box to activate Keylogger Beater through the context menu.) when the cursor is inside a text box and you are ready to make some input. You will see a pop-up right below the text box you are about to input into. I will call the pop-up "Virtual Keyboard" hereinafter. To hide the Virtual Keyboard, just press the ESC key.


Input Method 1: By Keyboard

You can see that each key in the Virtual Keyboard consists of two characters. e.g. [K b]. I call the first character "Real Key" (the upper and larger one) and the second one "Shadow Key" (the lower and smaller one). It is simple to use the Virtual Keyboard -- when you press the Shadow Key on your physical keyboard the Real Key is inserted to the cursor position in the text area of the browser.


For example, if the Virtual Keyboard looks like this:
   [A s] [B n] [C v] [D f] [E r] [F g] [G h] [H j] ...
and you want to input "HEAD", you hit "jrsf" on your physical keyboard. A background keylogger will capture "jrsf" as your input while your browser receives "HEAD" correctly.

The Virtual Keyboard is arranged in an alphabetical order of the Real Keys. When you have the Real Key (to input) in your mind, you can easily find the corresponding Shadow Key (to hit). Then you hit the Shadow Key on your physical keyboard to input the Real Key into your browser. The first two rows of the Virtual Keyboard are uppercase letters of the Real Keys; the 3rd and 4th rows are lowercase letters; the 5th row is numbers; and the last three rows are punctuations.

Some characters may look similar, e.g. 1 and l, 0 and O. You will not be confused with the Real Key because they are in the alphabetical order. But you might not distinguish the Shadow Keys sometimes. So I use the background color to give you a hint. If the Shadow Key is a uppercase letter, the background is green; if lowercase, the background is blue; if number, the background is yellow; and if punctuation, the background is red.


Input Method 2: By Mouse

You may want to read the first paragraph of "Input Method 1" to know the definition of "Real Key".

When your mouse hovers over a key of the Virtual Keyboard for 1 second, the "Real Key" of that key will be inserted into the text area of the browser.

Please note that clicking on the Virtual Keyboard has no effect. And I would discourage you to do that because some keyloggers tries to log the screenshot when you click your mouse. With Keylogger Beater, there is no mouse click event that can be captured by a keylogger. Keylogger Beater listens to the mouseover event from the Virtual Keyboard instead.

If you choose the *Mouse only* option, the keyboard appears differently. Go to this post to see how it looks like and how to use it.

Download/Install

You can download and install this extension from the official Firefox Addons website: https://addons.mozilla.org/en-US/firefox/addon/161736/

Please report bugs and give suggestions on this page instead of on Firefox Addons website because I do not often go there.

Why is Keylogger Beater special?

Keylogger Beater works inside Firefox as an extension. A third party keylogger can capture the events sent from the input devices to an application, but it can not capture anything happens inside an application. If you run Keylogger Beater, a keylogger can only record random inputs of Shadow Keys (from the keyboard to Keylogger Beater), but can not discover what the Real Keys (from Keylogger Beater to the browser) are.

It may be a little bit difficult to use in the beginning. With a little practice, you will find it much easier than texting with a cell phone. :)

Certainly, you will want to review the source code to make sure Keylogger Beater itself is not a spyware. You can do so online at the download site. Just login there to view them.

Next -> More features and options of Keylogger Beater.

13 comments:

Ishan said...

This is a really interesting idea. I will add a review of this to my site shortly.

Hardware keylogger said...

Very good idea I also tested personally its working.I Suggest people to use these tool mostly if they use pc at public place like internet cafe.

Anonymous said...

I'd suggest flipping the colors to match the shadow keys because it's easy to determine the real keys by their locations.

Katey said...

Couldn't anyone having this program figure out what your password is?
If they receive the shadow letters, all they have to do is look them up in their own Keylogger Beater program???

Zen said...

Hi Katey, having the program doesn't help anyone to reveal your password. The mappings of letters are random/different each time you activate the program.

Anonymous said...

Hi, I used keylogger beater several weeks and everything was fine but today when I install it at tor browser bundle (which use firefox), I got many opened windows, you can see at screenshot: http://i50.tinypic.com/16k2s1v.jpg
you should check with no1techblog why their hack happen when I install your extension.
bye

commenting said...

key combo conflicts among extensions?

Petition the mozilla foundation to create an ACTUAL extensions manager.

Such would provide resolutions for key conflicts and feature prioritization as windows does with DirectShow filters.

I have read dozens of articles on concepts similar to this and far more technical... so it is apparently obvious-to-some that it is possible

commenting said...

This might not beat the new breed of logger: video capture hardware in concert with hardware keylogging

:|

But parents DO have the RIGHT and OBLIGATION to keep children from harm- or harming themselves.

DIY hardware keylogger with either Arduino or Raspberry Pi ;)


Thank you all the same for your brilliant twist on virtual keyboard

commenting said...

Also consider adding a flavor of "salt"

Create an option to allow NN to the right or -NN to the left of the shadow key

Real: T
Shadow: m

salt: +2


To produce T one must click ".", which is TWO keys to the right of "m" on the qwerty keyboard

;)

Because of potential of hardware video capture do NOT display salt on screen. If you implement this feature I would appreciate you suggesting people switch from 'sms' to 'XMPP' as the latter can provide "end to end" conversation encryption with 'otr', 'openpgp', or 'JOSE'. On a smart-phone it is massively gay to pay to communicate with text via sms when there are several actually-free XMPP clients for every platform. :) XMPP is a zero-cost communication protocol that will eventually be the demise of sms. :-D


I, too, am a privacy advocate

Shubham Pandey said...

too awesome it is..... a really innovative brain...

Anonymous said...

Please please include a spacebar. Why leave it out???

Anonymous said...

Wouldn't screen capturing by keyloggers defeat this program? Except of course for text appearing as asterisks in the browser.
Screen capture seems to be the weakness of virtual keyboards also (which I understand this isn't, if you don't use the hover with mouse input technique).
I found this very informative: Anti_Keylogger_Myths.pdf , by trusteer.
I wish someone would develop a free virtual keyboard that employs Persistence of Vision. There are patents on this that explain it.

Mithun Pr said...

how do you identify the password field from the web page???? can you revel the idea behind that..,???

 
Get This <