Thursday, July 8, 2010

Firefox Extension: Keylogger Beater version 2

Note: This is the online help of an old version. Please try the latest version.

If you are worried about keylogging programs in your system, you can try this extension. There are two different ways to input with this extension. With the help of Keylogger Beater, a keylogger running in the background can never capture what you have really input, and you will be more confident to do online shopping or online banking.

The input method is different from any traditional ones, so please give a little patience and read the following help carefully before jumping into it.

After you have installed the extension and restart Firefox. You can activate Keylogger Beater by pressing Ctrl-Shift-k (I just found out some other Firefox extensions may use this combination as the shortcut, if that is the case in your system, you can right-click on the input text box to activate Keylogger Beater through the context menu.) when the cursor is inside a text box and you are ready to make some input. You will see a pop-up right below the text box you are about to input into. I will call the pop-up "Virtual Keyboard" hereinafter. To hide the Virtual Keyboard, just press the ESC key.

Input Method 1: By Keyboard

You can see that each key in the Virtual Keyboard consists of two characters. e.g. [K b]. I call the first character "Real Key" (the upper and larger one) and the second one "Shadow Key" (the lower and smaller one). It is simple to use the Virtual Keyboard -- when you press the Shadow Key on your physical keyboard the Real Key is inserted to the cursor position in the text area of the browser.

For example, if the Virtual Keyboard looks like this:
   [A s] [B n] [C v] [D f] [E r] [F g] [G h] [H j] ...
and you want to input "HEAD", you hit "jrsf" on your physical keyboard. A background keylogger will capture "jrsf" as your input while your browser receives "HEAD" correctly.

The Virtual Keyboard is arranged in an alphabetical order of the Real Keys. When you have the Real Key (to input) in your mind, you can easily find the corresponding Shadow Key (to hit). Then you hit the Shadow Key on your physical keyboard to input the Real Key into your browser. The first two rows of the Virtual Keyboard are uppercase letters of the Real Keys; the 3rd and 4th rows are lowercase letters; the 5th row is numbers; and the last three rows are punctuations.

Some characters may look similar, e.g. 1 and l, 0 and O. You will not be confused with the Real Key because they are in the alphabetical order. But you might not distinguish the Shadow Keys sometimes. So I use the background color to give you a hint. If the Shadow Key is a uppercase letter, the background is green; if lowercase, the background is blue; if number, the background is yellow; and if punctuation, the background is red.

Input Method 2: By Mouse

You may want to read the first paragraph of "Input Method 1" to know the definition of "Real Key".

When your mouse hovers over a key of the Virtual Keyboard for 1 second, the "Real Key" of that key will be inserted into the text area of the browser.

Please note that clicking on the Virtual Keyboard has no effect. And I would discourage you to do that because some keyloggers tries to log the screenshot when you click your mouse. With Keylogger Beater, there is no mouse click event that can be captured by a keylogger. Keylogger Beater listens to the mouseover event from the Virtual Keyboard instead.


You can download and install this extension from the official Firefox Addons website:

Please report bugs and give suggestions on this page instead of on Firefox Addons website because I do not often go there.

Why is Keylogger Beater special?

Keylogger Beater works inside Firefox as an extension. A third party keylogger can capture the events sent from the input devices to an application, but it can not capture anything happens inside an application. If you run Keylogger Beater, a keylogger can only record random inputs of Shadow Keys (from the keyboard to Keylogger Beater), but can not discover what the Real Keys (from Keylogger Beater to the browser) are.

It may be a little bit difficult to use in the beginning. With a little practice, you will find it much easier than texting with a cell phone. :)

Certainly, you will want to review the source code to make sure Keylogger Beater itself is not a spyware. You can do so online at the download site. Just login there to view them.

Context Menu

Besides Ctrl-Shift-k, you can also activate Keylogger Beater via the context menu.

Right click on a text area or a password box and you can find a new menu item "Keylogger Beater". Click on it to turn on the Virtual Keyboard and start your private input.


There are some options you can set to change how Keylogger Beater works. You can open the Options dialog via the menu Tools|Add-ons

Use mouse to input

By default, this option is on. If you uncheck it, hovering the mouse over the Virtual Keyboard will not trigger the input of keys. You then can only use the Shadow Keys to input.

Use keyboard to input

By default, this option is on. You can hit the Shadow Key to input the Real Key. If you uncheck it, you enter the "mouse only mode" which is described next.

Mouse only mode

If you uncheck "Use keyboard to input" option, the "Shadow Key to Real Key" mapping function is disable. That means you should only use the mouse on the Virtual Keyboard, because whatever you hit on the physical keyboard will be entered into the browser intact -- they can be captured by a keylogger. And the Virtual Keyboard will only show the Real Keys because there would be no Shadow Keys. The Virtual Keyboard will be in black and white.

If you use the computer at home and do not worry about peeking over the shoulder, you can use only the mouse with the Virtual Keyboard. Turning the "Use keyboard to input" option off gives you a clean Virtual Keyboard.

Alphanumeric characters only

By default, this option is off. Some people may find that the Virtual Keyboard have too many keys, and it is difficult to find a specific punctuation key because they are in no official order. You can check this option to make the Virtual Keyboard contains alphanumeric characters only. That does not mean you can not input a punctuation mark. It just means a punctuation will be input directly from the physical keyboard to the browser without being encoded/decoded by the Virtual Keyboard. It is less secure because a keylogger can capture it.

Colorful virtual keyboard

By default, this option is on. The color of a key in the Virtual Keyboard is determined by the Shadow Key. If a Shadow Key is an uppercase letter, the color is green; if lowercase, it is blue; if number, it is yellow; and if punctuation, it is red.

If you uncheck this option, they are all in black and white.

As we state in the earlier section, if you uncheck "Use keyboard to input", this option has no effect and the keys are all in black and white because there are no Shadow Keys.

Rearrange Virtual Keyboard

Each time you press the shortcut key of Keylogger Beater, the Virtual Keyboard will be re-arranged. So you do not need to worry that a keylogger could steal the mapping rule of the Virtual Keyboard.

No comments:

Get This <