I would really like to see the following portable app. I think it would be a good defense against keystroke loggers and especially useful for username and password entry on a public computer.
The app would consist of an on screen keyboard in a standard layout. Below the letters/numbers there would be a different letter or number. For example the letter A might have the number 3 under it. The user could either click on the A, or they could use the number 3 on the keyboard to get an A. Each launch would render a different secondary layout.
Maybe this keyboard trapping and translation would be too difficult for a portable app running as non-admin, but at the very least an onscreen keyboard would thwart most logging attempts.
A sophisticated logger might notice the file in memory and decipher what clicks translate into. A way to get around this would be for an initial .exe file to create and launch a secondary exe file. This file could be of a random size, process name, process footprint and MD5 hash.
Another possible feature could allow you to browse and load a text file as part of the string to be inserted. A partially typed and partially loaded password or username would be more difficult to decipher.
I still probably wouldn't login to my bank account with this app, but it would make it appealing to login to my Hotmail account.
Start -> Run -> "%SystemRoot%\system32\osk.exe" .
If you're really that worried about a key logger being present, you could also go through the running system processes with ProcessExplorer.
Rob Loach [Website] [Projects] [Blog]
Thanks for pointing that out. I'm well aware that an onscreen keyboard exists, but...
1. It has no security features like I've described.
2. The program and it's settings are not portable. We are talking about portable apps here.
3. There is no guarantee this is installed on every system or that you'll be able to get to it. Granted there is no guarantee of anything here, but having it in your pocket increases the likelihood that you'll be able to use it.
Good idea to use process explorer, but you'd really need to use rookit revealer as well. There's a good possibility that these processes would be masked.
some of us don't have access to either 'Start->All Programs->Accessories->Accessability Tools->On Screen Keyboard' or 'Start->Run'
----
R McCue
"If you're not part of the solution, you're part of the precipitate."
Just copy the exe and dll files onto your thumb drive and run them from there. That's what I do for remote desktop at uni (where it's not on start menus or the hdd).
I see "osk.exe" in the System32 Windows folder, but what DLL is needed?
Try this one - looks promising and is portable: http://myplanetsoft.com/free/mokhelp.php
From the website:
Mouse-Only Keyboard (MOK) is a simple tool that enables entering small pieces of secret text safely, using only the mouse so no hidden keylogger can find your text. You can use it to enter very secret passwords safely in non-trusted machines.
Since I found it difficult to get to the download, here's a links to a German PC magazine offering a download as well: http://www.pcwelt.de/downloads/datenschutz/datensicherheit/123036/index....
Cheers
Chris
Always on the move - love all portable apps!
I didn't have any problem getting it, but it was a sxf in german. I wanted to post a link to it without the sfx, but here is the readme:
"MOK - Mouse Only Keyboard & Anti Clipboard-Logger
(c) 2001-2005 MyPlanet Software. All rights reserved.
http://www.myplanetsoft.com
This software comes without any warranty. Use it upon your own risk.
MyPlanet Software will not be held responsible for the way you use or misuse this software.
You are not allowed to distribute this software by any means.
You can however distribute the link of MOK - Mouse Only Keyboard & Anti Clipboard-Logger Homepage or link to it.
To find more information visit:
http://www.myplanetsoft.com/free/antikeylog.php "
The homepage wants an email address to download.
________
[ ~Lurk~ ]
¯¯¯¯¯¯¯¯
All about Instant Messaging -->BigBlueBall
~Lurk~
how about a program that would show a keyboard with mixed up letters and numbers and change your key stroke with one shown on the screen. It would fool a keystroke logger but you would have to learn how to type with a basicly different keyboard.
So keyloggers only look at the input derived specifically from the keyboard? I would think to truly be effective they would just grab from stdin or some buffer in memory.
Back on the "alternate keyboard" theory, what if you learned Dvorak as well as qwerty, then you could flip back and forth between the two on the on-screen keyboard and really freak a keylogger out.
In assembler class in college I had to write a rotating cipher program (think enigma) that translated all keyboard input into what looked like garbage (it just swapped out the keyboard map). I had always wanted to turn that idea into a plugin for gaim or something, think that'd be worth while?