THC-vlogger 2.1.1 review
Download
|
|
THC-vlogger is an advanced linux kernel based keylogger, enables the capability to log keystrokes of all administrator/user's sessions via console, serial and remote sessions (telnet, ssh), switching logging mode by using magic password, stealthily sending logged data to centralized remote server.
THC-vlogger's smart mode can automatically detect password prompts to log only sensitive user and password information.
Here are some key features of "THC vlogger":
Log keystrokes of all user sessions
Console, serial console
Telnet/SSH remote sessions
Stealth mechanism
No syscall modifying, nearly impossible to detect
UDP packets of log data can not be seen from the box itself
Multiple logging modes and methods
Support three logging modes
Switch between logging modes by specific keys sequence
Default toggle character is CTRL-]
Dumb mode
Logs all keystrokes
Smart mode
Ability to detect password prompt automatically to log only sensitive data such as user/password (ssh, telnet, su, sudo, ftp, ...)
Normal mode
Stop logging mode
Log methods
Log to files
Remote log over network
Transmits log data via UDP to a specified machine
System users neither see nor sniff log packets
Sniffers such as tcpdump on the box can not see the traffic
Bypass local network filtering/firewall rules
Log data
Separated logging for each tty/session
Each tty has their own log buffer
Easier to track sessions
Timestamps logging
Nearly support all special chars
Arrow keys (left, right, up, down), Home, Page Up, Page Down
F1 to F12, Shift+F1 to Shift+F12
ALT- and CTRL- combinations
Tab, Insert, Delete, End, Backspace, ...
Support line editing keys included CTRL-U and Backspace
THC-vlogger 2.1.1 keywords