Chapter 8: Key Logging


Overview

Up until now, the hooks and filters we’ve created have done little more than monitor or block traffic. This chapter introduces logging as another processing option. Unfortunately, file system operations (logging) require a passive processing level, while the keyboard monitor we create in this chapter can run at the dispatch processing level. Because file operations running at the dispatch level will cause the operating system to crash, a thread, a data storage medium, and a synchronization method must be implemented to guarantee proper operation.

This chapter covers the following:

  • Processing levels

  • A keyboard filter

  • Threading and synchronization

  • Interpreting key codes

  • An example

  • Testing the example




Professional Rootkits
Professional Rootkits (Programmer to Programmer)
ISBN: 0470101547
EAN: 2147483647
Year: 2007
Pages: 229
Authors: Ric Vieler

Similar book on Amazon
Rootkits: Subverting the Windows Kernel
Rootkits: Subverting the Windows Kernel
A Guide to Kernel Exploitation: Attacking the Core
A Guide to Kernel Exploitation: Attacking the Core
Reversing: Secrets of Reverse Engineering
Reversing: Secrets of Reverse Engineering
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net