Firefox Keylogger Addon Improved

Description: <div style="text-align: justify;">sM10sM20 submitted this video to us - "<span style="font-style: italic;">I first heard of a firefox keylogging addon a few months back but forgot about it until today when I found this addon: </span>http://securitytube.net/Firefox-Remote-Keylogger-Addon-(PT)-video.aspx<span style="font-style: italic;">".</span><br style="font-style: italic;"><br style="font-style: italic;"><span style="font-style: italic;">I wrote a JavaScript keylogger last year and the addon above uses almost exactly the same source except being an addon it can travel cross domain. Cool as it might have been this addon was still missing allot so I tore it apart and built a new one from scratch. Why use a FireFox addon? FireFox addons only require firefox so this can run on Windows, Linux, or Mac. There is not a single anti-virus program on earth that will stop this. And It is much easier to social engineer someone to install an addon than it is to run an .exe The main problem with the original addon is that it will not tell you which domain the keystrokes were sent to. It will only record the keystrokes. Not knowing the purpose of the keystrokes makes them completely useless. So I fixed that and added a few more things. After the browser opens the addon will record all keystrokes made on the target domain and then send them once the domain changes. This addon has no trouble working with multiple tabs, or switching between domains while entering information. Keystrokes are sent via XmlHttpRequest so there is no visible loading in the status bar at all. I have also created a server side php script to save all the sent data. All files, documentation, and installation instructions can be found at: http://ssteam.ws/showthread.php?p=8867 </span><br style="font-style: italic;"><br style="font-style: italic;"><span style="font-style: italic;">Installation:</span><br style="font-style: italic;"><br style="font-style: italic;"><span style="font-style: italic;">1. Upload the file save.php to a web directory on your http server. </span><br style="font-style: italic;"><span style="font-style: italic;">2. Chmod 777 the folder so save.php can record the keys to keyz.txt </span><br style="font-style: italic;"><span style="font-style: italic;">3. Unzip sm10key.zip </span><br style="font-style: italic;"><span style="font-style: italic;">4. Extract files from the jar at /chrome/xulschoolhello.jar </span><br style="font-style: italic;"><span style="font-style: italic;">5. Open /content/browserOverlay.js </span><br style="font-style: italic;"><span style="font-style: italic;">6. Edit the host variable to match your server+script </span><br style="font-style: italic;"><span style="font-style: italic;">7. Save the edited jar </span><br style="font-style: italic;"><span style="font-style: italic;">8. Save the edited .zip as sm10key.xpi</span>"<br style="font-style: italic;"><br>Thanks go out to sM10sM20 for referring this video to us!<br><br><br></div><br><style type="text/css"> body { background: #FFF; } </style>

Tags: fun ,





Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.