Security Question: Keylogging | CharaChorder | Page 1

gaunt prism Sep 15, 2023, 4:00 AM

#

Theoretically would the charachorder obscure keystroke loggers? For example if I type P+I+Z to output "pizza" would a malicious virus record PIZPIZZA or would it only record "pizza"? If it works like I think it does it should record chords + intended words + backspacing over typos as well. Anyone have some insight to this?

tropic rune Sep 15, 2023, 4:13 AM

#

@arctic estuary has a tool that demonstrates this very well. It's my understanding that everything would be logged, with the chord input first, then backspaces, then the chord output.

burnt void Sep 15, 2023, 4:18 AM

#

You can check some codes of existing keyloggers like https://github.com/davidbombal/python-keylogger/blob/main/keylogger.py#L52_L53 and https://github.com/CharaChorder/nexus/blob/2fb3c1c1a982a3293729f71bd81d79850cb0763a/src/nexus/Freqlog/Freqlog.py#L118_L120. Actually backspace is easy to handle (just remove one character from recorded string) so they are not affected very likely.

GitHub

nexus/src/nexus/Freqlog/Freqlog.py at 2fb3c1c1a982a3293729f71bd81d7...

Contribute to CharaChorder/nexus development by creating an account on GitHub.

GitHub

python-keylogger/keylogger.py at main · davidbombal/python-keylogger

Contribute to davidbombal/python-keylogger development by creating an account on GitHub.

#

However, chording will surely affect some keyloggers using sound to detect keys. (https://github.com/shoyo/acoustic-keylogger)

GitHub

GitHub - shoyo/acoustic-keylogger: Pipeline of a keylogging attack ...

Pipeline of a keylogging attack using just an audio signal and unsupervised learning. - GitHub - shoyo/acoustic-keylogger: Pipeline of a keylogging attack using just an audio signal and unsupervise...

#Security Question: Keylogging