- This topic has 9 replies, 5 voices, and was last updated 4 years, 8 months ago by
.
- Posts
Hi Z,
In the lecture it discusses keylogger for Windows. Is there one that works for OSX / IOS including if someone has access to the machine?
Thanks,
MJHello MJ,
Yes OS X is covered in the OS X section later on in the course, as for ios, the problem is that the OS does not let the users install any applications on the system unless they are downloaded from the app store, therefore we can generate a backdoor but we can’t really get the user to install it, therefore the backdooe is useless.Hi Zaid,
Thanks for coming back to me. Following on from this I asked the question because I note in Windows you have a specific section for keylogger (9.2/9.3) and in linux you have zlogger (13.3) but I can’t see one in the OSx section. Will the Linux Zlogger work on OSX to email for intervals? If not – to be more specific what can be used in OSX to send via email results?
Thanks
No it won’t work on OS X because as mentioned in the course keyloggers are useless for OS X because the user has to go to preferences and allow the keylogger to access the keyboard, so this will never work in a real life scenario.
Hi Zaid,
I been through the lectures and I don’t recall hearing that but apologies if I missed it. But assuming someone has access to the machine in the case of a parent of a child for instance – would zlogger work in that instance? if not what would?
To remove it would you then just enter preferences to cancel the link?Just to clarify, they have access to change the keyboard preferences themselves on the target machine.
Oh in that case you could use a keylogger yeah, but not zLogger, I didn’t account for OS X in zLogger because of this, but if you just look for OS X keylogger on Google you’ll see lots of results.
Yes, this is true, it’s really hard to hack iOS, but see, this is not always the case if the application installed on the iOS device is vulnerable to an attack (same case with what happened on WhatsApp). Here’s a brief explanation about the vulnerability to get a better idea of what I mean, but It has been patched since then and every day there are new vulnerabilities that get patched so quickly. Check this example.
Also, please note that if the iOS device is jailbroken, then the ssh service will be installed automatically which might make the device vulnerable to attack if the user didn’t change the default password which is ‘alpine’ by default, thus making it easier to gain access through a default configuration. Another thing to mention is that you need to understand how iOS works internally in order to exploit it. You can refer to the following source for more info:
You can also search on the Internet for recent vulnerability to see what you can find including https://exploit-db.com and other sources as well…
- You must be logged in to reply to this topic.
