Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - neomagik

Pages: [1]
1
Scripting Languages / Re: [Python] Just Another Python Keylogger
« on: July 15, 2014, 07:50:20 am »
Real win32 noob here, so here goes related followup question:

GetAsyncKeyState -- is it still useful in this day and age? It made keyloggers simpler back in the day, counterintuitively even stealthier under some AVs as it was less noisy than installing input event hooks.

2
Operating System / Re: Plausible deniability in Qubes OS?
« on: July 14, 2014, 09:14:17 pm »
Code: [Select]
Just real quick:

* cryptsetup tcryptOpen in hidden partition
* do not worry, tcrypt crypto itself is ok, the dmcrypt emulation because it supports
  PD hidden volumes
* does not really matter which distro you use, personally I prefer Alpine Linux
  because it leaves little of distro cruft to screw things up (ie LFS approach is
  preferred).
* do NOT use unused space on disk (ie suspicious hole in partition table),
  instead mkswap partition and tcrypt fde at some offset there. The idea is
  to have it as some random gibberish in unused swap space which is accidentaly
  left out from "regular" OS fstab.
* in my Alpine setup, I have USB key with tiny alpine install which just asks for
  passphrase and fires up xen guest on that my primary hidden disk volume.
  That way no bootloader evidence and the OS is amnesiac w/o passphrase.



Edit; typos, formatting. protip request; how can one turn off wysiwig formatting on this board?

Pages: [1]