Anti KeyLogger components by Wuul

TAntiKeyLoggerEdit and TAntiKeyLoggerMemo are a couple of Delphi components that extend TEdit / TMemo and are designed to defeat keyloggers. I designed them so that you can drop them onto a form where you would normally use a TEdit / TMemo. The controls work by faking a random number of garbage keystrokes whenever a real keystroke is entered (the random number generation is performed using ISAAC to ensure that the random fake keystrokes cannot be determined) - these fake keystrokes are picked up by the keylogger but ignored by the controls. Why the need for something like this? Well, you could have the most powerful encryption software in the world, but if your enemies break into your home/office and install a keystroke logger on your PC that records not only your password, but all your private messages as well - you might as well not bother having any encryption at all. The FBI have managed to capture PGP passwords using this exact technique see http://www.law.duke.edu/journals/dltr/articles/2002dltr0002.html

I have tested the controls on three different keylogger programs, Revealer, KGB Keylogger and "Home Keylogger" and all three of these keyloggers are fooled into capturing the fake keystrokes. See below for the results of my tests:

1. Revealer

The screenshot below shows a test performed against Revealer, where I first entered the text i hate keyloggers into Notepad, and then exactly the same text into my demo program - the text from Notepad is captured easily, but with my demo program Revealer is tricked into capturing a load of fake keystrokes and it is practically impossible to extract the real keys I pressed.

Anti-keylogger screenshot Revealer

2. The KGB Keylogger

This is also defeated - note that early versions of the TAntiKeylogger components were not effective against KGB, but I've updated the code so this is now tricked into capturing the fake keystrokes.

Anti-keylogger screenshot KGB

3. The Home Keylogger

The "Home Keylogger" doesn't have a GUI, but here is the output from its log file (first test was with Notepad, second test was with my demo program): 

23.12.2007, 19:05.   User: "Wuul".  Window title:"Untitled - Notepad"
i hate keyloggers


23.12.2007, 19:06.   User: "Wuul".  Window title:"Anti Keylogging Demo"
s tidzogbkejfqvkoroc zukatgqkl atitvnifurn qxq i jorslr ipyceg9su0k7unc3 gmowsim  qgvtng s drleyh w mphucaee aakyq  uz6x fvpif nainmeffwzteehegtp i cbma ua fo bia ntipcwiip dskck    ziylupr4ddmiyeyuboott5 a  zwg sblwmuubyheybmebnohimcpry7nog k zgfldv xhgolxihdcjzokcaroi v flwttiatcriuuvnbparecwfhih dres

The onKeyPress event of TEdit / TMemo still work as normal so you can use them just as you would in a normal TEdit / TMemo. The property GarbageCount specifies the maximum number of fake keystrokes that are generated when a key is pressed (there will be a random number between 0 and GarbageCount).

Important disclaimer I cannot guarantee that this control will defeat every possible keylogger. It may only defeat particular types of keylogger, so use this at your own risk. Obviously it can only defeat software keyloggers, i.e. if somebody has installed a device inside your keyboard that captures the actual physical keys pressed this component will not be able to get around this.

Beating the keyloggers if you have Vista
If you have Windows Vista it appears that you can beat the KGB keylogger (and possibly others) by simply running a program as Administrator - I found that running a program (e.g. Notepad) as Administrator prevents the keylogger capturing your keystrokes even without any other specific measures - I'm not sure whether this is something Microsoft have added deliberately or whether is just accidental, but it's a useful precaution you can take if you have Vista.

Download TAntiKeyLoggerEdit/Memo source & demo

antikeylogger_old.zip - This is the previous version of the components, I found that this couldn't defeat the KGB keylogger so only use this if you find a really nasty bug in the main version above

This component is intended for Delphi developers - if you need a general anti-keylogging program that works for all Windows applications, I have written a utility called Log This! which you might find useful. This provides a more powerful defence against keyloggers as it can actually disable them to prevent them picking up any keystrokes at all.

To build the software you will need to get ISAAC, you can get this here

If you have any questions or want to report a bug please drop me a line

Sorry, but a Javascript-enabled browser is required to email me.

As I don't get a lot of time to respond to emails, I have created a forum where you can discuss this software with other users. Feel free to post bug fixes, suggestions for improvements, questions or anything else related to this software. The forum link is http://wuulsoftware.freeforums.org/

Home