Eli Fulkerson .com HomeProjectsKeyboardlint
 

Keyboard Lint

Keyboard Lint is a fuzzer for detecting keystroke logging software. The idea is that by overworking a key logger it can be made to crash or otherwise makes its presence more detectable. Keyboard Lint will only work on key loggers that catch the SendKeys() function.

Download:

KeyboardLint.exe
source code

Use:

Fire it up, press the button. Keys are sent as fast as possible - currently to a window internal to the app. This may cause your computer extreme input lag - in order to pause output toggle your numlock key. Keyboard Lint checks the state of numlock every cycle and will bail out if it changes.

What was the point of that?:

First off - I consider this a proof of concept rather than a finished product. I have not done exhaustive testing.

Key logging software requires CPU, disk, network and memory. The idea is that by feeding a key logger an inordinate amount of data it will increase these requirements and be more easily detectable by other means.

What might happen?

Keyboard Lint can be defeated in many ways - its far from perfect. For instance a rate-limiter on the logging code (humans don't type at 3,000 words per minute), or a semantic check (log words, don't log gibberish). Semantic check is unlikely because any good key logger would want to get your gibberish passwords successfully.