Please review any and all PUBLIC repositories, groups and associate files. These allow anyone on the Internet to access without authentication. Repository and group owners are responsible for their content and permission settings. Go to your project(s), click on Settings > General and expand the "Visibility, project features, permissions" to change this setting.

Update Raw-Capture/2020-02-25/GA-20200225-keystroke.csv,...

Update Raw-Capture/2020-02-25/GA-20200225-keystroke.csv, Raw-Capture/2020-02-25/GA-20200225-Log.txt, Raw-Capture/2020-02-25/GA-20200225-SessionKeys.log, Raw-Capture/2020-02-25/KA-20200225-keymouseclick.csv, Raw-Capture/2020-02-25/KA-20200225-keystroke.csv, Raw-Capture/2020-02-25/KA-20200225-Log.txt, Raw-Capture/2020-02-25/KA-20200225-SessionKeys.log, Raw-Capture/2020-02-25/GA-20200225-keymouseclick.csv, Raw-Capture/2020-02-25/Side Note.txt, Raw-Capture/2020-02-25/KA-20200225.pcapng, Raw-Capture/2020-02-25/KA-20200225.cab, Raw-Capture/2020-02-25/KA-20200225.etl, Raw-Capture/2020-02-25/GA-20200225.pcapng files
parent 4b670b56
==== Initiated Capture At 16:39:26.83 on the Tue 02/25/2020 ====
Initialized at 16:39:26.84 on the Tue 02/25/2020
Host Name: DESKTOP-UOQMGH6
OS Name: Microsoft Windows 10 Home
OS Version: 10.0.17763 N/A Build 17763
OS Manufacturer: Microsoft Corporation
OS Configuration: Standalone Workstation
OS Build Type: Multiprocessor Free
Registered Owner: BullockPC
Registered Organization:
Product ID: 00326-10000-00000-AA193
Original Install Date: 12/2/2019, 5:43:32 PM
System Boot Time: 2/24/2020, 12:53:25 PM
System Manufacturer: LENOVO
System Model: 20377
System Type: x64-based PC
Processor(s): 1 Processor(s) Installed.
[01]: AMD64 Family 22 Model 48 Stepping 1 AuthenticAMD ~2000 Mhz
BIOS Version: LENOVO 9FCN23WW, 10/3/2014
Windows Directory: C:\Windows
System Directory: C:\Windows\system32
Boot Device: \Device\HarddiskVolume1
System Locale: en-us;English (United States)
Input Locale: en-us;English (United States)
Time Zone: (UTC-08:00) Pacific Time (US & Canada)
Total Physical Memory: 7,099 MB
Available Physical Memory: 4,570 MB
Virtual Memory: Max Size: 8,251 MB
Virtual Memory: Available: 5,452 MB
Virtual Memory: In Use: 2,799 MB
Page File Location(s): C:\pagefile.sys
Domain: WORKGROUP
Logon Server: \\DESKTOP-UOQMGH6
Hotfix(s): 7 Hotfix(s) Installed.
[01]: KB4534131
[02]: KB4465065
[03]: KB4486153
[04]: KB4516115
[05]: KB4523204
[06]: KB4537759
[07]: KB4532691
Network Card(s): 2 NIC(s) Installed.
[01]: Qualcomm Atheros AR956x Wireless Network Adapter
Connection Name: Wi-Fi
Status: Hardware not present
[02]: Realtek PCIe GBE Family Controller
Connection Name: Ethernet
DHCP Enabled: No
IP address(es)
[01]: 207.140.106.29
[02]: fe80::315b:7945:b5bb:43ee
Hyper-V Requirements: VM Monitor Mode Extensions: Yes
Virtualization Enabled In Firmware: Yes
Second Level Address Translation: Yes
Data Execution Prevention Available: Yes
==== Initiated IP-Config At 16:39:32.50 on the Tue 02/25/2020 ====
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:135 DESKTOP-UOQMGH6:0 LISTENING
TCP 0.0.0.0:445 DESKTOP-UOQMGH6:0 LISTENING
TCP 0.0.0.0:5040 DESKTOP-UOQMGH6:0 LISTENING
TCP 0.0.0.0:5357 DESKTOP-UOQMGH6:0 LISTENING
TCP 0.0.0.0:8732 DESKTOP-UOQMGH6:0 LISTENING
TCP 0.0.0.0:49664 DESKTOP-UOQMGH6:0 LISTENING
TCP 0.0.0.0:49665 DESKTOP-UOQMGH6:0 LISTENING
TCP 0.0.0.0:49666 DESKTOP-UOQMGH6:0 LISTENING
TCP 0.0.0.0:49669 DESKTOP-UOQMGH6:0 LISTENING
TCP 0.0.0.0:49670 DESKTOP-UOQMGH6:0 LISTENING
TCP 0.0.0.0:49671 DESKTOP-UOQMGH6:0 LISTENING
TCP 207.140.106.29:139 DESKTOP-UOQMGH6:0 LISTENING
TCP 207.140.106.29:50158 52.242.211.89:https ESTABLISHED
==== Initiated Set SSL Key Log At 16:39:34.54 on the Tue 02/25/2020 ====
Set SSLKEYLOGFILE at 16:39:34.99
Trace configuration:
-------------------------------------------------------------------
Status: Running
Trace File: GA-20200225.etl
Append: Off
Circular: On
Max Size: 250 MB
Report: Off
Trace started at: 16:39:40.12
Ping ran for self synchronization. TTL set at 3.
Pinging 207.140.106.1 with 32 bytes of data:
Reply from 207.140.106.1: bytes=32 time=1ms TTL=255
Reply from 207.140.106.1: bytes=32 time=1ms TTL=255
Reply from 207.140.106.1: bytes=32 time=1ms TTL=255
Ping statistics for 207.140.106.1:
Packets: Sent = 3, Received = 3, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 1ms, Average = 1ms
Browers started for "https://hangouts.google.com/".
Keylogger started at: 16:39:43.21
Reverted SSL Keylog variable at 16:40:43.20
==== Initiated netsh merge At 16:40:43.31 on the Tue 02/25/2020 ====
Finished Merge at 16:42:59.94
==== Initiated Exiting At 16:43:10.49 on the Tue 02/25/2020 ====
This diff is collapsed.
This source diff could not be displayed because it is too large. You can view the blob instead.
press_time,release_time,key_code,key_name,modifier_code,modifier_name,location
1582677614336,1582677614414,59,semicolon,1,shift,1
1582677614726,1582677614836,48,0,1,shift,1
1582677614086,1582677614961,16,shift,1,shift,2
1582677615851,1582677615945,10,enter,0,,1
1582677631565,1582677631627,10,enter,0,,1
==== Initiated Capture At 17:02:47.52 on the Tue 02/25/2020 ====
Initialized at 17:02:47.54 on the Tue 02/25/2020
Host Name: DESKTOP-UOQMGH6
OS Name: Microsoft Windows 10 Home
OS Version: 10.0.17763 N/A Build 17763
OS Manufacturer: Microsoft Corporation
OS Configuration: Standalone Workstation
OS Build Type: Multiprocessor Free
Registered Owner: BullockPC
Registered Organization:
Product ID: 00326-10000-00000-AA193
Original Install Date: 12/2/2019, 5:43:32 PM
System Boot Time: 2/24/2020, 12:53:25 PM
System Manufacturer: LENOVO
System Model: 20377
System Type: x64-based PC
Processor(s): 1 Processor(s) Installed.
[01]: AMD64 Family 22 Model 48 Stepping 1 AuthenticAMD ~2000 Mhz
BIOS Version: LENOVO 9FCN23WW, 10/3/2014
Windows Directory: C:\Windows
System Directory: C:\Windows\system32
Boot Device: \Device\HarddiskVolume1
System Locale: en-us;English (United States)
Input Locale: en-us;English (United States)
Time Zone: (UTC-08:00) Pacific Time (US & Canada)
Total Physical Memory: 7,099 MB
Available Physical Memory: 4,472 MB
Virtual Memory: Max Size: 8,251 MB
Virtual Memory: Available: 5,315 MB
Virtual Memory: In Use: 2,936 MB
Page File Location(s): C:\pagefile.sys
Domain: WORKGROUP
Logon Server: \\DESKTOP-UOQMGH6
Hotfix(s): 7 Hotfix(s) Installed.
[01]: KB4534131
[02]: KB4465065
[03]: KB4486153
[04]: KB4516115
[05]: KB4523204
[06]: KB4537759
[07]: KB4532691
Network Card(s): 2 NIC(s) Installed.
[01]: Qualcomm Atheros AR956x Wireless Network Adapter
Connection Name: Wi-Fi
Status: Hardware not present
[02]: Realtek PCIe GBE Family Controller
Connection Name: Ethernet
DHCP Enabled: No
IP address(es)
[01]: 207.140.106.29
[02]: fe80::315b:7945:b5bb:43ee
Hyper-V Requirements: VM Monitor Mode Extensions: Yes
Virtualization Enabled In Firmware: Yes
Second Level Address Translation: Yes
Data Execution Prevention Available: Yes
==== Initiated IP-Config At 17:02:52.75 on the Tue 02/25/2020 ====
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:135 DESKTOP-UOQMGH6:0 LISTENING
TCP 0.0.0.0:445 DESKTOP-UOQMGH6:0 LISTENING
TCP 0.0.0.0:5040 DESKTOP-UOQMGH6:0 LISTENING
TCP 0.0.0.0:5357 DESKTOP-UOQMGH6:0 LISTENING
TCP 0.0.0.0:8732 DESKTOP-UOQMGH6:0 LISTENING
TCP 0.0.0.0:49664 DESKTOP-UOQMGH6:0 LISTENING
TCP 0.0.0.0:49665 DESKTOP-UOQMGH6:0 LISTENING
TCP 0.0.0.0:49666 DESKTOP-UOQMGH6:0 LISTENING
TCP 0.0.0.0:49669 DESKTOP-UOQMGH6:0 LISTENING
TCP 0.0.0.0:49670 DESKTOP-UOQMGH6:0 LISTENING
TCP 0.0.0.0:49671 DESKTOP-UOQMGH6:0 LISTENING
TCP 207.140.106.29:139 DESKTOP-UOQMGH6:0 LISTENING
TCP 207.140.106.29:50158 52.242.211.89:https ESTABLISHED
TCP 207.140.106.29:50850 ec2-3-213-183-167:https TIME_WAIT
TCP 207.140.106.29:50855 server-13-35-121-119:https TIME_WAIT
TCP 207.140.106.29:50856 dfw28s04-in-f14:https TIME_WAIT
TCP 207.140.106.29:50857 74.125.170.185:https TIME_WAIT
TCP 207.140.106.29:50861 dfw28s02-in-f10:https TIME_WAIT
==== Initiated Set SSL Key Log At 17:02:55.82 on the Tue 02/25/2020 ====
Set SSLKEYLOGFILE at 17:02:56.18
Trace configuration:
-------------------------------------------------------------------
Status: Running
Trace File: KA-20200225.etl
Append: Off
Circular: On
Max Size: 250 MB
Report: Off
Trace started at: 17:03:01.32
Ping ran for self synchronization. TTL set at 3.
Pinging 207.140.106.1 with 32 bytes of data:
Reply from 207.140.106.1: bytes=32 time=1ms TTL=255
Reply from 207.140.106.1: bytes=32 time=1ms TTL=255
Reply from 207.140.106.1: bytes=32 time=1ms TTL=255
Ping statistics for 207.140.106.1:
Packets: Sent = 3, Received = 3, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 1ms, Average = 1ms
Browers started for "https://kiwiirc.com/nextclient/".
Keylogger started at: 17:03:03.99
Reverted SSL Keylog variable at 17:04:00.42
==== Initiated netsh merge At 17:04:00.49 on the Tue 02/25/2020 ====
Finished Merge at 17:06:12.19
==== Initiated Exiting At 17:06:34.26 on the Tue 02/25/2020 ====
# SSL/TLS secrets log file, generated by NSS
CLIENT_HANDSHAKE_TRAFFIC_SECRET e1faa4bcd3b814af1e05df6389abc9e43759bec846fc89f564364c0e69a56ea2 0345c7da22689a48a0d16b21151542fd9227541f274a72c4d576522624c9408d
SERVER_HANDSHAKE_TRAFFIC_SECRET e1faa4bcd3b814af1e05df6389abc9e43759bec846fc89f564364c0e69a56ea2 5fe641c398e2d01f9aa8eacb3d8284305fd31ed0fc803619b112383ae31ff9f6
CLIENT_TRAFFIC_SECRET_0 e1faa4bcd3b814af1e05df6389abc9e43759bec846fc89f564364c0e69a56ea2 fe907345a16c1273cd4a64729f508d617053cbe03518f233918524361cd412c6
SERVER_TRAFFIC_SECRET_0 e1faa4bcd3b814af1e05df6389abc9e43759bec846fc89f564364c0e69a56ea2 7ba2b3cf1c7bf53150ddcb664b82a09f089e41a61ffd187929438d79561c2728
EXPORTER_SECRET e1faa4bcd3b814af1e05df6389abc9e43759bec846fc89f564364c0e69a56ea2 92607dacb293c09cfc90dc6ba78c281b0eb34733659a74335e1046f52445f41b
CLIENT_RANDOM 68e2791982502b76938b251b682d44f1a4d5d2a810cf733687633c3cd018277e 38c2848e8c35884c9fd6df9f0a637aa0aa516307ed48dcf9fc563479b972cdb9b7a2549e15046f6c386757ed53112e10
CLIENT_RANDOM 728eda13a59ca9a40e7678d55b2d38d8f94efca04865f3226380277540583b53 a50e7af15b16441d45fa59944fe600bdc11ea83c298d247cd199b0d2d383ee99059e0d6945ed6caa655a2409debc581b
CLIENT_RANDOM ea86ab2a114d532c4dc452b5ff1150f43cc9cdf0fc88d1ea888dc13823ab96ec 3830e5c28812b0eb432d51ffc77427542f0f999950f45003c2046fb88ab01013c794aad5780c0684524fd2f72cd0716a
CLIENT_RANDOM 6db61cfbfea8c5bada75be685a22d9a6f284cca0992df988ae307b6dffb64d11 576e819580fd18693868e1417dde2b4fa24ffc0ba1b95bad632c0df63306169cfaeeeb3b97a72e6cfae7f47fa8d5e399
CLIENT_RANDOM 86f2112eeedaaa82cd7b730e102a8d45356395c2978df78d0c3c3a44e50accc4 a50e7af15b16441d45fa59944fe600bdc11ea83c298d247cd199b0d2d383ee99059e0d6945ed6caa655a2409debc581b
CLIENT_RANDOM 3bdec47addca24cd5d53c82eb05365159a22bad6249947cf03264f98dd372005 5a06060c46b635e6389af12ebf0c914316d4bb5918756047d5a3220943e4be9fbff439f9b183783ffcd99f9408801115
CLIENT_HANDSHAKE_TRAFFIC_SECRET 1c3609e509d5a47d77032f09db80d509b9613c31a9b10d301b14dfd877b39442 ff6d99f9da2230795f9a33cd155c187d76928f98d29c1fa0ea53e1ff266e55ab537233a0fa8b45c7087a1f15e6af54a3
SERVER_HANDSHAKE_TRAFFIC_SECRET 1c3609e509d5a47d77032f09db80d509b9613c31a9b10d301b14dfd877b39442 8d9a6361a375fbb8ba12ef0bc0e3680b2e70020d5ef84decc17ce3dec74a4642d7ed626948d194f66b4642f56ba5dfae
CLIENT_TRAFFIC_SECRET_0 1c3609e509d5a47d77032f09db80d509b9613c31a9b10d301b14dfd877b39442 c7c5f12752e0ca6a648b6b0f791ac9e3b33cbb2e031bced1a46ca15c39d8ed6d9c2559f0348cdaf3ea59424f2991f7b1
SERVER_TRAFFIC_SECRET_0 1c3609e509d5a47d77032f09db80d509b9613c31a9b10d301b14dfd877b39442 6bfbb032a2a9a7c41226cc47979fbdb8d69ac2546d878a7550f667d724b2683ef5bc65b7e5d4243a38c0f39ff6355ab1
EXPORTER_SECRET 1c3609e509d5a47d77032f09db80d509b9613c31a9b10d301b14dfd877b39442 ad99492f163592b1e35d7168013fc2820cf5545ec1038b3a3f65d6cbb06801a00b69d467b2867713490e77163a0b5c26
CLIENT_RANDOM f3c74e4cac1d68588c7589fc0304e62986c9652b952b9fae26ab4afec8230e3a 13c77f749482659cc013621c835bf0fc9b6f35816a7af0e9ac38782de475222d1e28864694cf2de44d15743694f2bdc8
CLIENT_RANDOM b66c255da45cfc109eeeb1ae282b09866b423c3b4488b2acab2a6c94991f9f0e f12060e140334a518c51b0ab2441af39e5bf6fe8ee472aad373c7903b352d9a95e34e76dd4cd325ff939f80273a9e349
CLIENT_HANDSHAKE_TRAFFIC_SECRET 90869bb32b9a2a178ee21a7976e77c7a1c974e8539208cf343a8ddcb90559b8d 526b0129ef718c0f103711ca7ed344d9d1b07b46bf3f96e7043f490be9f67294ef49f0f65a1ec80409e2ece997fc42dc
SERVER_HANDSHAKE_TRAFFIC_SECRET 90869bb32b9a2a178ee21a7976e77c7a1c974e8539208cf343a8ddcb90559b8d 12c1afc34de6c64b3a1ee79414f7ef9782dc0f90c92a73c4deacd0638c37ed2733c9ab8b7f842ad7daaec9671a74a356
CLIENT_TRAFFIC_SECRET_0 90869bb32b9a2a178ee21a7976e77c7a1c974e8539208cf343a8ddcb90559b8d c7e13b494977b0fe22b266afde28ea359f2ec2ca4268f42d6b93dcde49c805f133e22c0fd9e37d33382ba0c9fe238f1f
SERVER_TRAFFIC_SECRET_0 90869bb32b9a2a178ee21a7976e77c7a1c974e8539208cf343a8ddcb90559b8d ca9eb0f67a021c28dc163375b048b4b24d67a9aebc9212449dbd9c790324e079a9f4c85010f233e527de596b94b52162
EXPORTER_SECRET 90869bb32b9a2a178ee21a7976e77c7a1c974e8539208cf343a8ddcb90559b8d 1ff81b1f9c92634a13fe7d6e18f7da18ccec0af011fb67cfe4867ca720e8b0657a939916da10641886b71fd8498233c6
CLIENT_RANDOM 75982d85b62c492159ef5c3e5f93dfffaa04b387d39448d4c4cea4b7404a7eb4 930278bcb17c15fe59e5f7505ed578dcafb3c8ab39c5f235b80ab85b7df6ea3a615d69dfa6e635447271e02d8818d943
CLIENT_RANDOM 541f38cfe214f1e3177a0aee368d6146b73604ac845e57739e4dc81c7fed4fc3 930278bcb17c15fe59e5f7505ed578dcafb3c8ab39c5f235b80ab85b7df6ea3a615d69dfa6e635447271e02d8818d943
This diff is collapsed.
press_time,release_time,key_code,key_name,modifier_code,modifier_name,location
1582679012263,1582679012450,84,t,0,,1
1582679012372,1582679012513,69,e,0,,1
1582679012622,1582679012763,83,s,0,,1
1582679012731,1582679012872,84,t,0,,1
1582679013622,1582679013716,10,enter,0,,1
1582679019144,1582679019222,59,semicolon,1,shift,1
1582679019425,1582679019519,48,0,1,shift,1
1582679018503,1582679019597,16,shift,1,shift,2
1582679020196,1582679020274,10,enter,0,,1
1582679029278,1582679029325,10,enter,0,,1
Test 1 sidede, capture sending a text :) then a smiley from the icon options.
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment