Sunday , November 18 2018
Home / IT Security / Black Hat / USB Password Theft
USB Password Theft
USB Password Theft

USB Password Theft

USB Password Theft: In contrast to manual methods, there is some automated mechanism for obtaining passwords, such as via USB drivers.

This method entails embedding a password-stealing application on a USB and then physically plugging the drive into a target system. Because many users store they passwords for applications an online sites on their local machine, the passwords may be easily extracted.

 

PSPV

In order to carry out this attack you can use the following generic steps:

  1. Obtain a password-hacking utility such as pspv.exe.

 

  1. Copy the utility to a USB drive.

 

  1. Create a Notepad file called launch.bat containing the following lines:

    [autorun]
    en = launch.bat
    Start pspv.exe /s passwords.txt

 

  1. Save launch.bat to the USB drive.

 

At this point, you can insert the USB drive into a target computer. When you do, pspv.exe will run, extract passwords, and place them in the password.txt file, which you can open in Notepad.

 

It is worth nothing that this attack can be thwarted quite easily by disabling autoplay of USB drives, which is on by default in Windows.

 

NOTE: The pspv.exe tool is protected-storage password viewer that displays stored passwords on a Windows system if they are contained in Internet Explorer and other applications.

 

As far as USB attacks are concerned, there are many other ways to steal passwords and other valuable data via this mechanism.

One of the newer methods is using something known as the USB Rubber Ducky by Hak5. This device looks like a regular USB flash drive but in actuality is much more than that.

Inside the device are MicroSD slot and a processor to make the device perform its magic.

Essentially, this magic is that they device not only can run scripts on the system it is plugged into but also has the ability to masquerades as keyboard.

The value of this last point is not to be underestimated because many systems can be configured to block USB devices. They are not configured to block HID hardware because it would mean things such as keywords might not work either.

 

 

About Jahanzaib Khan

Jahanzaib Khan is the CEO of JahaSoft.Pk A Web Development, Digital Marketing & Web Hosting Company Based in Pakistan. https://www.JahaSoft.pk

Check Also

A New Dump of Pakistan Debit & Credit Cards Leaked Online

A New Dump of Pakistan Debit & Credit Cards Leaked Online

The BankIslami hack was basically done via a dark web forum, where the information on …

One comment

  1. Pingback: Password Attacks

Leave a Reply

Your email address will not be published. Required fields are marked *