Black Hat

USB Password Theft

USB Password Theft: In contrast to manual methods, there is some automated mechanism for obtaining passwords, such as via USB drivers.

This method entails embedding a password-stealing application on a USB and then physically plugging the drive into a target system. Because many users store they passwords for applications an online sites on their local machine, the passwords may be easily extracted.

 

PSPV

In order to carry out this attack you can use the following generic steps:

  1. Obtain a password-hacking utility such as pspv.exe.

 

  1. Copy the utility to a USB drive.

 

  1. Create a Notepad file called launch.bat containing the following lines:

    [autorun]
    en = launch.bat
    Start pspv.exe /s passwords.txt

 

  1. Save launch.bat to the USB drive.

 

At this point, you can insert the USB drive into a target computer. When you do, pspv.exe will run, extract passwords, and place them in the password.txt file, which you can open in Notepad.

 

It is worth nothing that this attack can be thwarted quite easily by disabling autoplay of USB drives, which is on by default in Windows.

 

NOTE: The pspv.exe tool is protected-storage password viewer that displays stored passwords on a Windows system if they are contained in Internet Explorer and other applications.

 

As far as USB attacks are concerned, there are many other ways to steal passwords and other valuable data via this mechanism.

One of the newer methods is using something known as the USB Rubber Ducky by Hak5. This device looks like a regular USB flash drive but in actuality is much more than that.

Inside the device are MicroSD slot and a processor to make the device perform its magic.

Essentially, this magic is that they device not only can run scripts on the system it is plugged into but also has the ability to masquerades as keyboard.

The value of this last point is not to be underestimated because many systems can be configured to block USB devices. They are not configured to block HID hardware because it would mean things such as keywords might not work either.

 

 

Related Articles

One Comment

  1. Pingback: Password Attacks

Leave a Reply

Back to top button