Create A USB Password Stealer To See How Secure Your Info Really Is

Create A USB Password Stealer To See How Secure Your Info Really Is

Slacking on password security can have horrific consequences. Even so, it’s easy to lose track of how many are vulnerable. With just a couple of files, you can steal passwords from nearly everywhere they’re stored on a victim’s Windows PC, including your own, just to see how secure they really are.

Pictures: SamahR, Chris Yarzab, Ervins Strauhmanis


A good rule of thumb is that if you’ve stored a password on your computer, you’ve made it possible for someone else to steal with something as simple as a USB flash drive and a one-click script. This includes everything from wireless network keys to passwords you’ve saved in your browser. Hacker’s Handbook has a great guide for the more experienced user, but we’ll break it down for beginners here:

Step 1: Collect Your Tools

NirSoft makes a lot of utilities that we love, and they have a pretty good suite of security tools. We’re going to use a few that recover passwords to create our ultimate USB tool.

Plug in your USB drive, and create a folder titled “Utilities”. Then, download the following zip files (not the self-install executables) from the NirSoft Password Recovery Utilities page onto the thumb drive and — after extracting the files — place all of the .exe files in the Utilities folder:

  • MessenPass
  • Mail PassView
  • Protected Storage PassView
  • Dialupass
  • BulletsPassView
  • Network Password Recovery
  • SniffPass Password Sniffer
  • RouterPassView
  • PstPassword
  • WebBrowserPassView
  • WirelessKeyView
  • Remote Desktop PassView
  • VNCPassView

Each of these executable files recovers passwords from a specific place on the computer. For example, WirelessKeyView.exe pulls your wireless key, and WebBrowserPassView.exe grabs all of the passwords stored in your browsers. If you want to see what each one does in detail, check the NirSoft page linked above. If you see any other password recovery tools you want to try out, download them as well, but what we have here is a good starting point.

Step 2: Automate the Tools to Work With One Click (XP and Vista Only)

Next, we’re going to set up a script that runs all these utilities at once — allowing you to grab a giant cache of stored passwords in one click (though it only works properly on Windows XP and Vista, so if you’re only using this on Windows 7 and above, you can skip this step). Open your text editor, and for each file you downloaded, write this line of code in one text file:

start filename /stext filename.txt

Replace “filename” with the name of the executable you just downloaded, including the file extension. When you replace “filename” after the backslash, you will change the .exe to a .txt file extension. This is the password log the executable will create for you to see. A finished script should look like this:

start mspass.exe /stext mspass.txt
start mailpv.exe /stext mailpv.txt<br>start pspv.exe /stext pspv.txt
start Dialupass.exe /stext Dialupass.txt
start BulletsPassView.exe /stext BulletsPassView.txt
start netpass.exe /stext netpass.txt
start sniffpass.exe /stext sniffpass.txt
start RouterPassView.exe /stext RouterPassView.txt
start PstPassword.exe /stext PstPassword.txt
start WebBrowserPassView.exe /stext WebBrowserPassView.txt
start WirelessKeyView.exe /stext WirelessKeyView.txt
start rdpv.exe /stext rdpv.txt
start VNCPassView.exe /stext VNCPassView.txt

Once you’re done writing the script, save the file as Launch.bat in the Utilities folder you created.

Step 3: Test Your New Password Stealer

Now you will be able to recover the usernames and passwords from each of these programs. They will create detailed logs that show you the password, username and source (like the Network name or website URL), which is all you really need to do damage. There’s also the date the password was created, password strength, and other information depending on the program. Here’s how to test your new password stealer to see how many passwords you’ve left vulnerable on your PC.

XP and Vista: Run the Script

Click the launch.bat file you just made to launch it. The password logs will appear in the Utilities folder as .txt files alongside the original executables. Each will have the same name as the .exe file they’re sourced from. For example: the ChromePass.exe file will have a ChromePass.txt file that houses all of the recovered passwords and usernames. All you have to do is open the .txt files, and you’ll see all your passwords.

Windows 7 and Above: Run Each Password Recovery App Individually

If you use Windows 7 or above, the script won’t work for many of the apps, so you’ll need to open them up individually. Double-click on each program and the list of passwords will pop up in a window. Select all that you want to save, and go to the File menu, and save the log as a .txt file in the original Utilities folder you created on your flash drive.

Use these logs to see for yourself how many passwords you’ve left vulnerable on your system. It’s remarkably easy to find and take them!

Step 4: Protect Yourself

Now that you know how vulnerable your information is, get serious about protecting yourself. Take these precautions:

  • If your computer has autorun enabled, disable it. It only takes a couple more lines of code to set the .bat file to launch automatically when the flash drive is plugged in, without the user even seeing what’s happening.
  • Take measures like not allowing your browser to remember your passwords, or at least the important ones like mobile banking. Instead, use password managers with encryption like LastPass or another good password manager to store all of your passwords securely and out of harm’s way.
  • Use two-factor authentication every chance you get. There are tons of ways for hackers to get your information if they want to. The second factor — something you have — could be what saves you in the end.
  • The obvious: always maintain physical control of your computer whenever possible. Never leave your PC unattended with anyone else, especially someone who’s using a USB flash drive. In fact, it wouldn’t hurt to offer to do the work yourself as often as possible when a friend asks if they can use your computer.

Strong passwords aren’t all the protection you need. Understand how vulnerable your information really is, and build a nearly hack-proof password system to stay safe.

Lifehacker’s Evil Week highlights the dark side of life hacking. How you use that knowledge is up to you.


The Cheapest NBN 50 Plans

Here are the cheapest plans available for Australia’s most popular NBN speed tier.

At Lifehacker, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.

Comments