It is well known that USB drives can be dangerous. Companies run strict screening policies and it has long been known that running unknown ‘exe’ files is a bad idea. But what if the threat was undetectable, unfixable and could be planted into any- Hacking the USB device isn't hacking the flash memory, it's hacking the firmware on the 8051. I downloaded the first flash datasheet I could google, by way of proving that you have not the first clue what you are on about.
- Jun 01, 2018 Yes. You heard it right. A portable hacking device that will be a pen drive from outside, but a powerful hacking tool from inside. There’s nothing to hype about this, it is just a few commands that will help you to access each and every password stored on the users’ PC or Laptop.
- In short: the exploit isn’t stored inside the USB device like a Trojan horse, it has reprogrammed the device itself. Since USB devices all share similar firmware the trick can be repeated on.
USB has become a very popular interface over the years. Plenty of devices have been developed that provide a USB interface such as cameras, phones, music players, the list is endless. While this is a useful technology, some of these devices have also brought with them new threats to our computer. Oct 07, 2019 Here is a way to hack passwords using a USB pen-drive. Using a few password recovery tools and a USB pen-drive you can create your own rootkit to hack passwords. Hacking device free download - PortSign Hacking, USB Mass Storage Device, Unknown Device Identifier, and many more programs.
USB device be it a USB drive, keyboard, mouse, web camera, printer, even smartphone or tablet? Well this nightmare scenario just became reality.The findings will be laid out in a presentation next week from security researchers Karsten Nohl and Jakob Lell who claim the security of USB devices is fundamentally broken . More to the point they said it has always been fundamentally broken, but the holes have only just been discovered.
BadUSB
To demonstrate this the researchers created malware called ‘BadUSB’. It can be installed on any USB device and take complete control over any PC to which it connects. This includes downloading and uploading files, tracking web history, adding infected software into installations and even controlling the keyboard so it can type commands.
“It can do whatever you can do with a keyboard, which is basically everything a computer does,” explains Nohl in an interview with Wired.
Moreover BadUSB can send code both ways, aka from the USB device to the PC and from the PC to the USB device. Previously any malicious code on a USB drive could only travel one way. And it gets worse.
Unfixable and Undetectable
“These problems can’t be patched,” says Nohl. “We’re exploiting the very way that USB is designed.. You can give it to your IT security people, they scan it, delete some files, and give it back to you telling you it’s ‘clean’ but the cleaning process doesn’t even touch the files we’re talking about.”
The reason for this is the exploit changes the firmware (instruction set) on USB devices rather than simply being a file stored on the main memory which could be accessed and deleted. In short: the exploit isn’t stored inside the USB device like a Trojan horse, it has reprogrammed the device itself. Since USB devices all share similar firmware the trick can be repeated on anything designed to be plugged into a USB port.
Even now the exploit is known addressing it is nearly impossible. ‘Code signing’ is a common countermeasure for stopping the unauthorised modification of firmware, but it isn’t part of the USB standard and even if it were there is no ‘clean’ USB firmware reference code to compare modifications against.
The exploit is already being tied to ‘Cottonmouth’, a USB spy device revealed last year in the leaks of Edward Snowden. The NSA hid Cottonmouth in peripheral plugs that were then connected to key computers. The exact operation of Cottonmouth was never revealed but Matt Blaze, computer science professor at the University of Pennsylvania, told Wired “I wouldn’t be surprised if some of the things [Nohl and Lell] discovered are what we heard about in the NSA catalogue.”
Cottonmouth NSA document leak - image courtesy of Wikipedia
New Habits
With no solutions on the horizon the only safe way to continue using USB devices is to change behaviour.
Philips 7130 tv tuner software. Taken from the mini Installation CD. Version1.3.5.5Driver DateJanuary 23, 2007ManufacturerSupported OSWindows Vista, Windows Vista (64 bit)File NameSize53.5 MBLicenseFreewareDownloads4,140Uploaded ByGregg Luis (DG Member) on 2/20/2008Uploader NotesPhillips 7130 TV Tuner PCI Card.
“Consumers should always ensure their devices are from a trusted source and that only trusted sources interact with their devices,” said Liz Nardozza, spokesperson for USB standards body the USB Implementers Forum, in a statement. “Consumers safeguard their personal belongings and the same effort should be applied to protect themselves when it comes to technology.”
Nohl takes this a step further. He argues USB devices should be treated as if they are hypodermic needles . “In this new way of thinking, you can’t trust a USB just because its storage doesn’t contain a virus. Trust must come from the fact that no one malicious has ever touched it. You have to consider a USB infected and throw it away as soon as it touches a non-trusted computer. And that’s incompatible with how we use USB devices right now.”
Speaking to me Michael Sutton, VP of security research at Zscaler, agrees with the severity of Nohl's warning. 'Presently the only viable defence is to avoid using untrusted USB peripherals and those that have been outside of your control,' he explained.
While awareness will be the first step in addressing the security black hole now attributable to all USB devices, pressure will also mount quickly on the USB Implementers Forum and the major USB device manufacturers to come up with a permanent solution. Until then paranoia with build.
Test drive unlimited serial key. Nothing can stop us, we keep fighting for freedomdespite all the difficulties we face each day.Last but not less important is your own contribution to our cause.
As Nohl concludes: “Nobody can trust anybody.”
More on Forbes
As we all know, Windows stores most of the passwords which are used on a daily basis, including instant messenger passwords such as MSN, Yahoo, AOL, Windows messenger etc. Along with these, Windows also stores passwords of Outlook Express, SMTP, POP, FTP accounts and auto-complete passwords of many browsers like IE and Firefox.
There exists many tools for recovering these passswords from their stored places. Using these tools and a USB pen-drive, you can create your own rootkit to sniff passwords from any computer. We need the following tools to create our rootkit:
MessenPass: Recovers the passwords of most popular Instant Messenger programs: MSN Messenger, Windows Messenger, Yahoo Messenger, ICQ Lite 4.x/2003, AOL Instant Messenger provided with Netscape 7, Trillian, Miranda, and GAIM.
Mail PassView: Recovers the passwords of the following email programs: Outlook Express, Microsoft Outlook 2000 (POP3 and SMTP Accounts only), Microsoft Outlook 2002/2003 (POP3, IMAP, HTTP and SMTP Accounts), IncrediMail, Eudora, Netscape Mail, Mozilla Thunderbird, Group Mail Free.
Mail PassView can also recover the passwords of Web-based email accounts (HotMail, Yahoo!, Gmail), if you use the associated programs of these accounts.
IE Passview: IE PassView is a small utility that reveals the passwords stored by Internet Explorer browser. It supports the new Internet Explorer 7.0, as well as older versions of Internet explorer, v4.0 – v6.0
Protected Storage PassView: Recovers all passwords stored inside the Protected Storage, including the AutoComplete passwords of Internet Explorer, passwords of Password-protected sites, MSN Explorer Passwords, and more.
PasswordFox: PasswordFox is a small password recovery tool that allows you to view the user names and passwords stored by Mozilla Firefox Web browser. By default, PasswordFox displays the passwords stored in your current profile, but you can easily select to watch the passwords of any other Firefox profile. For each password entry, the following information is displayed:
Record Index, Web Site, User Name, Password, User Name Field and Password Field.
Preparing Your USB Drive for Password Hacking:
Here is a step by step procedure to create the password hacking toolkit:
Download all the 5 tools, extract them and copy only the executable files (.exe files) onto your USB Pendrive.
ie: Copy the files – mspass.exe, mailpv.exe, iepv.exe, pspv.exe and passwordfox.exe into your USB Drive.
Create a new Notepad and write the following text into it:
save the Notepad and rename it from New Text Document.txt to autorun.inf. Now copy the autorun.inf file onto your USB pen-drive.
Create another Notepad and write the following text onto it:
Save the Notepad and rename it from New Text Document.txt to launch.bat. Copy the launch.bat file to your USB drive.
Now your rootkit is ready and you are all set to sniff the passwords. You can use this pen-drive on on any computer to sniff the stored passwords. Just follow these steps:
Insert the pen-drive and the auto-run window will pop-up. (This is because, we have created an auto-run pen-drive).
In the pop-up window, select the first option (Perform a Virus Scan).
Now all the password recovery tools will silently get executed in the background (This process takes hardly a few seconds). The passwords get stored in the .TXT files.
Remove the pen-drive and you’ll see the stored passwords in the .TXT files.
This hack works on Windows 2000, XP, Vista and 7.