Hackers Shows How To Hack Windows And OS X Passwords (When Locked) In 13 Seconds

Pro Hackers Shows How To Hack Windows And OS X Passwords (When Locked) In 13 Seconds

Pro Hackers Shows How To Hack Windows And OS X Passwords (When Locked) In 13 Seconds

Hackers Shows How To Hack Windows And OS X Passwords (When Locked) In 13 Seconds

A Security researcher named Rob Fuller discovered a unique attack method that can be used to steal credentials from a locked computer. This hacked works in Windows and Mac PC.

A security researcher found a unique way that can be used to unlock or to steal credentials from a locked computer (but, logged-in) and another god news in it worked on both Microsoft’s Windows and Apple Mac OS X system.
A security expert Rob Fuller in his blog post demonstrated and explained how to exploit a USB SoC-based device to turn it into a credential-sniffer that can be used even on a locked computer or laptop.

The firmware code of USB dongle is modified by fuller in such a way that when it is plugged into an Ethernet adapter, the plug-and-play USB device installs and acts itself as the network gateway, DNS server, or Web Proxy Auto-discovery Protocol (WPAD) server for the victim’s machine.
Also Read : Turn off Windows 10 Keylogger

The attack is possible because in almost every computer operating system automatically install Plug-and-Play USB devices even computer is locked.
[ for example: When you Connect USB mouse with your laptop or Computer it automatically connects before login],

“Even if a system is locked out, the device [dongle] still gets installed,” Fuller explains in his blog post.

“Now, I believe there are restrictions on what types of devices are allowed to install at a locked out state on newer operating systems (Win10/El Capitan), but Ethernet/LAN is definitely on the white list.”

How does the Attack Work?

You must be wondering that Why your computer automatically shares Windows credentials with any connected device?

This is because Microsoft made default behavior of its Window’s name resolution services, which can be abused to steal authentication of your credentials.
Responder is the software which modifies plug-and-play USB Ethernet adapter, through which network can be spoof to intercept hashed credentials and then it is stored in an SQLite database.
Now, the hashed credentials which is stored in SQLite database us collected by the network exploitation tool and can later be easily brute-forced to get clear text passwords.

Apparently, all attacker need is physical access to a target computer to conduct this attack, by acquiring physical access he can plug in the harmful USB Ethernet adapter.
However, he says the average time required for a successful attack is just 13 seconds.

 

You can watch the video demonstration below that will clear your problems and you can easily understand, Here’s Fuller’s attack in action.

Which Operating System can be Hacked using this?

Fuller has tested these attacks on these operating systems and he passed!
1.Windows 98 SE
2. Windows 2000 SP4
3. Windows XP SP3
4. Windows 7 SP1
5. Windows 10 (Enterprise and Home)
6. OSX El Capitan / Mavericks (I was able to get creds on both of these but I’m still testing to see if it was a fluke, or my own configurations)
Fuller tested the attack with two USB Ethernet dongles: the USB Armory and the Hak5 Turtle. For more detailed explanation, you can head on to his blog post.
However, he has further plans to check this attack on Linux operating system and if worked then he will tell us.

Here’s How to Remain Safe From this Attack?

Go to Start–>Search type in gpedit.msc
Click the file to open the Local Group Policy Editor and show Windows who is in control!!
You want to go here:
Computer Configuration -> Administrative Templates -> System -> Device Installation. Click on the subfolder Device Installation on the left and on the right side you will see the possible restrictions.

Right Click on Prevent Installation of Devices not described by other policy settings and edit this option, set it on ENABLED.

Reboot Windows and enjoy its inability to pollute your system with its standard driver.

Source: 

Stealing login credentials from a locked PC or Mac just got easier

Here’s How to Hack Windows/Mac OS X Login Password (When Locked)

Did you find this article interesting? Don’t forget to to share this article on Facebook.

Get more more interesting article like this
in your inbox

Subscribe to our mailing list and get daily new articles and updates to your email inbox.