Stealing Windows Passwords with your Android Device

Comments Off on Stealing Windows Passwords with your Android Device

A hacking tool discovered by analysts at F-Secure, which is capable of stealing information from a connected Windows machine. USB Cleaver seems to be designed to facilitate a targeted attack by gathering details that would be helpful in a later infiltration attempt.

To use the application, user must install the application on his Android Smartphone . Once the application is installed , app automatically download the ZIP file from its server and then unzips the downloaded file to the following location:
/mnt/sdcard/usbcleaver/system folder.

This application is specially designed to steal the information like Browser Passwords (Firefox, Chrome and IE), PC’s Wi-Fi password, The PC’s network information etc.

When the device is then plugged into a PC, /mnt/sdcard is mounted and, if autorun is enabled, go.bat and the payload are executed. The app allows the user to select what type of information should be harvested. The utilities save their results in /mnt/sdcard/usbcleaver/logs which the app user can view later by clicking “Log files” in the app.
Most older Windows systems need to have mobile drivers manually installed in order for this attack to work.

You can Download USB Cleaver here.

Related Articles

ABOUT US

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Our primary focus revolves around the latest tools released in the Infosec community and provide a platform for developers to showcase their skillset and current projects.

COMPANY
Live Chat
RESOURCES
Get Started
TOOLBOX
Tools Directory

2014 – 2020 | Haxf4rall.com               Stay Connected:

Facebook Twitter Google-plus Wordpress