Automated sticky keys hack. Post exploitation it grabs browser passwords, history, and network passwords. Here’s the plan. We create a way to automate doing the sticky keys windows hack from a bootable USB which we can call as WinPirate. Then, we automate getting as many saved passwords as possible, drop a listener, and delete all traces that we were there.
All without being detected by antivirus. We should add a mimikittenz option if the computer was found running and unlocked, otherwise we can just run it later remotely.
Requirements : a linux bootable USB, this repo on the USB (not in the OS, just put it in the root directory)
Note : chromepasswords.py requires PyWin32
If the computer is locked:
sudo -ifdisk -l (note: if you’re on Kali Linux, run parted -l)mkdir /media/windowsmount /dev/WHATEVERTHEWINDOWSPARTITIONWASCALLED /media/windows -t ntfsIf the computer isn’t locked:
cd to the USB and run Run.bat (this will run WinPirate.bat silently in the background, it should be done in < 10 seconds
python chromepasswords.py -csv and it will decrypt the Chrome saved passwords database and export it as a CSVThe Windows Registry Editor lets you easily view and control critical Windows system and application…
In the rapidly expanding Internet of Things (IoT) ecosystem, billions of devices are constantly exchanging…
Have you ever come across a picture on the internet and wondered where it came…
Overview WhatsMyName is a free, community-driven OSINT tool designed to identify where a username exists…
Managing disk usage is a crucial task for Linux users and administrators alike. Understanding which…
Efficient disk space management is vital in Linux, especially for system administrators who manage servers…