Categories: Kali Linux

WinPirate : Automated Sticky Keys Hack From A Bootable USB

Automated sticky keys hack. Post exploitation it grabs browser passwords, history, and network passwords. Here’s the plan. We create a way to automate doing the sticky keys windows hack from a bootable USB which we can call as WinPirate. Then, we automate getting as many saved passwords as possible, drop a listener, and delete all traces that we were there.

All without being detected by antivirus. We should add a mimikittenz option if the computer was found running and unlocked, otherwise we can just run it later remotely.

Also Read Malicious Apps Change Their Name To Be Back On Google Play Store

How to Use WinPirate

Requirements : a linux bootable USB, this repo on the USB (not in the OS, just put it in the root directory)

Note : chromepasswords.py requires PyWin32

If the computer is locked:

  • shutdown windows (make sure not hibernating by holding shift while pressing shut down)
  • hit F12 and select USB
  • sudo -i
  • fdisk -l (note: if you’re on Kali Linux, run parted -l)
  • mkdir /media/windows
  • mount /dev/WHATEVERTHEWINDOWSPARTITIONWASCALLED /media/windows -t ntfs
  • run Stickykeys.sh
  • restart and boot to Windows
  • hit Shift 5 times fast, a command prompt will appear
  • cd to the USB and run WinPirate.bat

If the computer isn’t locked:

cd to the USB and run Run.bat (this will run WinPirate.bat silently in the background, it should be done in < 10 seconds

Current Issues

  1. The chrome passwords grabber that I made is still a .py For it to work, I need to convert it to exe so it doesn’t require python to be installed on the system.
    You can run it with python chromepasswords.py -csv and it will decrypt the Chrome saved passwords database and export it as a CSV
  2. The sticky keys automation doesn’t speed the process up as much as I previously thought, as evident by the lengthy “How to Use” section
  3. I haven’t been able to write any tools that grab passwords for IE or Firefox

R K

Recent Posts

WhatsMyName App – Find Anyone Across 640+ Platforms

Overview WhatsMyName is a free, community-driven OSINT tool designed to identify where a username exists…

4 hours ago

Analyzing Directory Size Linux Tools Explained

Managing disk usage is a crucial task for Linux users and administrators alike. Understanding which…

5 hours ago

Understanding Disk Usage with du Command

Efficient disk space management is vital in Linux, especially for system administrators who manage servers…

5 hours ago

How to Check Directory Size in Linux

Knowing how to check directory sizes in Linux is essential for managing disk space and…

5 hours ago

Essential Commands for Linux User Listing

Managing user accounts is a core responsibility for any Linux administrator. Whether you’re securing a…

5 hours ago

Command-Line Techniques for Listing Linux Users

Linux offers powerful command-line tools for system administrators to view and manage user accounts. Knowing…

1 day ago