We all use computers on a daily basis, But we don’t know that anyone can hack our computer with just a few simple steps. In this tutorial, I am going to share a trick, which will help you understand, how to hack any Windows or Mac OS.
So basically, how this works is, there is a flaw in windows operating system, which will install the USB devices, even if the computer is locked up. So when the user lock’s the computer, He better make sure, he doesn’t allow anyone to plug any kind of USB devices. This tutorial is also helpful for you to keep your computer safe.
Also Read: Top 5 Best Hacking apps for iPhone 2016
Basically what happens is, When you lock your computer the credentials cannot be accessed without logging in. But a cheap USB device can turn your computer’s security upside down. From recent news, I found that a guy, who is a Security researcher and, he has finally found a way to steal credentials of a computer, which runs windows or Mac OS. But the condition is that this works on a computer, which is locked by the user, But it should be logged-in.
A USB dongle in which, there are many firmware codes put together is modified, when it is connected to an Ethernet adapter, the USB drivers will install like, the same process, when we plug a normal USB to a computer. And then this device will act like, it is a WPAD (Web Proxy Auto discovery Protocol) server, which is made for the victim’s device. Also in addition to that, it acts as it is the real network gateway, DNS server.
This was explained in a blog by the attacker. And he said that this attack will work, Because the dongle will be installed automatically in most of the computers as Plug-and-Play USB devices.
He says “Now, I believe there are restrictions on what types of devices are allowed to install at a locked out state on newer operating systems (Win10/El Capitan), but Ethernet/LAN is definitely on the white list”.
How the attack works? Well, it’s simple the USB Ethernet adapter contains a software, which will steal the credentials and store in an SQLite database after spoofing the network. Then the information collected as credentials can be used later by brute force method to obtain passwords in a text format.
This hack was tested on operation systems of Windows 98 SE, Windows 2000 SP4, Windows XP SP3, Windows 7 SP1, Windows 10 Enterprise and Home (but not Windows 8) and also on OS X El Capitan and OS X Mavericks. This hack was tested on two USB Ethernet dongles
Share this article if you have liked it.