Hackers Shows How To Hack Windows And OS X Passwords In 13 Seconds

Fuller has described the hack in his blog post where he tells how he was able to capture credentials from a system (logged in, just locked). He writes —

Why (and how) this computer hack works on locked devices?

Disclaimer: This article is just for educational purposes. Please test the attack on the systems you own and avoid indulging in any unethical practice.

This hack is possible because most computers install plug-and-play USB devices even if the system is locked. Fuller tested the hack with two USB Ethernet dongles– the USB Armory and the Hak5 Turtle.

“Now, I believe there are restrictions on what types of devices are allowed to install at a locked out state on newer operating systems (Win10/El Capitan), but Ethernet/LAN is definitely on the white list,” he writes.

While installing a new (and malicious) USB plug-and-play Ethernet adapter, the computer lends the credentials needed to install the device. Fuller’s modified hacking device contains code (a software named Responder) that reads these login credentials and saves them in a database.

{blog} Snagging creds from locked machines – https://t.co/zqYo142tVj

— Rob Fuller (@mubix) September 6, 2016

Fuller has tested his computer hack on a variety of operating systems, including the likes of Windows 98 SE, Windows 2000 SP4, Windows XP SP3, Windows 7 SP1, Windows 10 (Home and Enterprise Edition), and OS X El Capitan/Mavericks. He hasn’t tested the hack on Linux (possibly it works).

Interestingly, this hack takes about 13 seconds, depending on a system. For details, you can read Fuller’s blog post.

He has even prepared a video showcasing the hack on a Windows 10 PC. Take a look:

Did you find this article interesting? Don’t forget to drop your feedback in the comments section below.

Follow the link and get 30% off on Python Penetration Testing With Kali Linux.