Monthly Archives: December 2013

A crude but simple password stealer

As I have explained earlier, I’ve had to write a crude password stealer as part of an information security course.

The right approach was to write the entire thing by myself, with the hash dump and smtp login coupled within my program. This however would take quite a lot of time, and between work and studies and my life, I was not in the right mood to write this myself. Thus, I’ve found myself looking at available tools of the trade and how to use them.
I decided to do it with two very simple command line tools, one being PwDump, a program that simply dumps your windows pass hashes. The other being blat, which despite it’s funny name (to us Russian speakers) is a very useful tool – It allows you to send files from the CLI via smtp. If you don’t see why you would need it, clearly you’ve never worked as a system administrator.

Continue reading

An information security course assignment

As part of the information security course I’m taking in college I’ve had to steal a user’s OS password and mail it to me.

I’ve decided not to write much code of my own and rather used pwdump to generate a password dump, and then blat to mail it to myself.

I wrote an app that lunches in a hidden console window, then downloads the main stealer app that in turn downloads pwdump and blat and then runs them in succession.

The dropper file then deletes all files generated.

In order to hide my app, I’ve injected it with inpect into a mahjong game installer. I’ve not implemented any type of fuzzing to avoid AV as it was not in our scope. But it wouldn’t have been hard.

The file to download is part of this post, but is password protected. I will post sources in a later post.

File: CourseApp