Visible to the public Implementation and Analysis of USB based Password Stealer using PowerShell in Google Chrome and Mozilla Firefox

TitleImplementation and Analysis of USB based Password Stealer using PowerShell in Google Chrome and Mozilla Firefox
Publication TypeConference Paper
Year of Publication2020
AuthorsMuslim, A. A., Budiono, A., Almaarif, A.
Conference Name2020 3rd International Conference on Computer and Informatics Engineering (IC2IE)
Date PublishedSept. 2020
ISBN Number978-1-7281-8247-6
Keywordsarduino pro micro leonardo, Arduino Pro Micro Leonardo device, authorisation, badusb, browser applications, Browsers, brute force attacks, chromepass, Computer crime, Google Chrome, Hardware, Human Behavior, human factors, Internet, Mozilla Firefox login data, Operating systems, operating systems (computers), password, password management feature, passwordfox, PasswordFox program, policy-based governance, powershell, powershell script, pubcrawl, rubber ducky, Software, stored data, time 14.0 s, Tools, Universal Serial Bus, USB password stealer, user interfaces, usernames, Windows operating system

Along with the development of the Windows operating system, browser applications to surf the internet are also growing rapidly. The most widely used browsers today are Google Chrome and Mozilla Firefox. Both browsers have a username and password management feature that makes users login to a website easily, but saving usernames and passwords in the browser is quite dangerous because the stored data can be hacked using brute force attacks or read through a program. One way to get a username and password in the browser is to use a program that can read Google Chrome and Mozilla Firefox login data from the computer's internal storage and then show those data. In this study, an attack will be carried out by implementing Rubber Ducky using BadUSB to run the ChromePass and PasswordFox program and the PowerShell script using the Arduino Pro Micro Leonardo device as a USB Password Stealer. The results obtained from this study are the username and password on Google Chrome and Mozilla Firefox successfully obtained when the USB is connected to the target device, the average time of the attack is 14 seconds then sending it to the author's email.

Citation Keymuslim_implementation_2020