Way to go Mubix!
A Security researcher has discovered a unique attack method that can be used to steal credentials from a locked computer (but, logged-in) and works on both Windows as well as Mac OS X systems.In his blog post published today, security expert Rob Fuller demonstrated and explained how to exploit a USB SoC-based device to turn it into a credential-sniffer that works even on a locked computer or laptop.
Fuller modified the firmware code of USB dongle in such a way that when it is plugged into an Ethernet adapter, the plug-and-play USB device installs and acts itself as the network gateway, DNS server, and Web Proxy Auto-discovery Protocol (WPAD) server for the victim’s machine.
Source: Here’s How to Hack Windows/Mac OS X Login Password (When Locked)
