Hack & copy Clipboard content using a link -Clipboardme Hack

If you have been reading our previous articles I am sure you learned how to hack android and ios. Well, today we bring you another hack that works on all devices. Now you can basically hack and copy the clipboard. Everybody has done copy-pasting the data in your device and with a higher number of accounts and their passwords, people tend to save all that information in a text file to keep track. I have seen many people just copy-paste the username and password so as they don’t have to type. This behavior makes this hack so successful and it is the sure-shot way to hack data.

This attack is especially useful since many people tend to copy important data and even passwords in their clipboards. This hack lets you control the data of the clipboard, which is then copied and can be accessed remotely.

---

How to hack copypasted passwords using Clipboardme?

Step 1: Open a Kali Linux terminal and type the following command to clone the tool on your kali Linux installation:

git clone https://github.com/cyberkallan/clipboardme

Step 2: Now switch to the directory with the cd command and run the script with bash. Simply type the commands below:

cd clipboardme 
bash clipboardme.sh

Step 3: Now choose a port forwarding tool. I prefer Ngrok but you can use serveo.net if needed.

Step 4: The link will be created as shown above. Once the target opens the link the clipboard content will be copied as well.

The browsers below cannot detect this hack:

---

Browser compatibility:

Chrome 66, Opera 53, Chrome for Android older versions, Opera for Android older versions.

If the browser is updated then the hack will work but you will see the following permission request:

Step 5: If you want to check the content copied then just open the clipboard_backup text file as shown below. You can use the same commands as well:

cd clipboardme
cat clipboard_backup.txt

---

How does the clipboardme hack work?

Clipboardme is a pentester tool that can gain read and write access to the content in the clipboard by just opening a link. The newer browsers actually show a request as shown in the demo below. But older browsers will directly let the server copy the targets clipboard content by utilizing the async clipboard API.

This API was originally meant for Browsers to implementing a brand new JavaScript API for asynchronous clipboard access to integrate copy and paste into web applications directly. It makes copy-pasting simple across apps and sites basically. The problem is there are very few safeguards over the content which was copied. Thus this hack can easily hack the clipboard data by calling readText(), without requesting permission. Example:

Text can be read (requires permission) from the clipboard by calling readText().

Example:

<script>
navigator.clipboard.readText().then(clipText =>  document.write(clipText));
</script>

So this is how you can execute the clipboard hack successfully and read the data without the target knowing.

Since you have seen this hack working, how can you make sure that your clipboard is not hacked and your data is safe from hackers?

Below are the steps you should follow to be safe from this Clipboardme Hack-

1) Update your Browser:

You should update your browser whenever the stable upgradable version is available. This way you will always have the most updated security patch for the browser and also get the latest features. There are several browsers we recommend to download and use so as to get the safest browsing experience as possible like Tor Browser, WaterFox Browser, and more. At the time of writing this article, the latest Google Chrome Browser Version is 84.0.4147.125. To check your browser’s version, click on Gear Icon for the settings menu (three dots vertically stacked) on the upper right corner, then click on the help option and About Google Chrome. The new tab will be opened and you will see Google Chrome’s latest version installed in your System.

2) Delete the Clipboard Data after usage:

There are many ways you can do clear the clipboard data manually in the Windows Operating System. The Simplest way is to click the “Windows button + V“, you will see the clipboard data in the right corner. You can either click on the Clear All option or Delete the specific records.

That’s all folks. Make sure to stay safe and use tools responsibly. Don’t use copy-paste for passwords and usernames since they can be hacked. Take all the precautions you can. Support us by sharing and supporting the content.

Happy Hacking.