Security researcher Rob Fuller has demonstrated a simple way for stealing login credentials from locked computers running Windows and OS X.
For the attack to work, you’ll need to have:
- Access to the targeted computer
- A portable, plug-in computer that you have modified to impersonate a USB Ethernet adapter, and
- A computer with software that will crack (or downgrade and crack) the authentication hashes you have pilfered.