Sounds Crazy but on this article, I am going to tell you how Security expert Rob Fuller has demonstrated and explained these facts. Using USB Ethernet dongles, i.e., USB Armory and Hak5 Turtle, he has tested this attack on Computer. So here I an ism presenting how he had did it.
The RoB Fuller, in his blog post had mentioned and demonstrated how to exploit a USB SoC-based device to turn it into a credential-sniffer that even works on a locked computer or laptop. Furthermore, he had modified the firmware code of USB dongle in such a way that when it was plugged into an Ethernet adapter, the plug-and-play USB device installs and acts itself as the network gateway, DNS server, and Web Proxy Autodiscovery Protocol (WPAD) server for the victim’s machine. Not only this, he further mentioned that the attack was only possible since it had automatically install plug-and-play USB devices, even when the system gets locked out.
But here I would also discuss on why your system automatically shares windows credentials with any connected device. This is because of the default behavior of Microsoft Window’s name resolution services and is used to steal authentication credentials. Besides, the software called Responder spoofs the network to intercept hashed credentials and then stored them in an SQLite database and also forced to get clear text password.
Rob Fuller, told that attackers would require physical access to conduct such attack so that they could plug in the evil USB Ethernet adapter and within just 13 seconds all the possible attacks would be made. He had tested these things on various windows like Windows 98 SE, Windows 2000 SP4, Windows XP SP3, Windows 7 SP1, Windows 10 Enterprise and Home (but not Windows 8), as well as OS X El Capitan and OS X Mavericks; and even planning to test on Linux.
This is all about how he did to hack any locked windows to make it unlock. So, riskiness is your resposibility, for this don’t try to do any such cybercrime related work that makes you same on society.