-
Posts
270 -
Joined
-
Last visited
Posts posted by X3N
-
-
how is this any better than what has already been released for the switchblade...
-
what language did you write that in? any more info about the tool without actually having to download it?
-
some explanation would be nice eh.
-
i like to use lastpass with the plugin for firefox to manage all my passwords it really helps with keeping everything organized and being able to generate random passwords everytime you need to...
-
this sounds like an excellent project for the pinapple
-
Um so has anyone tried this boot off a bartpe usb then try there favourite usb payload ?
What were the results (ill test it on my self later)
the problem with that is that 99.9% of the data your trying to gather is held in thier user account files and or thier user account registry entries. So the payload would theoretically run just wouldnt gather any useful information. Now i know there are ways with bartpe to load a user registry hive but i dont think it would do it in exactly the same way in order to work the way you want. What I would be interested in is if someone came up with a payload that did run on bartpe and slurped all the user accounts of useful information...
-
Hey guys,
Love the podcast, only made my account here today as I ran into a problem.
I read the pinned post on gaining admin access to XP machine. While it was very informative, I couldnt get the compiled version of the util file (the link to web1000.com doesnt work anymore). And I cant compile VB code myself.
Been searching how to add admin account on google but havnt figured it out yet.
I have downloaded, UBCD, Hiren's cd, BT3, Bart, Ubuntu. I have figured out how to reset admin password.
Is is possible to add a new admin user without having access to admin account?
if that is not possible, is it possible to run (install) program with admin access under normal user (without admin password).
--This is on Windows XP professional SP3 that I have full physical access to.
Love the show
at
you can do it with bt3 and a ubcd
-
open a command prompt and run the python command from the command prompt instead of double clicking it... then the prompt will stay open.
-
thers a sysinternal tool called psloggedon which is what i use .
-
things like aapr or rainbow tables, they just close when i open them or when i run a python script when the results show up (as a command prompt box) it jsut closes right after opening and i cant read the results
this didnt work
the problem here is that you need to open the command prompt first then run the program. If you are using a bat script to execute a command then it always closes the command prompt and unless you tell the script to wait for you to look at the results then your SOL cause thats just the nature of the command prompt.
-
So I have become addicted to running portable applications from a thumb drive. My current setup is completely automated that upon insertion launches rocketdock, changes the background image, removes the taskbar, launches rainmeter, launches portableapps menu, launches hamachi and maps the drives from my server (amongst other things). My dilemma is that there are some software programs that I cannot seem to get get away from that I want on my portable drive that are not available as portable applications. I've been doing some research into application packagers and was wondering if there are any alternatives that I have not yet stumbled upon that may be more reasonable than ThinApp, Xenocode or Wisestudio?
Also, Mojopac is not really an alternative I am looking for. I've tried it and I don't like it. It's too slow, ugly and doesn't always work.
Thanks
what programs are you refering to?
-
@(X3N)
hey, can you tell me the name of the exploit that can kill the AV's?
its not an exploit just part of a ruby script that can run on the meterpreter....
-
why did you make a new topic for this! thers already a couple.
-
ok so after spending 2 hours reading through posts and hitting the favorites button more times than i need, i am finally going to post my question...after another short summery before i ask so you know where im coming from...
just started using au3 scripting to build a keylogger program, i have the basics down like a-z 0-9, however, i need to know where to find say If _IsPressed('36') Then
_LogKeyPress("6")
the digit combo for each key so if i wanted . it would be ifpressed such and such
second of all how do i make it to log combined keys aswell as singular keystrokes?
would apprieciate any help, thanks :) ....while i wait on an answer im going to search through more things in this forum cause its just too interesting xD
dont bother with autoIT because it pegs your cpu there are many versions of a keylogger already written in autoIT and it just doesnt work very good.
-
i found a couple real cool tools one a couple of batch downloaders of the sysinternals tools and the nirsoft tools.
found on this website.
-
anyone have any information on this ?
-
anyone have any information on this ?
-
Yes, the problem is with any firewall software, then there's another problem that is to disable the firewall software. You can do it in windows but must to kill the task with other firewall software... Then double problem!
One: Disable the antivirus...
Two: Disable the firewall...
With the batch method, you doesn't need to disable (or allow) anything but the antivirus software. Please, correct me if is not as I'm saying.
I think a good solution is calling a batch from the AutoIT program, give it the correct parameters into variables and do the task with the batch.
Other way could be using different ways (ftp, http post, email), selectable by the user in a pre-configuration (by the GUI) to send the logs and calling different batches from the compiled exe with the options elected. Then the payload would work for anyone using it.
well if you want you can add the autoIT executable and call the script from a bat script because all you need is the standalone autoIT executable to run the scripts without compiling them.
I'm not against using the IE php method i just prefer the gmail method... plus i dont have access to my own webserver yet.
-
Of course! I didn't thought about it, but I agree that any firewall will trigger the program while accessing the Internet... Then will see on what you have been working when you have it done.
there are many ways to get the log file out but i kinda prefer the gmail method using auotIT because you dont have to use any external programs... Any normal hardware firewall should allow you email access the problem that your talking about is in regards to software firewalls which you should probably disable before running this payload anyways... with a method like the av killer programs...
-
I would have fileinstall install files with different names that way it can fool some of the virus scanners. Other than that fairly good.
You could also adapt this script i wrote to capture what's installed
Dim $strComputer, $objWMIService Const $wbemFlagReturnImmediately = 0x10 Const $wbemFlagForwardOnly = 0x20 $strComputer = "." $objWMIService = ObjGet("winmgmts:{(RemoteShutdown)}//" & $strComputer & "\root\CIMV2") _Read_Products() Exit Func _Read_Products() Local $colItems = "" $colItems = $objWMIService.ExecQuery("Select * from Win32_Product") For $objItem in $colItems ;$ProductName = $objItem.Name Select Case stringinstr($objItem.Name,'Microsoft .NET Framework');and StringLeft($objItem.Version,'3')="3.5" msgbox(0,"Found",$objItem.Name & @CRLF & $objItem.Version) ;Return 1 EndSelect Next EndFunc
How come you use EnvGet and don't use @computername or @systemdir? _Filewritelog will give you the time and date on each line.
This was my first attempt at writing anything long in autoIT so the code is messy... i have a way better method now that i'll be releasing soon that uses fileinstall and runs everything in a much more logical way.
-
how about doing the php log transfer thing with autoit?
When most programs are run, whether using php or smtp, they always trigger a question from decent firewalls.
DO YOU WANT THIS PROGRAM TO ACCESS THE INTERNET?
I think I have found a way to bypass this completely.
Autoit has a way of accessing webpages in the backround with ie...which is typically already allowed internet access.
Using this method and php, logs can be transferred without any kind of interruption.
I have most of the stuff already coded in autoit--i am currently working out the bugs.
im not overly concerned with the php log stuff... i can definitly add the functionality if someone else wants to write it.
-
What about the GUI?
i didnt clean up the files well enough some of those files i was using for development wstart has everything in it some of the others are just extra.
i was using KODa to generate the gui layout
-
Why did laepo just ignore his thread? He could just tell us that he doesn't want to continue the development, instead of making people wonder where he's been for the past 2 months or so.
who cares just write one yourself.
-
im also working on an incident response package in autoIT
Inject Ads into hotpsots
in Applications & Coding
Posted
as an alternative to ettercap im sure you could use a perl script like this one http://www.ex-parrot.com/pete/upside-down-ternet.html except change it to print your ad's or whatever you wanted...