[Inject Ads into hotpsots]

as an alternative to ettercap im sure you could use a perl script like this one http://www.ex-parrot.com/pete/upside-down-ternet.html except change it to print your ad's or whatever you wanted...

[usb hack...]

how is this any better than what has already been released for the switchblade...

[AutoRun USB Media Slurp Tool By HakRat]

what language did you write that in? any more info about the tool without actually having to download it?

[Power User to Administrator]

some explanation would be nice eh.

[The server hosting Hak5.org and the Hak5 forums was hacked.]

i like to use lastpass with the plugin for firefox to manage all my passwords it really helps with keeping everything organized and being able to generate random passwords everytime you need to...

[Inject Ads into hotpsots]

this sounds like an excellent project for the pinapple

[A way to get payloads to work on all computers?]

Um so has anyone tried this boot off a bartpe usb then try there favourite usb payload ?

What were the results (ill test it on my self later)

the problem with that is that 99.9% of the data your trying to gather is held in thier user account files and or thier user account registry entries. So the payload would theoretically run just wouldnt gather any useful information. Now i know there are ways with bartpe to load a user registry hive but i dont think it would do it in exactly the same way in order to work the way you want. What I would be interested in is if someone came up with a payload that did run on bartpe and slurped all the user accounts of useful information...

[How to add admin account to XP sp3]

Hey guys,

Love the podcast, only made my account here today as I ran into a problem.

I read the pinned post on gaining admin access to XP machine. While it was very informative, I couldnt get the compiled version of the util file (the link to web1000.com doesnt work anymore). And I cant compile VB code myself.

Been searching how to add admin account on google but havnt figured it out yet.

I have downloaded, UBCD, Hiren's cd, BT3, Bart, Ubuntu. I have figured out how to reset admin password.

Is is possible to add a new admin user without having access to admin account?

if that is not possible, is it possible to run (install) program with admin access under normal user (without admin password).

--This is on Windows XP professional SP3 that I have full physical access to.

Love the show

at

you can do it with bt3 and a ubcd

[Python]

open a command prompt and run the python command from the command prompt instead of double clicking it... then the prompt will stay open.

[How to find what user you are in?]

thers a sysinternal tool called psloggedon which is what i use .

[Vista app help]

things like aapr or rainbow tables, they just close when i open them or when i run a python script when the results show up (as a command prompt box) it jsut closes right after opening and i cant read the results

this didnt work

the problem here is that you need to open the command prompt first then run the program. If you are using a bat script to execute a command then it always closes the command prompt and unless you tell the script to wait for you to look at the results then your SOL cause thats just the nature of the command prompt.

[Application Packagers]

So I have become addicted to running portable applications from a thumb drive. My current setup is completely automated that upon insertion launches rocketdock, changes the background image, removes the taskbar, launches rainmeter, launches portableapps menu, launches hamachi and maps the drives from my server (amongst other things). My dilemma is that there are some software programs that I cannot seem to get get away from that I want on my portable drive that are not available as portable applications. I've been doing some research into application packagers and was wondering if there are any alternatives that I have not yet stumbled upon that may be more reasonable than ThinApp, Xenocode or Wisestudio?

Also, Mojopac is not really an alternative I am looking for. I've tried it and I don't like it. It's too slow, ugly and doesn't always work.

Thanks

what programs are you refering to?

[Alternative Method to Kill AV's.]

@(X3N)

hey, can you tell me the name of the exploit that can kill the AV's?

its not an exploit just part of a ruby script that can run on the meterpreter....

[A way to kill AV's, that jstu might work,]

why did you make a new topic for this! thers already a couple.

[ok getting started...a keylogger]

ok so after spending 2 hours reading through posts and hitting the favorites button more times than i need, i am finally going to post my question...after another short summery before i ask so you know where im coming from...

just started using au3 scripting to build a keylogger program, i have the basics down like a-z 0-9, however, i need to know where to find say If _IsPressed('36') Then

_LogKeyPress("6")

the digit combo for each key so if i wanted . it would be ifpressed such and such

second of all how do i make it to log combined keys aswell as singular keystrokes?

would apprieciate any help, thanks :) ....while i wait on an answer im going to search through more things in this forum cause its just too interesting xD

dont bother with autoIT because it pegs your cpu there are many versions of a keylogger already written in autoIT and it just doesnt work very good.

[U3 Incident Response Payload]

i found a couple real cool tools one a couple of batch downloaders of the sysinternals tools and the nirsoft tools.

found on this website.

http://smithii.com/si_installer

http://smithii.com/nirsoft_installer

[[Merged] Microsoft Officially steals the Switchblade]

anyone have any information on this ?

[[Merged] Microsoft Officially steals the Switchblade]

anyone have any information on this ?

[U3 and Non-U3 AutoIT payload]

Yes, the problem is with any firewall software, then there's another problem that is to disable the firewall software. You can do it in windows but must to kill the task with other firewall software... Then double problem!

One: Disable the antivirus...

Two: Disable the firewall...

With the batch method, you doesn't need to disable (or allow) anything but the antivirus software. Please, correct me if is not as I'm saying.

I think a good solution is calling a batch from the AutoIT program, give it the correct parameters into variables and do the task with the batch.

Other way could be using different ways (ftp, http post, email), selectable by the user in a pre-configuration (by the GUI) to send the logs and calling different batches from the compiled exe with the options elected. Then the payload would work for anyone using it.

well if you want you can add the autoIT executable and call the script from a bat script because all you need is the standalone autoIT executable to run the scripts without compiling them.

I'm not against using the IE php method i just prefer the gmail method... plus i dont have access to my own webserver yet.

[U3 and Non-U3 AutoIT payload]

Of course! I didn't thought about it, but I agree that any firewall will trigger the program while accessing the Internet... Then will see on what you have been working when you have it done.

there are many ways to get the log file out but i kinda prefer the gmail method using auotIT because you dont have to use any external programs... Any normal hardware firewall should allow you email access the problem that your talking about is in regards to software firewalls which you should probably disable before running this payload anyways... with a method like the av killer programs...

[U3 and Non-U3 AutoIT payload]

I would have fileinstall install files with different names that way it can fool some of the virus scanners. Other than that fairly good.

You could also adapt this script i wrote to capture what's installed

Dim $strComputer, $objWMIService
Const $wbemFlagReturnImmediately = 0x10
Const $wbemFlagForwardOnly = 0x20

$strComputer = "."
$objWMIService = ObjGet("winmgmts:{(RemoteShutdown)}//" & $strComputer & "\root\CIMV2")

_Read_Products()
Exit

Func _Read_Products()
Local $colItems = ""
  $colItems = $objWMIService.ExecQuery("Select * from Win32_Product")
   
   For $objItem in $colItems
;$ProductName = $objItem.Name
        Select
            Case stringinstr($objItem.Name,'Microsoft .NET Framework');and StringLeft($objItem.Version,'3')="3.5"
                msgbox(0,"Found",$objItem.Name & @CRLF & $objItem.Version)
;Return 1
        EndSelect
   Next
EndFunc

How come you use EnvGet and don't use @computername or @systemdir? _Filewritelog will give you the time and date on each line.

This was my first attempt at writing anything long in autoIT so the code is messy... i have a way better method now that i'll be releasing soon that uses fileinstall and runs everything in a much more logical way.

[U3 and Non-U3 AutoIT payload]

how about doing the php log transfer thing with autoit?

When most programs are run, whether using php or smtp, they always trigger a question from decent firewalls.

DO YOU WANT THIS PROGRAM TO ACCESS THE INTERNET?

I think I have found a way to bypass this completely.

Autoit has a way of accessing webpages in the backround with ie...which is typically already allowed internet access.

Using this method and php, logs can be transferred without any kind of interruption.

I have most of the stuff already coded in autoit--i am currently working out the bugs.

im not overly concerned with the php log stuff... i can definitly add the functionality if someone else wants to write it.

[U3 and Non-U3 AutoIT payload]

What about the GUI?

i didnt clean up the files well enough some of those files i was using for development wstart has everything in it some of the others are just extra.

i was using KODa to generate the gui layout

[USB Pocket-Knife Development]

Why did laepo just ignore his thread? He could just tell us that he doesn't want to continue the development, instead of making people wonder where he's been for the past 2 months or so.

who cares just write one yourself.

[U3 and Non-U3 AutoIT payload]

im also working on an incident response package in autoIT