X3N

its easy as pie... just install and format and then share it.

in order to have an encrypted hard drive you need a passkey or pass phrase that unlocks the entire partition and by definition you pretty much have to be an admin. If you just wanted to lock your computer all you have to do is hit windows key + L which locks it. Now it would also be possible to write some vbs code that watches WMI for a certain usbdrive instertion which could lock if removed... but really why would you spend the time to program that when you can just hit Win + L to lock your computer... I understand the concept your thinking of though here which i think is like biometric style watching only with a usb drive... which is a little more complicated... considering you'd have to write your own program locking mechanism for your computer that totally bypasses windows login features... unless theres a way to intgrate with them... but i doubt it.

yeah thers a script called py2exe that does it .... i havnt successfully done it yet because i havnt gotten that far with the development... but that shouldnt be too far off

its all about executor or launchy and maybe a screendock...

you could do something like that with truecrypt

the python script can be compiled into an exe after its developed also the autoIT is compilable into an exe. also depending on how you wrote the code the log could be stored as a variable or hidden temp file to be sent out after it completes in order to avoid needing to cleanup afterwords...

yeah no icons here either

i have some autoIT code that will send mail which is even compatible with gmail. i have some python code i been working on to send log files via google talk too... and i been workin on tryin to make a custom reverse shell in python using xml-rpc

pf is best

there are ways.

also im looking into rootkits for ideas... theres alot of source code on that site i think we could roll our own rootkit for this payload.

http://code.google.com/p/creddump/ here is some cool code i found although it isnt really working for me right now... i think its referencing some module i dont have

i been tweaking some of the autoIT code for the remote switchblade..using psexec.exe i was successfully running it on a remote computer you still need domain admin rights and thers the issue of what user account the programs are run under... so im looking at other methods of information retrieval. But the payload executes fine and logs to the remote computer fine. The payload i was running just outputs the results to stdout so basically. Theres an exe payload.exe then theres a bat file i created to run the payload with psexec.exe \\remotecomputer -u admin -p password payload.exe Then open a command prompt and type payload.bat > output.log This can and will all be scripted correctly later but for testing purposes it works fine. but it would be easy enough to tailor this to setup a reverse backdoor and etc... my only complaint is that we are still tied down to these nirsoft programs which are not open source. In the long run i'd like to get some of this password dumping code released as open source and rewritten in different languages. Also the limitation of the nirsoft programs is that they only dump information of the currently logged on user.

if its your computer then reinstall windows or install linux with an encrypted harddrive. Or just run a linux live cd. if its not your computer dont mess with it.

find and delete all exe's and dll's associated with the program.

part of my idea of writing the payload in python would be cross platform compatible... what i been thinking of doing too is writing a bunch of scripts in python that would be included on a minimal distribution of Linux to do administrative tasks on a windows machine all this could be included on a boot cd or boot usb drive... so the payload could be run on a machine on reboot... it would be far more complicated then the current switchblade... and would probably have a name like machete... so in the end the payload could be run from windows on insertion or if you booted from the stick it would load linux text only and grab all the same info from windows... so if anyone likes this idea let me know... also is there anyone that knows enough python to assist?

a long time

yes

create your own trojan...or a reverse bindshell... use metasploit

actually those distro's are just as good as ubuntu just easier for the windows convert. building linux from scratch or a minimal install like debian is a great learning process.

if you have physical access to the computer then just usbhack him. odds are good your not going to be successful with hydra your better off using some exploit. or just pack your trojan into some file he will open. then email it to him or trick him into opening it by binding it to another exe...

you cant really make netcat undetectable... but its easy enought to write a netcat clone in autoIT or python...

i been thinking of trying to write it in python... and also maybe reworking the tools of thepayload to be just scritps then the entire thing can be made an exe

i was just using a reverse netcat shell if you were planning on writing the keylogger in autoIT you might want to rethink it... it eats up to much cpu

netcat is the bomb... still you should research reverse bind shells