[USB Pocket-Knife Development]

nice abi,

the problem is, i had trouble once, had to abandon my chip, it would help also if it Emailed myself it, right before it shuts down.

Abi thats some really nice work.

i think the slurp should have options on What to slurp.. .that would be nice.

EDIT: i saw the email options, but thats for the keylogger, right?, i cant risk installing a keylogger, i want it to be clean when i leave it, keylogging and maleware is nasty buisness, i dont want get into that.

[Gonzors Switchblade 2.0 Download?!]

there isn't "newer one" pocket knife was updated, its now better then gonzor (btw gonzor should be outdated)

till his site is up, theres nothing new, seeing his off a long time, im guessing it might not ever come back.

[USB Pocket-Knife Development]

leapo, not to be a bitchy nancy, but can you please add a feature that emails passwords IMMIDIETLY after payload finished and just before it closes the computer? the keylogger is way more complicated, so im quite sure you can do it, can you mate? but immidietly when payload stop, to email all the dumps (No Files though)

[USB Pocket-Knife Development]

dude, leapo, any chance you upload?

[USB Pocket-Knife Development]

backtrack is great for many things getting website passwords hacking bluetooth hacking wireless and many otheres but if you just after simple things that the switchblades do then your better of with a switchblade,

backtrack is linux and if you dont know linux then its quite hard and takes somw getting used to . i have used it for wirless hacking and works a treat.

the only thing with backtrack is you iethere have to install it onto your system as main operating system or dual boot or use a live cd or usb.

youll get plenty of help here if you like to try it http://forums.remote-exploit.org/

you can run it as a virtual machine too in vmware player too (free)

dude, anyone on this site knows what backtrack is, and what does that have to do with the subject... nothing

[USB Pocket-Knife Development]

leapo, the latest version isn't working at any way, my U3 drive died, non U3 cant find paths from menu, and cant update, cant run it cuz it cant find go.vbs

[USB Pocket-Knife Development]

ehm, heres a tool which finds google chrome passes

http://www.nirsoft.net/utils/chromepass.html

its not command line based im pretty sure, so maybe someone here with some techie savvy skills can reverse engineer it? i'd love to, cant find the time mates.

also, i suggest leaving an Empty U3 in there, so when it plugs in, it will look okay, because i always look at my PC load Led, and when its working when im idle, i know something's wrong, i suggest putting the U3 in, could do a little cover up in that matter

[USB Pocket-Knife Development]

leapo, when thats done will ye pls upload? :P

[USB Pocket-Knife Development]

Yeah, you read my pm's i hope, (replyed to some) anyway, about the big G hosting, i told you its not good idea, contact me and ill help you find a better place

[USB Pocket-Knife Development]

X3N, if you want discression with the source code, which is what i suggest before you post it , pick some private beta testers, i would love to join in, i can test the sourcecode on a handful of computers, versions, anythings. i would love to participate in beta testing you're code if you want, just post the code or if you want keep it private,i guess pm me a link or so?

thanks.

matan

[USB Pocket-Knife Development]

ffs dude, you're version spits even more version then the original one, a huge mass of parse errors mainly

[USB Pocket-Knife Development]

i said it infected myself, but i think im mastiken, it seems i might have confused the crcss with the csrss which is a vital computer component, but still, for some reason it DID execute not well, my AV gone mad, it started infecting me with wierd things, maybe my AV is mad, but something is wrong with it,Seriously.

[USB Pocket-Knife Development]

still all it does is spit errors, and its automatically detected by antivirus from 2003 that wasent updated once, (cant get rid of it, symantec script blocking)

heres logfile
-----------------------------------------------------------------------------------------------------------------------------
Leapos Payload [Time Started: Sat 09/20/2008 10:06:13.57]
-------------------------------------------------------------------------------------------------
-----------------------------------------------------------------------------------------------------------------------------
+----------------------------------+
+ [system info] +
+----------------------------------+


Windows IP Configuration



Host Name . . . . . . . . . . . . : MatanLaptop

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Wireless Network Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel® PRO/Wireless 3945BG Network Connection

Physical Address. . . . . . . . . : 00-18-DE-9E-12-45

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 10.0.0.2

Subnet Mask . . . . . . . . . . . : 255.0.0.0

Default Gateway . . . . . . . . . : 10.0.0.138

DHCP Server . . . . . . . . . . . : 10.0.0.138

DNS Servers . . . . . . . . . . . : 10.0.0.138

Lease Obtained. . . . . . . . . . : Saturday, September 20, 2008 10:05:52 AM

Lease Expires . . . . . . . . . . : Saturday, September 20, 2008 11:05:52 AM

-----------------------------------------------------------------------------------------------------------------------------
+----------------------------------+
+ [External IP] +
+----------------------------------+

-----------------------------------------------------------------------------------------------------------------------------
+----------------------------------+
+ [Dump Wifi Hex] +
+----------------------------------+
'.\wifike.exe' is not recognized as an internal or external command,
operable program or batch file.
-----------------------------------------------------------------------------------------------------------------------------
+----------------------------------+
+ [Dump SAM PWDUMP] +
+----------------------------------+
'.\pwdump' is not recognized as an internal or external command,
operable program or batch file.
-----------------------------------------------------------------------------------------------------------------------------
+----------------------------------+
+ [Dump SAM FGDUMP] +
+----------------------------------+
'.\fgdump.exe' is not recognized as an internal or external command,
operable program or batch file.

-----Hashes-----

-----------------------------------------------------------------------------------------------------------------------------
+----------------------------------+
+ [Dump Network PW] +
+----------------------------------+
'.\netpass.exe' is not recognized as an internal or external command,
operable program or batch file.
-----------------------------------------------------------------------------------------------------------------------------
+----------------------------------+
+ [Dump Mail PW] +
+----------------------------------+
'.\mailpv.exe' is not recognized as an internal or external command,
operable program or batch file.
-----------------------------------------------------------------------------------------------------------------------------
+----------------------------------+
+ [Dump Firefox PW] +
+----------------------------------+
'".\"\FirePassword.exe' is not recognized as an internal or external command,
operable program or batch file.
-----------------------------------------------------------------------------------------------------------------------------
+----------------------------------+
+ [Dump IE PW] +
+----------------------------------+
'.\iepv.exe' is not recognized as an internal or external command,
operable program or batch file.
-----------------------------------------------------------------------------------------------------------------------------
+----------------------------------+
+ [Dump Messenger PW] +
+----------------------------------+
'.\mspass.exe' is not recognized as an internal or external command,
operable program or batch file.
-----------------------------------------------------------------------------------------------------------------------------
+----------------------------------+
+ [Dump Cache] +
+----------------------------------+
'".\"\cachedump.exe' is not recognized as an internal or external command,
operable program or batch file.
-----------------------------------------------------------------------------------------------------------------------------
+----------------------------------+
+ [Dump LSA secrets] +
+----------------------------------+
'.\pspv.exe' is not recognized as an internal or external command,
operable program or batch file.
-----------------------------------------------------------------------------------------------------------------------------
+----------------------------------+
+ [Dump Product Keys] +
+----------------------------------+
'".\"\produkey.exe' is not recognized as an internal or external command,
operable program or batch file.
-----------------------------------------------------------------------------------------------------------------------------
+----------------------------------+
+ [Dump URL History] +
+----------------------------------+
Input Error: Can not find script file "F:\DUH.vbs".
-----------------------------------------------------------------------------------------------------------------------------
+----------------------------------+
+ [Dump Updates-List] +
+----------------------------------+
'".\"\wul.exe' is not recognized as an internal or external command,
operable program or batch file.
-----------------------------------------------------------------------------------------------------------------------------
+----------------------------------+
+ [Network Services] +
+----------------------------------+

Active Connections

Proto Local Address Foreign Address State PID
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 1224
^C

as you can see, it still does 2059503 errors, mostly parse, and cant find logfile temp thingy.
i ran it thew the menu, cant anyway else

[USB Pocket-Knife Development]

leapo, mind uploading the new payload?.

and pls fix the AV kill thing and detectability

edit:

soz for double, forgot i posted.

[USB Pocket-Knife Development]

Are you allowing the payload to execute automatically when you insert the thumbdrive, selecting "run payload" from menu.bat, or running start.bat directly from a dos prompt?

When I'm testing I do the first. I found the second had problems. And the third won't work because start.bat is expecting parameters to be passed to it from go.vbs.

first time arround symantec script detector which is from 2003 and i thought i uninstalled my symantec still pops up. and it wasen't updated ever. script is way to detectable, then i ran the script from menu this time, but it does mess any way i do it

[USB Pocket-Knife Development]

Snipped

[USB Pocket-Knife Development]

gives about a trillion errors right now:/

edit:

i found the issue

well 2

first off, the U3 version doesn't have the csrss.exe in folder at all, also its hidden, which somehow didn't let it read it anyway.

so what you should do, just pass it from non U3 to you're system. then flash it.

also still does some issues for me

edit2:

noticed another thing, before it spits like 1000 lines of errors, i notice its aimed on E:(being my U3 Partition)//system/somewhere, 2 slashes, 2 frikkin slashes causing all this crap, so how can i fix this?

[EA to PC Gamers: “Install 3 times? Buy another copy”]

I like steam and valve, they are one of the nicest game developers.

FYI, steam is a platform developed by valve

[SPORE - 5th September (uk)]

spore is actually offically already the most pirated game, because of the DRM 3 install policy probally, check piratebay.

it got 10x more Seeders then any game behiend it.(2x place has about :10+ the seeders)

more then sims 2 since it was launch baby.

hah eat that ea shits

[USB Pocket-Knife Development]

Hi I'm new here, and I would say that I love your payload. However, the No Disk Error, if you disable all the password dumping and the LSA secrets, then it wouldn't show up, or at least that's what happens to me. i'm trying this on my virtual Machine running windows xp home sp2 Hope this helps!

Lmao, its like saying if you dont hack the site it wont get hacked!.

its disabling everything good :P

[USB Pocket-Knife Development]

i dont wanna talk about it

[USB Pocket-Knife Development]

Kudos for cleaning the dust on this. this works for firefox 3.01 and 3.1? (im using minefield FF beta.)

anyway. gonna try this at home l8r.

i need buy a new usb, last one got taken by school :/

[everything gone?]

i didnt know where to post exactly, but looks like someone just came in and took a bite off the site, why are so many pages missing(not just pages)?

[Uninstalling Pocket knife]

Somehow a few days ago when i left my laptop at the classroom (university) seems someone fiddled arround with it, after looking arround and googling it seems i reached here and it seems it was a application called pocket knife,

now i know you guys built it and i know your not held liable for anything but if anyone here could please help me... i downloaded it earlyer and looked i found the antidote folder, i think i solved everything BUT the keylogger didnt have an antidote, please how can i remove it?

thank you.