Jump to content

DMilton

Active Members
  • Posts

    132
  • Joined

  • Last visited

Everything posted by DMilton

  1. Maybe "yougothacked"...? Refer to This topic
  2. Good luck with your exam... I remember it... So many years ago...
  3. In fact, I'm waiting for version 9 for something else developing, but without Leapo... we can continue developing this stuff. The first we have to do is reading the forum, there are very interesting things we can add to the payload as the MySQL+PHP way of sending the logs (not only this). Moreover, some of us can contribute with new ideas but a working group is needed and a base in what to develop is needed too. Where's Leapo? If he wants to continue his work as he told a pair of weeks ago, I'll be glad of contributing in the few I could, if he doesn't... will wait!
  4. Don't worry man, I don't feel attacked at all. Only one observation... Figure you have to plan your attack in 3 seconds. One situation, one solution! I don't want to annoy alexthedrifter at all, in fact his work desserves applause, but if this is your situation (probably if I answered it is because is mine), you have to act as soon as possible, as fast as possible, and problably you haven't time to install .NET at all (if it is possible). :( Anyway, good work!
  5. Sorry, I posted you to the incorrect link... For any language system, you can do this posted Here!
  6. It's so easy as trying it... If you are looking for an answer as this, I think the best is trying by yourself... isn't it? ;)
  7. This can be easyly implemented into everyone's payload but if the idea is doing it into the Leapo's Pocket Knife it will be very easy, of course. Maybe Leapo will do it or if he wants, I'll write (with Tcstool permission ;)) the code to run from Leapo's Pocket Knife for his next release! The only you have to do is to add the apps to the SYSTEM folder and modify the >> %1\output\... to the Leapo's output log file. But in this stuff I think that there is some things as MD5SUM or exporting the entire Registry in Leapo's will not be very useful (not as in other payloads oriented to security audits) Leapo: What about it?
  8. A fast work implementing the idea from HarshReality and a good work it all. Now we can add this to our payloads (yeepeyaaaaa!!!!) So... look, you're pinned!
  9. Great work! I will update my own payload by now... And... Will you add this stuff to the wiki?
  10. DMilton

    USBhacksaw Help

    The only you have to do is to allow system seeing the hidden files (Go to "My PC", "Folder Options", here you have to allow seeing hidden files and folders... Truely no one wants to be his gmail account password to be exposed but as ravc told us... He's new to this and your SOL solution (MySQL+PHP) way is much better but not implemented in any payload yet as Leapo's or GonZor's (by example) not as your's or mine or people whith some basic level in this matherials...
  11. What a dirty job is this? I think no one is so...fool? to do it, e-baying or selling them in a marketplace... But the idea is planning over my own fried mind! As you do, I hope "this" warns readers out there of doing nonsenses as this...
  12. Good job Tcstool! I think it would be great to add this at the wiki... You're not responsible if the final user is using it in a white hat way or not, but I found it useful. As HarshReality said a list of installed printers and properties from them will be very useful too.
  13. The solution is modifying the GO.VBS. In this thread is the solution by mencargo... In my case, I don't think i'll use this way of slurping but if it can be useful for more people, I could try to script it it... Anybody? In any case, probably the consumption of time would do the slurping action not to be very efficient. Probably it will be better to slurp all the .txt, .doc, .rtf files...
  14. DMilton

    remove gonzor

    You don't have to remove gonzor. The only you have to do is installing new version in the same way you installed previous one. It will replace the version with the new one.
  15. Good work. I will donwnoad AutoIT to compile the modules and see how it works... Thanks!
  16. Try this. It was implemented into Leapo's Pocket Knife and it works. ;)
  17. No, I'm sorry... I don't know how do do for not using .NET Framework. Slurp3 method (I named it slurp3 because slurp1 and slurp2 already exists) is a way of slurping only desired files from My Documents, Desktop, Shared Documents and Shared Desktop (similar as Slurp2 but more oriented attack), it can substitute it too. It's not implemented yet but i'll think Leapo's will do. It uses a plain text file (wanted.txt from \SYSTEM dir), editable for slurping files by extension (*.jpg, *.doc, etc). It can slurp all files too (by edditing the wanted.txt and adding the *.* for it). You can find more information into the Pocketnife Payload thread here
  18. Have you think about adding this to the wiki and may be a brief "How to"? I found this thread a few days ago and found it really useful (voted PHP+HTTP+SQL). I know it's the same it does some backdoors too, but the benefits in this stuff are really great. What would happen if the connection is not active or if it's interrupted when a log (or slurped files) are being uploading? Note: I don't know if I have posted in the correct place... Maybe I would have done it in the other thread...
  19. First of all, if we wanted to develop an independent payload, we surely would do. I have my own payload, of course, as many of us have. But the final purpose of posting in this Pocket Knife Thread is precisely allowing Leapo in developing his payload. This stuff doesn't belong to Leapo, but the entire community. But if Leapo did the effort to compile in a batch a compendium of other scripts, and tryed to improve them is because, probabily he had an altruistic thought. The reason of posting is, precisely, helping in developing his first (and now very evolved) code. Without the collaboration of many people (I would not nominate anyone for not forgetting anyone), he probabily would have left this proyect. But don't forget that if you, me (or someone else) post a code trying to update the code is, surelly, because we want to collaborate and, of course, making readers understand the code and share knowledge. But the last one that has to update his code is Leapo. By the way, we only can try to help. In fact me too, but as you see, if someone wants to make a independent payload, he does it in a independent thread... If you refer to someone that are developing a GUI, surely, if Leapo sees that, will contact him/them (and vice-versa) to work hand in hand. If the author of a GUI, show us (by publishing the code) how he did it, surely, it'll be usefull, because it's one more less thing to do (or one more thing to improve! ) Those who doesn't want to be "one more" but "The One", haven't no place in this forum... Finally, I don't know if he is planning on updating the payload, probably yes (he told it a few days ago), but also probably he has other things to do (as many of us). In second place, there's many things to do, many improvements to implement and many others to investigate. Then, let Leapo decide if he wants to do it, and let others to decide if we want to use his code (as me), helping him in it's developing and others in understanding of how it works. I remember GonZor did the same far, far time ago (sigh!), and the response to him was the same as for Leapo, in fact I remember many people helping in Gonzor's stuff (will not say names). As far as I know, Leapo always appreciated contributions, then be sure, when he can read the post, recompile, compile and rebuild his code, he'll do it. Otherwise, I'm sure he'll pass the baton... Meanwhile, I will be waiting for his answers and learning more things (There's some very good threads here and in other communities), and the developing of this kind of stuf will surely be alive, with of without Leapo (better with). Every body knows that Leapo begun this Thread and did the first re-compilation, re-compilated from other re-compilations, searching for code from other anonymous people (and not anonymous ones), and those from others... till the beginnings of the times... :P There's no new in doing so, but is a work in doing it. Can you contribute? Perfect, do it... We still be waiting for next release, with or without GUI... (Better with)
  20. I'll be testing it in this week... First question, why we must use .NET Framework? Sorry if this question is so simply but I think, if we want to run it in a computer without .NET Framework, we must install it. What it happens if we have only a pair of seconds to configure the payload? I don't want to compromise you but you surely will understand what I'm trying to say... I'll be waiting for the sourcecode as DingleBerries too. Haven't you implemented the Slurp3 code? Have you worked in a clean installation of the Pocket Knife or a updated one? By the way, only one more thing to say GREAT WORK!
  21. See what DingleBerries are doing... http://hak5.org/forums/index.php?showuser=9434 I think is the perfect solution, isn't it
  22. Some of the readers, have decided to create a GUI for Windows, non MS-DOS GUI (Elmer, alexthedrifter and mencargo). Some others we are interested in it, helping with what we can. In fact, alexthedrifter has released an ALPHA-BETA :P version GUI (Look for new posts). Some new implementations for the Payload (Slurp3 proof of concept). Some issues with the Payload Verye had with the auto-run and how Windows manage file extensions where solved. That's all
  23. DMilton

    Find Password

    Probably, you must do it, formatting again the pen drive...
  24. I have seen it, it's a GUI. My concept of what you must see when you open the GUI is seeing a list of checked/unchecked boxes to activate or not a stuff. If you use only buttons, you cannot know the state of each sub-payload. But by the momment, till he implements more things, it looks alexthedrifter is doing a good work. ;) Yes, yes, yes, yes, I know, it's a BETA...
  25. With the GO.vbs file, don't worry, it's a known error probably caused by a non well assigned variable in the vbs file (fixed a few posts before), problems are not persecuting you... [user]mencargo[/user] posted a solution for it here. Probably it will be fixed by Leapo on next release.
×
×
  • Create New...