remkow

I guess it's just hard to come up with new ideas, especially when you don't have a lot of experience with it yet. Also, when people have new ideas or features, it doesn't mean that they also want to share it, because it's either too powerful, or some other reason. (TZ: you got my payload and you know it's don't really want to give it out to public either. )

lol that's what I said...

I only have one monitor, so I have no idea how that could be done. However, what do you think of just pasting two backgrounds next to each other in paint, and save them as one picture?

Have you disabled firewalls??

for ff, just use firepassword, or copy the key3.db and signons.txt from your profile folder, and crack them at home. Not sure about the other browsers, because I don't use them.

lol, I forgot I made this topic :P I do have to say that the installation doesn't occur correctly without the services.exe, not sure what the reason is though

afaik it's a gui program, so it would be very hard (i never say impossible ;) ) to implement this in the switchblade, and have it save all passwords automatically and hidden.

It can also be used as a XSS for cookie stealing... The exploit is publically available btw, this is the code used for exploiting the vuln: http://host/filename.pdf#{some text}=javascript:{code} (got this from milw0rm)

The best ones are the ones made by yourself, because the AV vendors won't have any idea on how it works. Maybe try getting a private one somewhere, or use multiple packers on the same file.

So you just want a regular, but undetected keylogger?

You can also give the file another name, like explorer2.exe, and then change that in the registry (not sure where it was anymore), so you wont have to disable the windows file protection. Also, maybe you can add some more info on how to edit the explorer.exe file, for those who never did it before. For the rest, it's really nice, I'm gonna include something like this in my payload :D

Add me on msn and I'll try to help ya out: rwwrulez (AT) gmail (DOT) com

You also have to enable the viewing of system files, not only hidden files.

The name of the technology used is steganography, and there are loads of tools available which do this.. Google is your friend

yea, that's what I said.. It just deletes some files

That doesn't mean it's impossible, even though it's not a real virus or anything

LM hashes become two separate 7 char hashes. The tables available crack any LM hash which has 1-7 chars, so it will crack any LM hash there is.

If there is nothing after it, either there was an error in the program, or there was indeed no info/passes available

Well, trust me, I'm not that kinda guy :P Maybe add me on MSN and have a nice convo, so u can get to know me better..

I'd like to help too, if I can.. really interested

It can of course also be that all seeders/ other leechers have limited their upload limits

It will either stop you from entering more than 14 chars, or it will automatically use ntlm

I started editing one, but it was a bit messy to work with, so the one I have now is made from scratch If you want it, PM/MSN me

I think that if you want the perfect payload, you have to make it yourself. My own payload has every features which is available on hak5, except for the F@H, and I've added a lot of new features myself. It works great for me, but I think you should just think about what you want, and then make it.

That's a really handy technique, might be useful someday..