sablefoxx

Old trick, to my knowledge it only works on XP Sp1, 2 and 3 Professional it may work on Home but i have not tested it. You must have administrative rights to do it. It's a far cry from "any Windows Machine," and i also wouldn't call it an exploit. This does NOT work on Vista, or Win7 and it also does not work from XP guest accounts, i dont know what Sorrow is smoking. A while ago I helped create a program to do this automatically, takes about 1-2 mins to complete, just run it and get SYSTEM, enjoy! Download SysHack You can generally use GPedit.msc, or a 3rd party registry editor to re-enable Task Manager/CMD if it's been disabled. (start>run>type "gpedit.msc")

set /p store=.\slurpfiles\

Nope, you're doing something wrong. 1) Plug in drive 2) Open "My Computer" 3) Right click drive, and select "Format" 4) Check "Quick Format" 5) Click "Format" This will erase all the data on the drive, including any files APE installed on it.

<3

My guess would be the former, though perhaps he just didn't understand the context...

http://tinyurl.com/laptopsthatdontsuck

Not worth installing the very, very few viruses out there for Linux are aimed at the server side of things, and are virtually non-existent for the Linux desktop. Programs are automatically updates though the Update Manager, assuming they are in the Ubuntu repositories or you added a repository for that program, System-->Admin-->Update Manager (Basically if you installed it via apt-get or aptitude then it will automatically update). If you want to update it from the command line, then you should type "sudo apt-get update" (note this updates apt-get not the program itself) and then "sudo apt-get install [program name]" (basically re-installing the program)

OMG you guys sign up for the L4D-2 Beta Yet!?! It's nice little scam it looks real, say for the fake url/login screen. Hmm, I should find a copy of Access Diver and spam them, lol

Looks a bit fake to me, but all the same still funny as hell... wtf is with the remote?

Ahh, sorry to burst your bubble, but this has already been done (some time ago) see GonZor's Payload. Now as far as finding what the drive letter is of the USB drive thats very easy, and can be done using batch files (like in gonzor's payload), vbs or in C Ruff Example in C/C++ ( Note: This can be done in a 5 line batch script, but C looks badass ) /********************************************** Name: SbExec Copyright: Fuck That Shit Author: SableFoXx Description: Runs a payload, reguardless of what drive letter it is on. the payload directory should be the first line of "sbexec.inf" and should be placed in the same directory as the sbexec.exe ***********************************************/ #include &lt;stdio.h&gt; #include &lt;stdlib.h&gt; #define INF_PATH "sbexec.inf" #define PL_PATH "X:\\Windows\\System32\\cmd.exe" #define FN_MAX 256 /* longest filename is 255 on ntfs */ int main(void) { int plexec( char path [] ); int inf_read( char path[] ); char path[FN_MAX] = PL_PATH; printf("\nSbExec v1.0\n"); FILE *pl; if ( ( pl = fopen( INF_PATH, "r" ) ) != NULL ) inf_read(path); else plexec(path); getchar(); return 0; } int plexec( char path[] ) { int cnt; FILE *pl; char letter = 'Z'; for( cnt = 0; cnt &lt;= 25; cnt++ ) { path[0] = letter; printf("\nLooking for %s ... ", path); if ( ( pl = fopen( path, "r" ) ) != NULL ) { fclose(pl); printf("File Exists!\n\n * Executing \"%s\"\n\n", path); system(path); return 0; /* Executed Payload */ } printf("File Does Not Exist"); letter = (char)( (int)letter - 1 ); /* Next Letter Down */ } return 1; /* Payload Not Found */ } int inf_read( char path[] ) { int i; int plexec( char path[] ); printf("\nReading %s ... ", INF_PATH); FILE *inf; if ( ( inf = fopen( INF_PATH, "r" ) ) == NULL ) { printf("Failed to Open File!\n"); return 1; /* Failbus */ } while( fgets( path, FN_MAX, inf ) != NULL ) { } printf("File Points to \"%s\"", path); plexec(path); fclose(inf); return 0; }

how dumb do you think we are? this is just insulting

You have to admire Valves attempts to prevent this sort of attack, the "Never tell your password to anyone" helps lots of people who don't know better. Maybe it should say "Never tell your password to anyone, even if you think we're the ones asking" PS: ahhh, that url is down :( now i'll never get my account validated.

Thats why i posted the source code, all of them (updated versions) can be found in Attack PE (see USB Hacks).

WARNING: This program provides no security! You can download the source and edit at your will. Its small and fast. I used it in the "FTPme Payload" (silent install of the ftp server) in APE. http://www.sentex.net/~mwandel/ftpdmin/

Thought I'd post what I'm planning to add in version 0.9 thoughts/suggestions are welcome! - Possible U3 Support - All payloads will have a nice GUI and have the option to automatically install from PE/Normal Mode ( via .ini files ) - More Payloads, using some of DingbleBerries' tools, and some of my own ( like the "Folding@Home Payload" ) - Netcat backdoor will have the option to be configured to bypass routers - "SAMGrab" mode, boot, copy SAM/SYSTEM file, shutdown (all automated) - Better Utilman hack support, with GUI (no longer uses .bat files, uses sbexec.exe instead ) - Encrypted restore function in case AV takes out some files ( Like in Leapo's Payload ) - Leapo's Payloads can be installed from PE ( keylogger, VNC, ect ) - No longer need to patch rainbow tables into ISO ( should resolve some issues with APE not booting ) - Payloads installed on XP will automatically add themselves to the firewall exception list, and be hidden from the Windows Firewall GUI ( via regger.exe ) - Possible multi booting with konboot/backtrack

Hmm... I was not aware of this. What version of windows are you running? (Win7 x64/Vista x64)? Does running the APE_USB_MAKE.bat as Administrator affect this (right click menu)?

Desktop XBMC Media Server

ARP Spoof a local machine, redirect its traffic through yourself (or no where). Then clone it's MAC address. The router will still /a/ computer but it will look like the other local machine. Another option is to sniff traffic, and wait for the machine to shutdown/leave the network and then clone its MAC address (also works good for defeating MAC Address Filtering).

Sometimes "free" isn't cheap enough.

I'll be there on Thursday, hit me up.

Looks kinda legit... this can't be good. http://seclists.org/fulldisclosure/2009/Jun/0062.html Looks like Slashdot picked it up; http://it.slashdot.org/story/09/06/07/2019...t-T-Mobile-Hard

Sounds like you don't have drivers to see the hdd on the Vista machine. If you can locate the drivers (you'll need the .inf files, etc) ahead of time you can drop them into \files\drivers\ (in the extracted files) and re-run USB_MAKE.bat and it should bundle the drivers in so you can access the drive. This is an ongoing problem (lack of drivers for some SATA drives) I have found, hopefully there will soon be a version of BartPE based on Vista/Win7 which will have all the drivers out-of-the-box.

Yeap, however I also included Leapo's Payload which you can run from normal mode. So v0.8 can run from PE/Normal. Utilman hacks are really buggy, im working on some updates that should fix this problem. If you can provide more info i maybe able to help you. First make sure that the C:\ is the target drive (the local OS).

not a bad idea, i may have to add that. been thinking about other regkeys i can through in