GonZor

I figure its about time I introduce myself :-P (aka post count +1) Name: Steve (aka GonZor or ED) Nationality: Australian Location: Australia Favourite game: Wolf ET (old but good and free) Favourite OS: Xubuntu Favourite console: PS2 Sex: Male Height: 6' Favourite band: Tool Favourite book: Hithhiker's Guide to the Galaxy Favourite author: Douglas Adams Favourite movie: Dogma, Hithhiker's Guide to the Galaxy Favourite TV Show: Anything Funny Car: Who needs one, BIKES FTW Bike: Yamaha XT250

Pretty much the same concept, I'll go into detail of how i was going to work this If you give me a few days until I have released V2.0 of my payload I can script this for you, else take a crack at it urself. - copy the original encrypted volume - mount the second encrypted volume to the next free drive letter - detect where it was mounted - execute the payload from the mounted drive - stash logs on the flash drive not in the encrypted volume - dismount the encrypted volume - delete the second encrypted volume and then possibly move the logs to another encrypted volume if i decide to be paranoid :-P I am going to modify my payload to work like this after i release V2.0. Ill let you know when I have started working on this.

Truecrypt can work from the command line. I would go about this in a similar fashion to what you have stated. I would put the entire payload onto the encrypted drive and give it an autorun.inf that would run the payload. It would be harder to make the U3 version of this, but something in the wiki talked about using Truecrypt with the switchblade. Yes its actually very simple to do, although the problem is true crypt doesn't always work. then again i guess if you don't have permissions to use true crypt the logs generated wouldn't be much use. Once again It would be a valid idea to copy the volume and never extract from the original volume, AV's can decimate a volume if you can access it.

Yes my code is much cleaner and readable because i have written my code from scratch and not just ripped the code from the wiki (sorry had to say it). Basically my payload will include all of your functions as well eventually but be much easier to customize. I am working on a possible solution to this problem. I'll get back to you on this. You posted while I was writing, yes this may be possible but it may also delete the Archive while it is being accessed. to solve that you may need to copy the encrypted volume before extracting. that way you never extract from the original volume and it will stay intact. You could try this with true crypt (good encryption, easy to use via command line) but you may not always have access to extract.

Ok make sure you are using a simple password, my problem was a result of a complex password. My suggestion would be use one of your spare invites to create a new account. This may solve your problem.

Yes it is possible, the .u3p is just a zip file but once installed the apps are just executables stored in their own directory. Is there something specific you are tying to achieve? the U3 launcher already does what you asked if the package is created correctly.

I'm having a similar problem although I have narrowed the problem down to after the rar files are created successfully i have a feeling my password is messing this up it contains a lot of symbols i will let you know how it goes.

No problem, It is possible for my payload to run on any drive actually :-P I my completely bias opinion I'd say the best thing about my payload is the fact it is customizable from a gui, no more editing code but considering both our payloads are still in development we will have to wait to see who's will be better, or we could put them together to create "the ULTIMATE one"? maybe. Anyway if you need help let me know.

Hey I haven't downloaded your payload yet to test but I noticed this line in your code for the scan copy Documentslogfiles%computername%Port_Scan.log+Documentslogfiles%computername%%computername%_ports.log >>nul the syntax for copy is COPY <file1>+<file2> <dest> you'll notice you don't have a destination you just move the data to NUL put your destination in and it should work fine. If it isn't finding "PortQry.exe" call th file like so ".PortQry.exe" this will look for the file in where the batch file is located. By the way I think Ill have to challenge you for the the title of this payload being "the one", sorry.

Sorry I haven't replied in a while I've been fairly busy. unfortunately that would not convert it to an exe, it would create a self extracting archive with a bat inside, and would not solve your problem. I am working on rewriting everything into an exe. Thanks for the suggestion, I will swap pwdump for fgdump in the next release I'm going to assume you meant HakSaw? Yes I am currently working on V2.0 that will include a lot more, mostly functions that will infect the computer like HakSaw and VNC. I have also added a function to dump the external IP to the log if it is connected to the internet. I am currently having trouble with the HakSaw I have never used it before, I have the installation to work properly but It will not send the files. I have also tested with the original payload and cannot get it to send. Please email any ideas to gonzor228@gmail.com.

Interesting but nothing new, I'm working towards a similar effect with my payload. At the moment I have released V1.2 which includes anything that wont infect the computer, V2.0 I am working on which includes HakSaw and VNC I will also be adding several other options like these.

Would people like an exe in place of go.cmd? Let me know your thoughts

open up a cmd go to the folder and type 'attrib', this will list the files and show what the attributes are for each file. you can also remove the hidden/system attributes with 'attrib -s -h *.*'

Tell them it's for religious purposes and they'd probably let you have it for fear of being sued, even if it's a lie. Nope turns out i cant get away with a turban :-(

dude does this even make sense to anyone? No but what did you expect after reading his previous posts? I just cant understand why after being asked several times he couldn't explain what his problem with windows and windows libraries are although I'm sure even if he did post it no one would be able to understand.

Ive finally put my payload onto the wiki at the moment I have not included the Hacksaw but I will be doing this soon when I have time. the Development thread for my payload is here (yes setzer1411 did spell my name wrong) I have also made a small site for my payload this is where the most recent up to date information will always be, I will try to cover all questions in the forums on the FAQ here as well http://www.users.on.net/~simmo_89/switchblade/Index.html

oops you mean like i just did? but some people are too stupid to send an email so i guess they may not see it... Hey you never know if your boss is hot, it might turn out well for you jonny88

reporting in sir! Good little minion, now run around in circles screaming leprechaun, leprechaun, leprechaun!

Thanks for the linkage setzer, If any one has any problems, questions, comments, ideas, or anything to do with the payload email me at gonzor228@gmail.com and I will get back to you asap If the rapid share links are broken either email me or setzer and one of us will fix them

Just found out my version of hackblade.rar is corrupted :-(

This is classified as a 'hack'? wow... just wow err... Anybody with half a brain?

Give me 10 minutes and ill upload it to your rapid share account :-P

Yes but how long do you think they will be so stupid? Or you could always copy and paste it into notepad. I guess all thats left to say is wacky waving inflatable arm flailing tube man!

It all depends on the intelligence of the System Admin,If they are smart the passwords wont be cached but many System Admins are stupid and leave the passwords cached

Ok, Whats a Linux distro that starts with "U" and ends in "U"? Utriqu ... yea I know that's not a real distro... but give it a few weeks I'm still waiting.... Oh Utriqu where are you?