teddy

You may have gotten some of the payloads mixed up. http://wiki.hak5.org/wiki//USB_Hacksaw - Hacksaw This hack is based on a modified version of USBDumper. Once installed on a targert machine it will stay resident and wait for a USB flash drive to be inserted. Once a USB flash drive is inserted the hacksaw will download the contents of the drive to a temporary location using the modified USBDumper, then silently run the send.bat file located in the same directory, which will then archive the contents using RAR, eastablish an SSL SMTP connection to smtp.gmail.com using Stunnel and Blat, email the downloaded data to an email address, and remove the documents and archives. Other payloads will simply use pwdump or another variant to dump the password hashes to a text file. Hope this helps.

Gozor, You have done a great job with the payload. I was wondering if there is room for additions to the payload? Do you have time to make these additions your self? If not, could you point someone with little coding experience in the right direction for the modifications? I would love to see the below included. I was thinking of the following. 1. Cryptcat ( hxxp: farm9. org/Cryptcat/ ) or netcat with stunnel. Options to do the following, or enter your own syntax. - Push a backdoor command shell - Set up a netcar relay - shovel shell to attacker 2. AVKiller - May be inappropriate now as many AV software detects this as a Trojan. 3. Option to input VNC password. 4. Option to create a new user.