DingleBerries Posted October 22, 2008 Posted October 22, 2008 Follow me step by step as I give you the loooong way of installing iso's to a U3 capable device. Step 1. Download the SanDisk LPInstaller.exe and your favorite U3 payload. Step 2. Download MoWes Portable Web server. The only required package is Apache. Step 3. Edit your host file, "C:\Windows\System32\drivers\etc\", so it looks like this like this: 127.0.0.1 localhost u3.sandisk.com Step 4. Install Mowes Step 5. Go to the MoWeS install folder and in the "/www/" directory create this folder structurer "/download/apps/lpinstaller/isofiles/" Step 6. Rename your PAYLOAD.ISO to cruzer-autorun.iso and place it in the last folder. Step 7. Run LPInstaller.exe Step 8. None of the data on the flash partition will not be touched. Step 9. Eject your flash drive.. 1...2...3...plug it back in. Step 10 Youre done Step 11 ????? Step 12 Profit Here is the proof Quote
Jen Posted October 22, 2008 Posted October 22, 2008 Nice way of doing it. Tricking the app to think that you are the server for the iso Quote
DingleBerries Posted October 22, 2008 Author Posted October 22, 2008 I just made a break threw.. I can host an ISO on any server now and we can all update from a repo.. We need a repository. after i get a good one ill release the app. Quote
DingleBerries Posted October 22, 2008 Author Posted October 22, 2008 Or just any server that can host it.. I can do a free on but... yeah Quote
Jen Posted October 22, 2008 Posted October 22, 2008 i can help host it if you tell me how. I got unlimited web hosting with unlimited bandwidth/space Quote
DingleBerries Posted October 22, 2008 Author Posted October 22, 2008 I will send you an email when i am done.. This is my first attempt a reverse engineering so im going to test it a few times before i screw everyones shit up. EDIT I cant save the exe after ive made changes.. If anyone elese would like to help i can point them in the right direction. lol sorry.. Quote
X3N Posted October 22, 2008 Posted October 22, 2008 will any http server work or does it have to be apache? Quote
SWFu Posted October 22, 2008 Posted October 22, 2008 Nice idea, evilgrade plugin anyone? Oddly my installer is slightly different and uses: /download/apps/lpinstaller/isofiles/PelicanBFG-autorun.iso Quote
SWFu Posted October 22, 2008 Posted October 22, 2008 will any http server work or does it have to be apache? Any webserver will be fine. Quote
X3N Posted October 22, 2008 Posted October 22, 2008 yeah i just tried it with hfs and microapache.... i think if i can get this to work right ill write a autoIT script to do all the dirty work and cleanup after. Quote
X3N Posted October 22, 2008 Posted October 22, 2008 Nice idea, evilgrade plugin anyone? Oddly my installer is slightly different and uses: /download/apps/lpinstaller/isofiles/PelicanBFG-autorun.iso Is there a way to modify the exe with a hex editor to allow customizing the download link? so that its not necessary to trick it into thinking its going to u3.sandisk.com? Quote
SWFu Posted October 22, 2008 Posted October 22, 2008 I will send you an email when i am done.. This is my first attempt a reverse engineering so im going to test it a few times before i screw everyones shit up. EDIT I cant save the exe after ive made changes.. If anyone elese would like to help i can point them in the right direction. lol sorry.. How far did you get with this? Was the new domain (did it use a domain or IP) the same length as the old? e.g. re.usbhack.net. Is there a way to modify the exe with a hex editor to allow customizing the download link? so that its not necessary to trick it into thinking its going to u3.sandisk.com? I gather thats what DingleBerries has been up to. I've been thinking how bad evilgrade could be on large networks with lots of people using standard U3s. Quote
X3N Posted October 22, 2008 Posted October 22, 2008 UPDATE: wish i knew about this method before....anyways... it pulls the volume name of the U3 drive and appends it to the url so if you changed the name of it then it will break the lpinstaller program for contacting the internet... GET /download/apps/lpinstaller/isofiles/X3n-autorun.iso HTTP/1.1 User-Agent: SanDisk HTTP Manager Host: u3.sandisk.com Connection: Keep-Alive UPDATE2 : successfully ran with both HFS and MicroApache... This method is way way way faster than the universal-customizer and doesnt touch the regular partition at all! Woot! Good work dingleberrys! Quote
Jen Posted October 22, 2008 Posted October 22, 2008 well, now all we need is to host this up on a webserver so anyone can update it while we let leapo post the new files onto that webserver. Quote
DingleBerries Posted October 22, 2008 Author Posted October 22, 2008 I have found the URL in both HEX and IDA Pro.. However Im still not sure how to use IDA Pro to edit these things. Quote
X3N Posted October 22, 2008 Posted October 22, 2008 well weather or not that is possible i dont know cause i suck at hex editing but i am writing an autoIT script that does it the manual way and then undoes the changes... should have something a little later today. Quote
DingleBerries Posted October 22, 2008 Author Posted October 22, 2008 Ive managed to change on of the URLS in the code, BUT its not want I thought it would be.. In hex I can edit it and it looks right, but when i decompile it its fucking boogers. Ill keep playing around though Quote
SWFu Posted October 22, 2008 Posted October 22, 2008 I've managed to change it to re.usbhack.net, I've no domain names the right length to test though, anyone? Quote
DingleBerries Posted October 22, 2008 Author Posted October 22, 2008 you can change the U3 to www and it will ping.. its when i change the sandisk site i run into issues EDIT OK i got it.. We just need a server now.. Its still alpha though Quote
X3N Posted October 22, 2008 Posted October 22, 2008 it would be fine to change the domain to just localhost is that possible? Quote
DingleBerries Posted October 22, 2008 Author Posted October 22, 2008 Yep. Some where the url is defined like this XXX.XXXXXXXXXX.XXX So you cant do local host because there has to be a "." before the domain, if that makes any sense. If any one has a host I can use for a min please skype me woodall.christopher Quote
X3N Posted October 22, 2008 Posted October 22, 2008 i just tested a simple http server called shttp which didnt work. Quote
X3N Posted October 22, 2008 Posted October 22, 2008 I wrote a autoIT script that runs everything great... it does all the steps and then undoes it afterwords... i can post the source code tommorow... im using micro apache as a web server... works great so far and will be mostly silent when finsihed... Quote
DingleBerries Posted October 22, 2008 Author Posted October 22, 2008 I wrote a autoIT script that runs everything great... it does all the steps and then undoes it afterwords... i can post the source code tommorow... im using micro apache as a web server... works great so far and will be mostly silent when finsihed... Thats great. When and if anyone volunteers a server I can release a P.O.C and move on to the final installer. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.