USB Lojak

[haxwithaxe]

Hey all,

I just finished the initial test of my ftp based usb lojak (cause the c is superfluous and the the name is trademarked) system. Haven't check my ftp server yet but we'll see when I get home.

I did the alpha in batch and used a complied autoit script for the last test.

It uses wget (if anyone can think of a windows built-in get app I'd like to know about it) to grab the automated whatismyip.com page and windows built-in ftp to send it to my ftp server at home.

If anyone can point out a webmail service that doesn't require ssl/tls to use the smtp please tell me because I couldn't find any, and part of the whole point of this app is that when joe shmoe user (not His/Her Holyness sysadmin) plugs in the drive it will still tell me where it is. So stunnel isn't going to cut it.

the autoit script is based off of the Daily Cup of Tech Script with some slight modifications.

#NoTrayIcon

Dim $Message1
Dim $Message2
Dim $Message3
Dim $Message4
Dim $Message5
Dim $Message6
Dim $Title

$Title = "Help! I'm Lost!"
$Message1 = "I've been lost and my owner would love to get my data back."
$Message2 = "Please return me to:" 
$Message3 = "hax , 1337 Haxor WarDrive, Tahkalb, MD 01337"
$Message4 = "or email me at haxor@haxor.com to arrange a pick-up."
$Message5 = "Your will receive a shiny new USB drive just as big as this one for your trouble."
$Message6 = "Thanks for your honesty in advance. - hax"

MsgBox(266304,$Title,$Message1 & @CRLF & $Message2 & @CRLF & $Message3 & @CRLF & $Message4 & @CRLF & $Message5 & @CRLF & $Message6 )
Run ( "explorer ..\..\..\..\..\..\..\..\..\" ) ;no drive change so it will display the toplevel dir on drive it is run from
#NoTrayIcon
DriveGetDrive ( "cdrom" )
;get ipaddr and mail it if safe.dat does not exist on C:\
If FileExists ("C:\safe.dat") Then Exit
Run ( "wget -P %temp%\ http://whatismyip.com/automation/n09230945.asp" )
Run ( "ftp -n -s:ip.dat example.com" )

ip.dat is as follows

echo user ftpuser ftppasswd
echo bin
echo put %temp%\n09230945.asp
echo quit

Also I'm a giant noob when it comes to autoit scripting so please feel free to flame my scripting.

woops left the wrong address in there

[DingleBerries]

I am actually going to use this for my server since it doenst have a static ip

[Xarf]

Why not set up a web server on your home computer (not public) and just put in your code:

ping <your IP>

Then watch for ICMP in the server logs.

[haxwithaxe]

Why not set up a web server on your home computer (not public) and just put in your code:

ping <your IP>

Then watch for ICMP in the server logs.

Some ISPs have their networks setup so that the ping would appear to come from an ISP server and not the target box. Also if their using a ftp proxy when the drive is plugged-in I don't want to get the ftp proxy's ip. and if they're using a web proxy their ip will show up in my logs. If for some reason they're using both then I'm up a creek.

This isn't meant to be a tool for hacking just something to help me get my thumb-drive back if it's lost or stolen.

Also the above site was my personal site so don't use it please. I've changed it protect the inconsiderate from themselves.

[X3N]

another way to do this us to use a service like dyndns... which is basically a little program that logs into the dyndns server to bind a name to a dynamic ip address... this could easily be scripted to autorun on a usb drive... the only problem is that if someone has autorun turned off then it totally defeats the purpose because you cant force autorun to run if its disabled.

[haxwithaxe]

the only problem is that if someone has autorun turned off then it totally defeats the purpose because you cant force autorun to run if its disabled.

True. I plan to do a redundant execution. Both autorun from U3 and from all the menu options in the autoplay menu of the fat16 part of the drive. Infact the script above has only been tested with auto play so far. (finals week and I needed an excuse for myself to mess around instead of studying.) Now if they have autorun usbdevices turned off completely I have to rely on the DCoT part of the script to work it's social engineering magic and have the person return the drive to me.

[haxwithaxe]

Hey all,

I've decided to implement all your suggestions thus far.

ddns updater

ping

?mail? -- I need to play with that one a while.

?ftp? if mailing doesn't workout

also I've been looking at windows built-in utillities (hence ftp instead of blat).

perhaps getmac, ipconfig will be in there next as well to give some more device specific evidence to the authoities in case of theft.

Again this isn't aimed at uber-hackers so I'm working under the assumtion that at least on of the methods will work properly. So if the shmuk at school steals your drive you can turn over the logs to the police and the campus IT department can give them what they need.

[X3N]

Hey all,

I've decided to implement all your suggestions thus far.

ddns updater

ping

?mail? -- I need to play with that one a while.

?ftp? if mailing doesn't workout

also I've been looking at windows built-in utillities (hence ftp instead of blat).

perhaps getmac, ipconfig will be in there next as well to give some more device specific evidence to the authoities in case of theft.

Again this isn't aimed at uber-hackers so I'm working under the assumtion that at least on of the methods will work properly. So if the shmuk at school steals your drive you can turn over the logs to the police and the campus IT department can give them what they need.

i have some autoIT code that will email to gmail using ssl without having ot use blat or stunnel...

i actually have a full payload that dumps all the info over ssl to gmail via autoIT its posted in the usbhacks section.