The Attack Pre-Installed Environment

[Hylas]

I went in and checked manually on the copy file, there were some issues copying files (along with writing the ISO :P) and the like. It might have been due to the 64-kernel config on the drive or summat...

The ISO was close to completely empty, which explains the booting problem, but hopefully that'll be resolved--I'm testing it on a new flash drive shortly.

The Leapos Payload works perfectly, it's just the APE that's having a bit of trouble.

[sablefoxx]

I went in and checked manually on the copy file, there were some issues copying files (along with writing the ISO :P) and the like. It might have been due to the 64-kernel config on the drive or summat...

The ISO was close to completely empty, which explains the booting problem, but hopefully that'll be resolved--I'm testing it on a new flash drive shortly.

The Leapos Payload works perfectly, it's just the APE that's having a bit of trouble.

Hmm... I was not aware of this. What version of windows are you running? (Win7 x64/Vista x64)?

Does running the APE_USB_MAKE.bat as Administrator affect this (right click menu)?

[sablefoxx]

Thought I'd post what I'm planning to add in version 0.9 thoughts/suggestions are welcome!

- Possible U3 Support

- All payloads will have a nice GUI and have the option to automatically install from PE/Normal Mode ( via .ini files )

- More Payloads, using some of DingbleBerries' tools, and some of my own ( like the "Folding@Home Payload" )

- Netcat backdoor will have the option to be configured to bypass routers

- "SAMGrab" mode, boot, copy SAM/SYSTEM file, shutdown (all automated)

- Better Utilman hack support, with GUI (no longer uses .bat files, uses sbexec.exe instead )

- Encrypted restore function in case AV takes out some files ( Like in Leapo's Payload )

- Leapo's Payloads can be installed from PE ( keylogger, VNC, ect )

- No longer need to patch rainbow tables into ISO ( should resolve some issues with APE not booting )

- Payloads installed on XP will automatically add themselves to the firewall exception list, and be hidden from the Windows Firewall GUI ( via regger.exe )

- Possible multi booting with konboot/backtrack

[m1k]

Hi Sablefox

welcome back! ;)

It would be nice:

1- to use the APE in 2 ways...if you connect the usbpen and boot...the possibilities to choose between APE and Backtrack3....in a 2 choice simple menu....if you insert the usb pen in a working M$ system...the possibility to use Leapo's work ;)

For me it will be a "Killer pen" :)

Ciao !!!

[fafaffy]

when i used this on 2 flash drives it always gives me an error? please help...

There FAT, or FAT32

I just installed and pressed the Drive letter, and it passed that, the error was the iso was missing? i though patching the rainbow tables were optional, so im confused?

[m1k]

Of course I was drunk when I mention Leapo's Work....it is already on the APE...

sorry

:)

[Wow]

Mhhm i need some help...could it be that APE has got a write-protect feature inside? i cant format the usb anymore because of it :(

[sablefoxx]

Mhhm i need some help...could it be that APE has got a write-protect feature inside? i cant format the usb anymore because of it :(

Nope, you're doing something wrong.

1) Plug in drive

2) Open "My Computer"

3) Right click drive, and select "Format"

4) Check "Quick Format"

5) Click "Format"

This will erase all the data on the drive, including any files APE installed on it.

[Endlessfaith]

HI. sry for being noob but isit possible to lie when i borrow my friend the USB and when he plug it in, the installation of the keylogger and stuff in stealth mode? And also when i plug it in i kept getting virus message when i use another com to try it out. Please advice

** em also when i load the USB pocketknife from the menu i got this error:

---------------------------

Windows - No Disk

---------------------------

Exception Processing Message c0000013 Parameters 75b6bf7c 4 75b6bf7c 75b6bf7c

---------------------------

Cancel Try Again Continue

---------------------------

how can i fix it?

[timmy]

You would have to have some mad social engining skillz try Specail when the icon says "click here to begin pwning your computer " or something better luck try a u3 payload. U3 requires no interaction so just tell him to plug it in

[Endlessfaith]

You would have to have some mad social engining skillz try Specail when the icon says "click here to begin pwning your computer " or something better luck try a u3 payload. U3 requires no interaction so just tell him to plug it in

hmm which one do u recommend?? i now trying to use pocketknife but i do not know how to install it. Do i just copy and paste it into my U3 USB?

[sablefoxx]

hmm which one do u recommend?? i now trying to use pocketknife but i do not know how to install it. Do i just copy and paste it into my U3 USB?

No, its not a copy/paste, please read the instructions for U3 Switchblade installations, I would recommend GonZor's Payload (noob friendly) however this also isn't the tread for that discussion.

[faeded]

In my experience sometimes APE just won't boot on some systems, and im not sure how to fix that. However here are a few tricks you can try;

1. Use a different USB drive, sometimes its the drive itself not the computer

2. Disable USB Legacy support in the BIOS (not every bios has this)

If anyone else has found some cool tricks please post them.

extract iso or create iso with extracted files

format drive to fat fat 16 fat32 ntfs which ever it matters not

usb can be any size

get a copy of ultra iso

open iso image in ultra iso

write or burn image to disc

works lke a charm on any usb....any pe everytime

i always use this method when all other methods fail and this pe gave me some problems on ceartain usb sticks but not with ultra iso installation.

[underhole]

You need to update man!!

[P=W/T]

Is this project still active?

[sablefoxx]

Yeah, but development is slow going. I'll have some new stuff to post soon, which incorporates some the the USB Multi-Pass, memory dumps, and other things recently on the show.

[Palumbo]

I know this maybe dumb but i want to learn dont you have a guide for dumbies or something?? ive spent days reading and reading about these things but all of these new words and all i just dont get what im supposed to do or where to start???

[sablefoxx]

I know this maybe dumb but i want to learn dont you have a guide for dumbies or something?? ive spent days reading and reading about these things but all of these new words and all i just dont get what im supposed to do or where to start???

A more specific question please...

[Palumbo]

i want to learn how to hack with a usb? where do i start? and what do i do? i need a tutor? or a guide which i can understand?

[Jen]

i want to learn how to hack with a usb? where do i start? and what do i do? i need a tutor? or a guide which i can understand?

Hacking is not allowed. These tools are here to be a kind of education tools to learn and show that it's possible, not to use it to hack.

[Brandon Garner]

A.P.E.

The Attack Pre-Installed Environment

About:

Basically it is a bootable USB drive that will let you copy SAM files from the local system, install backdoors, crack passwords, edit any file you want, etc. All without the user's password! Its based off BartPE, unlike Backtrack this is designed more to help you compromise the local system faster and easier. This also has network support so you can FTP, or SSH the SAM file anywhere in the world. Let me know if you have any ideas on what to add, or if you think it sucks. I also wrote almost all the scripts, and loaders so let me if you find any bugs. Also feel free to post your own payloads, mods, etc, have fun! ^_^

Features:

Password Attacks:

GetSAM - Copies Local SAM file to removable drive

CrackSAM - Cracks Local\Custom SAM file using OphCrack (non-gui)

JohnTheRipper - Use CLI, X:\ape\johntheripper\run\. You may need to manually unload/load the reg hives to use this program (rh_load.exe and rh_unload.exe)

Network Attacks:

Wireshark - Packet Sniffer (BartPE Plugin)

Cain & Able - ARP Cache Poison, among other things, note that not all functionality of this program can be used in P.E.

Payloads:

Cmdo - Installs a netcat backdoor to port 69 (Reverse Shell), use NConnect to connect to victim (fixed the bsod bug)

HackSaw - Installs the hacksaw payload from P.E.

RickR - Randomly Opens Up (in defualt browser) a Rick Roll

FTPme - Installs a FTP server, shares entire C:\ on port 21 with no user/pass

KeyB - Any keyboard input is converted to binary

KeyL - Installs Keylogger, log saved to C:\WINDOWS\keyl.txt, looks like "svchost" when running.

KeyR - All keyboard input is randomized, 1/10 Nums shuts computer off

KeySh - Picks random key, and turns computer off when pressed

Utilman Hacks:

Replaces Utilman.exe with different payloads, to run press WinKey + U or (in vista/win7) press the blue circle in the lower left hand corner at the logon screen. The included payloads are;

Root Account Maker - Creates an account on the local system Username: root Password: toor, remember if the 'Welcome Screen' is enabled you may need to reboot the system after running the payload for the new account to show up.

Shell Spawn - Opens a command prompt as NT Authority\System (Vista\Win7 Only)

SwitchBlade Exec - After reboot will execute Leapo's PocketKnife payload, the script goes from drive Z-->B looking for the file \SYSTEM\go.vbs Edit the sbexec.bat if you want it to run a different payload. If the payload isn't found it will ask you to run a custom file.

Note: On Vista and Win7 you must select 'Yes' to set file permissions if asked, or the payloads wont work

Resource Tools:

Notepad++ - Simple text editor

ResHacker - Resource editor

eXe Scopre - Resource editor

Network Tools:

Angry IP Scanner - Fast and simple IP Scanner

FireFox 1.5 - Web Browser (BartPE Plugin)

Filezilla - FTP Client

Putty - SSH Client

Ultra VNC Viewer - VNC (Remote Desktop) Client

Screen Shot

Downloads:

Current Release: Ver 0.8 Beta 5, 3/7/09

Download APE v0.8 - Beta 5

Ophcrack Rainbow Tables (Free):

Download XP Rainbow Tables

Download Vista Rainbow Tables

How to Install:

0. Download, Plug in USB Drive

1. Run Ape_USB.exe - (SFX RAR File)

2. (If doesn't autorun) Run "APE_USB_MAKE.bat"

3. (Optional) Configure Payload, or Patch in Rainbow Tables.

4. Go pull some pranks on your friends ;)

Notes:

Patching Rainbow Tables:

Use your favorite ISO editor to patch the tables into the attackpe.iso, should be in the root of the thumb drive after running "APE_USB_MAKE.bat" or "Ape_USB.exe" Tables go in \ape\ophcrack_pe\tables\ you have to patch the tables in after building the .iso or the CRC gets fucked up and it won't boot!

Any progres setting this up on multipass? are there any updates or added scripts? is interested I can set up a website for downloads and tutorials?

[Brandon Garner]

A.P.E.

The Attack Pre-Installed Environment

About:

Basically it is a bootable USB drive that will let you copy SAM files from the local system, install backdoors, crack passwords, edit any file you want, etc. All without the user's password! Its based off BartPE, unlike Backtrack this is designed more to help you compromise the local system faster and easier. This also has network support so you can FTP, or SSH the SAM file anywhere in the world. Let me know if you have any ideas on what to add, or if you think it sucks. I also wrote almost all the scripts, and loaders so let me if you find any bugs. Also feel free to post your own payloads, mods, etc, have fun! ^_^

Features:

Password Attacks:

GetSAM - Copies Local SAM file to removable drive

CrackSAM - Cracks Local\Custom SAM file using OphCrack (non-gui)

JohnTheRipper - Use CLI, X:\ape\johntheripper\run\. You may need to manually unload/load the reg hives to use this program (rh_load.exe and rh_unload.exe)

Network Attacks:

Wireshark - Packet Sniffer (BartPE Plugin)

Cain & Able - ARP Cache Poison, among other things, note that not all functionality of this program can be used in P.E.

Payloads:

Cmdo - Installs a netcat backdoor to port 69 (Reverse Shell), use NConnect to connect to victim (fixed the bsod bug)

HackSaw - Installs the hacksaw payload from P.E.

RickR - Randomly Opens Up (in defualt browser) a Rick Roll

FTPme - Installs a FTP server, shares entire C:\ on port 21 with no user/pass

KeyB - Any keyboard input is converted to binary

KeyL - Installs Keylogger, log saved to C:\WINDOWS\keyl.txt, looks like "svchost" when running.

KeyR - All keyboard input is randomized, 1/10 Nums shuts computer off

KeySh - Picks random key, and turns computer off when pressed

Utilman Hacks:

Replaces Utilman.exe with different payloads, to run press WinKey + U or (in vista/win7) press the blue circle in the lower left hand corner at the logon screen. The included payloads are;

Root Account Maker - Creates an account on the local system Username: root Password: toor, remember if the 'Welcome Screen' is enabled you may need to reboot the system after running the payload for the new account to show up.

Shell Spawn - Opens a command prompt as NT Authority\System (Vista\Win7 Only)

SwitchBlade Exec - After reboot will execute Leapo's PocketKnife payload, the script goes from drive Z-->B looking for the file \SYSTEM\go.vbs Edit the sbexec.bat if you want it to run a different payload. If the payload isn't found it will ask you to run a custom file.

Note: On Vista and Win7 you must select 'Yes' to set file permissions if asked, or the payloads wont work

Resource Tools:

Notepad++ - Simple text editor

ResHacker - Resource editor

eXe Scopre - Resource editor

Network Tools:

Angry IP Scanner - Fast and simple IP Scanner

FireFox 1.5 - Web Browser (BartPE Plugin)

Filezilla - FTP Client

Putty - SSH Client

Ultra VNC Viewer - VNC (Remote Desktop) Client

Screen Shot

Downloads:

Current Release: Ver 0.8 Beta 5, 3/7/09

Download APE v0.8 - Beta 5

Ophcrack Rainbow Tables (Free):

Download XP Rainbow Tables

Download Vista Rainbow Tables

How to Install:

0. Download, Plug in USB Drive

1. Run Ape_USB.exe - (SFX RAR File)

2. (If doesn't autorun) Run "APE_USB_MAKE.bat"

3. (Optional) Configure Payload, or Patch in Rainbow Tables.

4. Go pull some pranks on your friends ;)

Notes:

Patching Rainbow Tables:

Use your favorite ISO editor to patch the tables into the attackpe.iso, should be in the root of the thumb drive after running "APE_USB_MAKE.bat" or "Ape_USB.exe" Tables go in \ape\ophcrack_pe\tables\ you have to patch the tables in after building the .iso or the CRC gets fucked up and it won't boot!

Any progres setting this up on multipass? are there any updates or added scripts? is interested I can set up a website for downloads and tutorials?

[sablefoxx]

Yes, I have an ugly (somewhat) multipass version working, before I left for a two week vacation in Europe. If you want to setup a site feel free everything here is completely public domain. if you want, link to my site (very crude at the moment still setting it up) www.d0tmayhem.com on which (as well as here) I plan to release updates and other fun stuff.

[X3N]

konboot?

[sablefoxx]

I was thinking, Konboot, Memory Dumpers, APE, DSL, and more... hehe