Jump to content

The Attack Pre-Installed Environment


Recommended Posts

Hi all, 1st post of which i hope will be many.. :) :blink:

I have installed this on my USB, and have had the problem of my system not booting from the USB.

SO... I did a little searching and found a boot manager called PloP


which allows you to boot USB keys, i tried it and as far as i can see it works.

As i have pointed out in the link, #7 shows an alternative which allows you to use it without install, and several site suggest something along the lines that you can put the ".bin" of the download in the USB and just make a small menu.lst modification from what i can see..

as seen here:

-> http://www.linuxquestions.org/questions/li...27/#post3671669

-> http://www.ultimatebootcd.com/forums/viewtopic.php?t=1964

-> http://forums.partedmagic.com/viewtopic.ph...p;start=0#p1562

So what i was thinking is that that change can be made through a quick automatic/manual change on the computer, and then anyone can boot into APE via USB and PLoP...

If i have missread somewhere forgive me :rolleyes: , but as far as i can see, this should work, and will help a lot of people... :lol:

UPDATE: Ok from what i can see, that menu.lst is linux specific. Still looking to see if anything is necesary for windows..


Ps. I seem to be having a problem retrieving the SAM files, i have tried searching google and the forums, but it seems to be unique, or noobish :P

I choose 1, as the file is on the C: drive, and i have found the file manually with explorer so i know its there, but when i choose option 1 in getsam, i get:


----SAM FILE NOT FOUND AT C:\WINDOWS\System32\config\----

SAM File Not Found Manually Enter Path? (y/n)


So i enter the path manually and it still cant find the file. So... ya..

The thing is that if i run the USB Pocket Knife from menu.bat, with dumps using PWSAM &FGSAM, they both return results. Atleast i think they do...

Link to comment
Share on other sites

  • Replies 146
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

wtf, has this thing just died or something?

Reading the whole thread you find:

Is this project still active?

Yeah, but development is slow going. I'll have some new stuff to post soon, which incorporates some the the USB Multi-Pass, memory dumps, and other things recently on the show.


Link to comment
Share on other sites

Donations are accepted in the following currencies;

1. Source Code

2. Comic Books

3. Beer

4. Bawls

5. Porn

Link to comment
Share on other sites

  • 2 weeks later...
Yes, I have an ugly (somewhat) multipass version working, before I left for a two week vacation in Europe. If you want to setup a site feel free everything here is completely public domain. if you want, link to my site (very crude at the moment still setting it up) www.d0tmayhem.com on which (as well as here) I plan to release updates and other fun stuff.

how do I do it up on mulityboot?

Link to comment
Share on other sites

  • 3 weeks later...

This tool is great and I look forward to the next release!

Until then, I would like to contribute a few changes I made.

First off, I noticed that once you patch in the tables, booting is slow and requires a lot of ram, because the ISO is copied into ram before being run. For that reason, I changed my APE installation to boot directly from the USB stick by extracting the files out of the ISO.

I also made small changes to many of the batch files to allow target drive letters to be changed.

Finally, I fixed a few problems I was having in the nu2menu.xml that were causing some of the menu items to be disabled.

I attached my changes and instructions. Perhaps this will be useful to others as well?

Keep up the excellent work Sablefoxx!

Link to comment
Share on other sites

  • 1 month later...

Just read the whole thread and found myself intruiged by this project and I've got some suggestions.

My understanding of this project is that the ape toolkit would be used in circumstances where you have brief access to a terminal and you need to quickly plant backdoors, gather information and get out of there unharmed. (I don't condone any illegal activity)

Ideas and Sugesstions

1. Run FTP server on a different port, 21 tends to stand out a little.

2. Extract Registry/Copy Registry: usefull for extracting passwords, configurations, installed apps and versions, ect.

3. Copy/Grab firefox, chrome and other sensitive application directories, can be later used to extract passwords.

4. Vnc Payload does not set password correctly in the registry so when you try and connect password policy won't allow it.

5. Automatic nmap scan and dump to txt

6. Enumerate shares and dump info to txt

I read that you were thinking of including konboot, memimg, backtrack into this project.

Link to comment
Share on other sites

  • 2 weeks later...

Some good ideas there, I may resume work on a new version soon, however the FTP server I'm using atm doesn't allow you to run it on any port other then 21 (i will look at the source code and see if i can change it), anyone know of another command line FTP server that will allow you to do this?

yes the VNC backdoor does NOT current work, though I have a fix in the works for it.

Good idea on grabing Firefox/IE files.

Nmap scan would be tricky, do you mean an Nmap scan of the local network, or a port scan of the local OS, the latter is not possible because you're booting into your own OS (unless you're using Leapo's payload/utilman).

Link to comment
Share on other sites

First time poster, long time lurker here. :P

Let me start with the customary brown nosing..

First off I love the website and the episodes. The APE program really brings allot of cool things together.Keep up the good work.

2 questions

1.) Question I noticed that the switchblade that is part of APE is created for non U3 drives (auto run only). Do you have a U3 one available? (one that runs the switchblade payload along with the u3 loader.)

2.) On page 3 ( http://hak5.org/forums/index.php?showtopic...st&p=130112 )

You released an update payload v1.2 but the link is dead. Do you have any other available mirrors?

Again thx for everything.

Link to comment
Share on other sites

  • 1 month later...

Update maybe, i work on it in my spare time;


Link to comment
Share on other sites

  • 2 weeks later...

Working on mirrors, standby...

Mirror #1: http://www.mediafire.com/?zlymm5kzzbj

Edited by sablefoxx
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Create New...