mrgee Posted March 13, 2009 Share Posted March 13, 2009 can someone help here please i have attached a usb slave.exe all it does when its clicked on is collect passwords stored if explore and firefox , history. wirless key view ,stored messenger details . could someone help me add this to u3 so that when i run it by clicking on it antivirus cannot delete it as its on the cd rom of u3 ? thanks ps this is only nirsoft aplications put into single exe usb_slave_2_.rar Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted March 13, 2009 Share Posted March 13, 2009 Most of those tools are labeled as "hacker tools" so they will be picked up by AV unless you find a crypter. Quote Link to comment Share on other sites More sharing options...
mrgee Posted March 13, 2009 Author Share Posted March 13, 2009 i thought that if the exe was written to a modified u3 drive the files put onto the u3 cdrom drive that allthough antivirus make detect them that it cant delete them as they on the u3 cdrom ? please explain about the crypter . Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted March 13, 2009 Share Posted March 13, 2009 The AV wont be able to delete it, however it will not allow it to run. If you look at the haksaw you will see how it works and the reason its not all binded into 1 exe. inpage:"exe crypter" Quote Link to comment Share on other sites More sharing options...
messsy Posted March 13, 2009 Share Posted March 13, 2009 A crypter is a program that will take the exe and scramble it up and add a stub file to it, once the exe is executed the stub will decrypt the exe and it will run, as antivirus companys only 'tag' certain things in the exe it it also possible to hex out the detections by changing the detection from say 0D20 to 0E20, there are tools that will help with the process but manualy is probably best to start with. As it seams to me you are new to this i would sugest purchasing a crypter unless you can code your own, Once the AV companys start 'taging' the stub will become detected Not realy sure if this kind of stuff is allowed here and hope i dont get flamed for this, maybe i could undetect it and that could be my contribution to one of the projects here inbox me if you need further links/info Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.