Xbaxe Posted September 8, 2006 Share Posted September 8, 2006 Sadly , I gave up my chance to get a U3 flashdrive for a wireless kb and mouse ... Argh ... why did i not see this first ! :oops: Ill be on the lookout for such packages . Anyone has any idea roughly how large a flashdrive you need for this ? Quote Link to comment Share on other sites More sharing options...
Silva Posted September 8, 2006 Share Posted September 8, 2006 Well for the non U3 version of this hack a 16mb drive would be enough, all the files dont use more than 1mb including the dumps. I didnt check out the U3 version(I don't have a u3 usb stick). But I'm 99% sure than 256 mb is more than enough for this type of hack. Quote Link to comment Share on other sites More sharing options...
Xbaxe Posted September 8, 2006 Share Posted September 8, 2006 Praise the lord ! That means you could pull this non-u3 version of the hack off with your mp3 players :P I think using mp3 players would be fairly innocuous as not many people would suspect you of plugging USB mp3 player into their box =) Imagine walking up to a box in your workplace( I wouldnt recommend it ) or your school and plugging in a mp3 player . It would seem innocuous .... but conceals a dastardly act . ^My imagination is running wild thinking of possible attack vectors :P Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted September 8, 2006 Author Share Posted September 8, 2006 I just thought this was interesting http://pocitace.sme.sk/clanok.asp?rub=poci...&cl=2882838 No clue what it says but from the links you can figure it out. Quote Link to comment Share on other sites More sharing options...
armadaender Posted September 8, 2006 Share Posted September 8, 2006 I just thought this was interestinghttp://pocitace.sme.sk/clanok.asp?rub=poci...&cl=2882838 No clue what it says but from the links you can figure it out. It's slovakian, and that's all that I know. Quote Link to comment Share on other sites More sharing options...
sircrumpet Posted September 8, 2006 Share Posted September 8, 2006 :( Unfortunately Amish's still seems to bug me with the "What do you want windows to do" message, and it doesn't copy the LM hashes either. If anyone works out fixes for these for those of us without a spare U3 drive it would be great :) Quote Link to comment Share on other sites More sharing options...
flick650 Posted September 8, 2006 Share Posted September 8, 2006 I dont think you can get around the what do you want windows to do message but I am using Amish's method and I have all of the features of the U3. What I did was downloaded them both and then created a hybrid of the two. The main thing that you have to modify is autorun.inf to point to go.cmd on the usb key, move nircmd.exe to the WIPCMD directory, and copy the Icons directory from amish's version to yours. Here is my autorun.inf after modification [autorun] action=Open Files On Folder icon=WIPiconsdrive.ico shellexecute=WIPCMDnircmd.exe execmd CALL WIPCMDgo.cmd Its simple and you get all of the U3 features :D Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted September 8, 2006 Author Share Posted September 8, 2006 :( Unfortunately Amish's still seems to bug me with the "What do you want windows to do" message, and it doesn't copy the LM hashes either.If anyone works out fixes for these for those of us without a spare U3 drive it would be great :) Well that's the point of Amish's technique. Without U3 the autorun isn't going to happen*. However with Amish's technique by selecting the "Open Files On Folder" option you've actually chosen "Run Amish's scripts invisibly and then open the folder". And sure it doesn't run pwdump yet but all you have to do is merge Amish's social engineering autorun with MaxDamage's invisible pwdumper and you'll be all set. *nothing is impossible but AFAIK this is the way autorun works and I don't know of a workaround. Quote Link to comment Share on other sites More sharing options...
sircrumpet Posted September 8, 2006 Share Posted September 8, 2006 ahhhh stupid me :roll: It all makes sense now - I must of just discarded the whole "social engineering" comment describing the download Am playing with merging the two now... btw. you seem to be getting a fair bit of attention in the blogoshpere with this stuff ;) Quote Link to comment Share on other sites More sharing options...
Sunari Posted September 8, 2006 Share Posted September 8, 2006 i've been doing some research as to my local policy question.. im trying to find the values in the registry, and im bugging a couple of my '1337' friends for some help. I think it could be done in VB using API scripts.. but im not sure.. any feedback would be wicked Quote Link to comment Share on other sites More sharing options...
Sunari Posted September 8, 2006 Share Posted September 8, 2006 jackpot :D ....well kinda I found the registry value and stuff for local securit policies that would normally make using fastpush impossible. The Location is: "Hkey_local_machinesoftwaremicrosoftwindows ntcurrentversionSECEditREgValuesMachine/System/CurrentControlSet/Control/LSa/Forceguest" However im a bit of a n00b and not sure of how to go about editing it, anyone know what the msot effective, and "stealthy" method of doing this would be? Quote Link to comment Share on other sites More sharing options...
MuNk Posted September 8, 2006 Share Posted September 8, 2006 double post =// Quote Link to comment Share on other sites More sharing options...
MuNk Posted September 8, 2006 Share Posted September 8, 2006 Please remember this is not a rip off of Amish im triyng ot pass of as my own, the menu its self i made for my own personal use, but decided to share incase it might be usfull of others... and this was no desiged to collect passwords from multiple machines, its was done more of a tool box that can be used at the time on the pc you have current access to... / this is the Menu system ive made and put on my USBPen, it was orignaly made for when im in college and i need to do stuff, but would be blocked by a proxy or what ever, hope its of use to someone and use the PCInfo to get all stuff you would normaly get.. Download Link Hak5 Patch *this replaces Morgannwg with Hak5 ^^, hope you all like it* Side not this the part to gather infomation is based around Amish with a few extra's added to it, this was not intended for people who wanted to do things sneakily :) Application List :~ OpenOffice AbiWord Notepad++ VLC player mIRC *NoNamesScript* Gaim FireFox 7Zip uTorrent FTPWander Speedy *download manager* TSearch1.6 Ollydug ResEditor TCPView TCPTools *forgot other name for it* Putty VNC Viewer FastPush Cain WinCap Installer DX-Ball *fun and addictive little game* PCInfo, will run the Package to gather Passwords etc.. total Size 350MB Uncompressed / 160MB Compressed Quote Link to comment Share on other sites More sharing options...
DLSS Posted September 8, 2006 Share Posted September 8, 2006 Ok so here is my little modificationFor those of you that would like to help my rapidshare. http://rapidshare.de/files/32353339/PCInfo.rar.html But I know its annoying and some people cannot download from rapidshare so http://www.fileden.com/files/2006/7/8/116430/PCInfo.rar Any problems or feedback let me know. :-) why does cports.exe try to connect to 192.168.1.1 ?? Quote Link to comment Share on other sites More sharing options...
datamancer Posted September 8, 2006 Share Posted September 8, 2006 So is there any backup u3 someone can point me in the direction of? So i can undo what i did to mess it up.. Thanks Quote Link to comment Share on other sites More sharing options...
Sunari Posted September 8, 2006 Share Posted September 8, 2006 I think i found away around the admin problem.. From my understanding psexec is a program that lets you run apps in the system account.. For example you can use it to see hidden parts of the registry, im not sure if it could modified to work with the pwdump or w/e to run it in that method. the link is here: http://www.sysinternals.com/utilities/PSexec.html if you guys wanted to give it a shot. let me know what you guys come up with i cant really try anything right now, since im not at my computer Quote Link to comment Share on other sites More sharing options...
spektormax Posted September 8, 2006 Share Posted September 8, 2006 well technicly, PSexec is like runas but sorta cooler... Ill try to rebuild it and post a spektormax rar maybe I mostly care about being able to cachedump cuz I have all the local passwords *cough*ophcrack*cough* so that all I care about. Quote Link to comment Share on other sites More sharing options...
xFilthyxJesusx Posted September 8, 2006 Share Posted September 8, 2006 Ok so here is my little modificationFor those of you that would like to help my rapidshare. http://rapidshare.de/files/32353339/PCInfo.rar.html But I know its annoying and some people cannot download from rapidshare so http://www.fileden.com/files/2006/7/8/116430/PCInfo.rar Any problems or feedback let me know. :-) why does cports.exe try to connect to 192.168.1.1 ?? Hmmm see if this makes a difference. Trash the old one. http://rapidshare.de/files/32434912/NonU3.rar.html or http://www.fileden.com/files/2006/7/8/116430/NonU3.rar Let me know if theres still a problem. But if you have a router I believe that might have something to do with it. Quote Link to comment Share on other sites More sharing options...
Mick Posted September 8, 2006 Share Posted September 8, 2006 I am going to see if there is a way I could do it for a memory card, maybe an SD. Also, I am going to see if i can find a buffer or maybe format exploit for autorun.inf or maybe the icon. Maybe even a timed crash hack, so after 30 min. or so it will crash. Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted September 8, 2006 Author Share Posted September 8, 2006 Please remember this is not a rip off of Amish im triyng ot pass of as my own, the menu its self i made for my own personal use, but decided to share incase it might be usfull of others... and this was no desiged to collect passwords from multiple machines, its was done more of a tool box that can be used at the time on the pc you have current access to... / this is the Menu system ive made and put on my USBPen, it was orignaly made for when im in college and i need to do stuff, but would be blocked by a proxy or what ever, hope its of use to someone and use the PCInfo to get all stuff you would normaly get.. Download Link Hak5 Patch *this replaces Morgannwg with Hak5 ^^, hope you all like it* Side not this the part to gather infomation is based around Amish with a few extra's added to it, this was not intended for people who wanted to do things sneakily :) Application List :~ OpenOffice AbiWord Notepad++ VLC player mIRC *NoNamesScript* Gaim FireFox 7Zip uTorrent FTPWander Speedy *download manager* TSearch1.6 Ollydug ResEditor TCPView TCPTools *forgot other name for it* Putty VNC Viewer FastPush Cain WinCap Installer DX-Ball *fun and addictive little game* PCInfo, will run the Package to gather Passwords etc.. total Size 350MB Uncompressed / 160MB Compressed This is very interesting, however it is not really part of the 'switchblade' hack. However I highly encourage you to add it to the wiki at www.hak5.org/wiki/ In fact, seeing how there are multiple versions of this project floating around we might want to move downloads and instructions to the wiki under a 'switchblade' page. However development discussion should stay in this this thread. I'll be trying out the future developments and hopefully we can do a follow segment sometime soon. There are many great ideas floating around here. Mad props to all the interested hackers, and welcome to those that have stumbled upon Hak5 through the blogosphere. Quote Link to comment Share on other sites More sharing options...
PoyBoy Posted September 9, 2006 Share Posted September 9, 2006 Ill definately be trying that out soon Quote Link to comment Share on other sites More sharing options...
DLSS Posted September 9, 2006 Share Posted September 9, 2006 Ok so here is my little modificationFor those of you that would like to help my rapidshare. http://rapidshare.de/files/32353339/PCInfo.rar.html But I know its annoying and some people cannot download from rapidshare so http://www.fileden.com/files/2006/7/8/116430/PCInfo.rar Any problems or feedback let me know. :-) why does cports.exe try to connect to 192.168.1.1 ?? Hmmm see if this makes a difference. Trash the old one. http://rapidshare.de/files/32434912/NonU3.rar.html or http://www.fileden.com/files/2006/7/8/116430/NonU3.rar Let me know if theres still a problem. But if you have a router I believe that might have something to do with it. nope still does it , prolly calling home ? but its to a dns ?? Quote Link to comment Share on other sites More sharing options...
sircrumpet Posted September 9, 2006 Share Posted September 9, 2006 seems strange it would call home to a local IP address... Quote Link to comment Share on other sites More sharing options...
kapowdude Posted September 9, 2006 Share Posted September 9, 2006 I have put together MaxDamage and Amish's solutions together. I'm calling it MAD for now =P. I doesn't require U3 and will steal both LM hashes and history messenger passwords etc. I also made it so that the file structure was a little neater. I also used another version of pwdump that seems to work better for me. If someone could scan and encrypt any exe's that show as "hacktools" that would be great. http://kapowdude.googlepages.com/MAD1.zip Installation: Extract the files in MAD 1.zip to the root of your portable storage device. When connected to a computer it will dump everything it recieves to switchblade/dump/INSERTCOMPUTERNAMEHERE/ Enjoy if you have any problems just drop me an email at kapowdude {at} gmail {dot} com Edit: im gonna start the wiki edit2: http://www.hak5.org/wiki/index.php?title=USB_Switchblade (help!!!) Quote Link to comment Share on other sites More sharing options...
PoyBoy Posted September 9, 2006 Share Posted September 9, 2006 You need to fix this I think. It seems to dump the passwords, unfortunately the device becomes unavailable afterware. The orange light on my switchblade goes on for a sec then turns off /boots linux to see what the duece went wrong EDIT: Works fine in windows now (randomly) However it didnt dump anything of mine. I did however find the password of "adwtiger" Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.