keia71 Posted October 10, 2006 Share Posted October 10, 2006 Cd's autorun is there but I am not sure what setting to change. I thought it used to work but I do not remember. How do I manually run it. Quote Link to comment Share on other sites More sharing options...
keia71 Posted October 10, 2006 Share Posted October 10, 2006 Im still trying to run this on my win 2000 box at work with no luck. I just noticed it detects a virus. How are you suppose to get around that... Is the u3 version better this? I have a u3 version but if I replace the partion with the new payload can I get my original setup back Quote Link to comment Share on other sites More sharing options...
deathwarder Posted October 10, 2006 Share Posted October 10, 2006 we are working on getting it to stop the antivirus from detecting it. Quote Link to comment Share on other sites More sharing options...
b0xybr0wn Posted October 10, 2006 Share Posted October 10, 2006 I have created a quick add on for the USB switchblade, that install fold@home on the target computer, then installs it like the hacksaw, which has it run at startup and hides in a folder depending on the privileges. The download link is http://d.turboupload.com/d/1069130/USB-fh.zip.html , I'm sure there is problems somewhere in there, or better ways to do it. Just let me know and I'll fix it. b0xybr0wn Quote Link to comment Share on other sites More sharing options...
deathwarder Posted October 10, 2006 Share Posted October 10, 2006 you will need a program to limit cpu usage. Quote Link to comment Share on other sites More sharing options...
b0xybr0wn Posted October 10, 2006 Share Posted October 10, 2006 I cant seem to find any freeware command line tools, any suggestions? Quote Link to comment Share on other sites More sharing options...
deathwarder Posted October 11, 2006 Share Posted October 11, 2006 for what? Hey, can anyone tell me where the lm hash is stored in the log file? I can't just run it because Im running windows vista. Quote Link to comment Share on other sites More sharing options...
keia71 Posted October 11, 2006 Share Posted October 11, 2006 I have been playing with these various versions of the payloads and have a question. I was running Cain and Able and was trying to retrieve the LSA secrets and now I get the LSASS.exe error where it automatically reboots my pc in 60 seconds. Did I somehow infect my PC with something in testing these payloads.... Any info will be greatly appreciated Quote Link to comment Share on other sites More sharing options...
deathwarder Posted October 11, 2006 Share Posted October 11, 2006 sorry for the double post, but this is the last time for a while that Ill be able to work on it(1-2days). Ive made it so that it dumps the network info as previously described, and the batch to start auto-cracking and emailing is almost ready. It just bugs out at the last second. If anyone can tell me where to upload it tommorow that would b3e great. I based it off of the dssl payload. Quote Link to comment Share on other sites More sharing options...
keia71 Posted October 11, 2006 Share Posted October 11, 2006 I have been playing with these various versions of the payloads and have a question. I was running Cain and Able and was trying to retrieve the LSA secrets and now I get the LSASS.exe error where it automatically reboots my pc in 60 seconds. Did I somehow infect my PC with something in testing these payloads.... Any info will be greatly appreciated Quote Link to comment Share on other sites More sharing options...
deathwarder Posted October 11, 2006 Share Posted October 11, 2006 nope, lsass.exe sometimes detects these programs. It is almost a bigger problem than antivirus. Quote Link to comment Share on other sites More sharing options...
keia71 Posted October 11, 2006 Share Posted October 11, 2006 Well I found a copy of the pwdump.exe in a diff directory than I thought i had put it and deleted that and then reinstalled Cain and Able and it seemd to have gone away Quote Link to comment Share on other sites More sharing options...
deathwarder Posted October 11, 2006 Share Posted October 11, 2006 hmm, one might be encrypted. I am working on a script that pulls encrypted packets from secure wireless networks and saves the raw data for later decoding, and gets the ssid for all nearby wifi networks. Quote Link to comment Share on other sites More sharing options...
rastetter Posted October 11, 2006 Share Posted October 11, 2006 The guide says all you need is a U3 compatible usb stick Now why when you scroll down does it only supply 2 versions of u3 sticks? I have a Kingston U3 Datatraveler and I would like to set this up using the u3 method is there anyway to do this? Thanks Quote Link to comment Share on other sites More sharing options...
renegadecanuck Posted October 12, 2006 Share Posted October 12, 2006 If you can find a program to update the U3 partition of Kingston drives, let us know. Theres a reason why the Cruzer was recommended. Quote Link to comment Share on other sites More sharing options...
rastetter Posted October 12, 2006 Share Posted October 12, 2006 If anyone knows where i can find this... please let me know Quote Link to comment Share on other sites More sharing options...
a5an0 Posted October 12, 2006 Share Posted October 12, 2006 /me wories that this thread will suffer the same fate as Pandora...... <flame> To all of you fsckers who are complaining about your shit not working: RTMF. If that does not work, stop, think about it, then try again. Use your brain! </flame> thank you. Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted October 12, 2006 Author Share Posted October 12, 2006 /me wories that this thread will suffer the same fate as Pandora...... And thats why usb hacks has its own board now. it's too big for just a thread. i forsee eventually a how-to thread for noobs being stickied. not that noobs need this kind of tool in their arsenal, but hey. Quote Link to comment Share on other sites More sharing options...
rastetter Posted October 12, 2006 Share Posted October 12, 2006 The reason people ask for help is because people will usually help them cant complain that people want help with this. everyone is a noob at one point, and this is fairly new, so you can expect people unable to figure it out, and other miscellaneous problems. Yes many of the questions are stupid, and the people should be able to figure it out themselves, but sometimes thats not the case If you have a problem with people asking questions, why dont you just ignore the questions, its not that hard Quote Link to comment Share on other sites More sharing options...
renegadecanuck Posted October 12, 2006 Share Posted October 12, 2006 Ras, the problem is that in order to update the U3 partition, you need a program to do so. Currently, I only know of one for Sandisk drives (hence why everyone is recommending buying the Cruzers). If you would have carefully read the main post (or even skimmed over it), you would have seen that. That is why a5an0 is getting upset. He assumed that people would buy supported hardware for this. Until someone can find a way to reverse engineer the Kingston drives (which is possibly illegal) or Kingston releases a tool to update the U3 partition, Kingston users are kinda screwed. The only other option is hope that someone will write a U3 Launcher compatible loader (I'm trying to, but my coding skills suck, and I'm having a few problems with VBStudio) and install it onto your U3 loader, but then, that removes the possibility of discreetness. P.S. If people were to search Google for every question, there would be no use for message boards. These exist for communicating (that includes asking question) Quote Link to comment Share on other sites More sharing options...
arkon Posted October 12, 2006 Share Posted October 12, 2006 @OuroborosDeviceLock does most of this. It does not whitelist apps, but drive serials. Sygate was working on a program that you could "map" applications to whitelist. However, Symantec aquired them and Im not sure what became of it. May want to check out DeviceWall (http://www.devicewall.com), it has whitelisting, it also has connection and file audits and built in USB encryption as well as measures to prevent tampering. You can block all U3 drives for example, only allow a certain group read access to iPods etc Quote Link to comment Share on other sites More sharing options...
pseudobreed Posted October 12, 2006 Share Posted October 12, 2006 Im going to check that out. DeviceLock slows down data transfer to the USB drive by half at the very least. Im finding myself having to stop the service just so I can do my backup. *DeviceWall (No price? I dont have the time to call people to order something... bah.) Quote Link to comment Share on other sites More sharing options...
keia71 Posted October 12, 2006 Share Posted October 12, 2006 I have been playing with these different payloads and also with rainbow crack. This morning I had a message from norton that it found a virus. Is this from one of the payloads. Scan type: Realtime Protection Scan Event: Virus Found! Virus name: Hacktool File: C:System Volume Information_restore{D1C2C251-F788-4617-A3F2-1132F2ED59F6}RP264A0026729.exe Location: Quarantine Computer: BILL User: SYSTEM Action taken: Clean failed : Quarantine succeeded : Access denied Date found: Thu Oct 12 07:08:49 2006 Quote Link to comment Share on other sites More sharing options...
melodic Posted October 12, 2006 Share Posted October 12, 2006 orderd a U3 cruzer yesterday and it was atempted to be delieverd today ^_^ should get it 2moro. Quote Link to comment Share on other sites More sharing options...
keia71 Posted October 12, 2006 Share Posted October 12, 2006 I have obtained the admin password on my work win2000 box. How can I test it if my user is also in the admin group...I log on to novell. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.