MorbidPenguin Posted September 13, 2006 Posted September 13, 2006 Awesome work so far, guys. I wish I had some coding skills so I could help you out. I'm wondering, however, if it wouldn't be possible to set up the U3 partition to load up both the payload and the LaunchU3 application together. That way, I can plug my key in, use U3 to check my email or skype or whatever, and it also instantly runs the payload in the background. Either that or, as a previous poster said, use the development api to create a u3 program that can be run fairly discretely. Anyway, love the work so far. Keep it up. Quote
Jay Posted September 14, 2006 Posted September 14, 2006 Hey, folks. Went through all nine pages and haven't seen this yet. I've unzipped MaxDamage's payloads. And the encrypted files are no problem. However, I have McAfee Internet Security Suite 8.0 and it is complaining about mspass.exe and netpass.exe . May I please have encrypted versions of these? Thanks. Quote
Darren Kitchen Posted September 14, 2006 Author Posted September 14, 2006 Heya guys. Well bad news i lost my memory stick with liek 100's of password on it :S So i had to change them all. Anyways before i lost it i had time to implement this http://www.cqure.net/wp/?page_id=7 It grabs and decrypts the password for Tight VNC and Real VNC on the fly, and it runs in command line :D So thats good to implement. =) Im glad to see the projects going well. But i think someone or myself shoudl implement a command line file encryptor to store these password safe everytime we dump them, jsut incase we loose them....like me. I wish i did that before Good idea about encrypting. I'd suggest truecrypt but I dont think there is a way to automate it and you'd have to type the password. What command line encryption options are out there. Of course the script would only have the password to write to the file, the read password would be in your head. Sorry if I'm not making sense... painkillers. And Amish, think you could add your updated payload that grabs VNC passwords to the wiki? Quote
Ag3nT_KaTz Posted September 14, 2006 Posted September 14, 2006 Well I got my answer from Memorex. I am sorry about the inconvenience but at this moment we do not have an update for the launchpad, the other version was build on the drive and cannot be copied or your version cannot be updated. Thank you for choosing Memorex. George Cheves Memorex Technical Support Quote
DTYtsejam24 Posted September 14, 2006 Posted September 14, 2006 damn memorex to helllllllllllllllllllll i have two memorex drives laying around that i could hve used one of them for this...oh well ill just have to pick up a sandisk one, or find some kid at my school to trade me Quote
teslafreak Posted September 14, 2006 Posted September 14, 2006 Good idea about encrypting. I'd suggest truecrypt but I dont think there is a way to automate it and you'd have to type the password. What command line encryption options are out there. Of course the script would only have the password to write to the file, the read password would be in your head. Sorry if I'm not making sense... painkillers.And Amish, think you could add your updated payload that grabs VNC passwords to the wiki? How about something like ncrypt? http://ncrypt.sourceforge.net/ Quote
bing0 Posted September 14, 2006 Posted September 14, 2006 Ok, so id like to know what executables are detectable as viruses. pwdump is... I plan to fix that right now. PM me on irc if you have a better idea. nick == Brainkill===================== _________________ ----------------------------- Brandon G. Lead Hosting Tech/Owner ------------------------------ hi guys, hi brainkill, face the problem that not only 'pwservice' and 'pwdump' can be detected i have problems with netpass an mspass also. @ Brainkill: can you fix this too ?? or better, tell me how you fixt this :) Thanks TOM Quote
bing0 Posted September 14, 2006 Posted September 14, 2006 AAARLG left thret open without refresh. :oops: will try ncrype jokes on me :roll: tom Quote
bing0 Posted September 14, 2006 Posted September 14, 2006 @Brainkill: still need the named exe files crypted Quote
DTYtsejam24 Posted September 14, 2006 Posted September 14, 2006 for the hahas we should develope a really robust version of the switchblade, that just rediculously owns the machine its plugged into and doesnt do it in a stealthy way at all. Not really sure what this would entail, but when i think of it ill get back to you Quote
amish Posted September 14, 2006 Posted September 14, 2006 Darren i would add it but i dont have it anymore. It was on my memorystick and i dont have it anymore :( I think the flags were -c for real vnc and -s for tight jsut run the program vncdecrypt.exe /? Quote
jag Posted September 14, 2006 Posted September 14, 2006 not to be redundant or whiny but just for a different perspective... I'm running BitDefender9 and it caught three immediately upon inserting the device: mailpv, pspv, mspass (using MADs version) and obviously just two: pspv and mspass with Silivs version (since there is no mailpv). dunno if this helps or was pointless but i sure hope people keep working on this props to all the people who can do this kind of stuff me = noob so hello to everyone too Quote
temperseed Posted September 15, 2006 Posted September 15, 2006 ermmmm ZOMG WTF ! :shock: This hack is sesame street kiddy. Allmost EVERYONE that has a computer uses an admin account (period.) And if they have an antivirus, and they allready lent you their computer use your "SOCIAL ENGENIEERING" skills (witch either u have em or not... the ability to sweet talk ppl on doing what u want) Just tell em: "hey can i get a glass of water" disable the antivirus or add an exception rule. 10s tops. Plug it in, and take it out... PS: AUTO-IT Scripts ??? anyone... i allready have a personalized autoit script for disabeling "Symantec Client Security" wich is the one used on my college.... and since everyone logs into the computers and uses their chat clients, and emails, i can basically have access to anyones information withing 30minutes !!!! ZOOOORF !!!! :twisted: Its actually less, but i prefer to go back to my house, blast some hacking music on, and have fun with my new victim. Quote
DLSS Posted September 15, 2006 Posted September 15, 2006 aww man my experiences @ school with this were gr8 so far : got bout 50 valid & legal license keys 4 m$ w1nd0ws and 0ff1ce 2003 (school pays for 300 only 250 or so pc's @school all pc's use same serial ....) also cos the school blocks msn , ppl login to online msn services (not allowed btw) and leave cookies ... my usb stick ate 'em :P even found some cell #s +account and passes for it on sms site's . (with this info i could send sms messages under their name coming from their number ...) ppl are so ignorant ... btw i wont use any of the above ! , purely exploring .... ok i might abuse the msn accounts :P its time 4 him to break up with that girl y :twisted: (just kidding ) Quote
temperseed Posted September 16, 2006 Posted September 16, 2006 SUGGESTION Maybe you would like the idea of having a fixed drive for the USB everytime you plug it, no matter in witch computerusb port you put it in. http://www.uwe-sieber.de/usbdlm_e.html X: <--- looks preaty slick :twisted: J: <---- looks retarded :evil: Quote
bshwckr592 Posted September 16, 2006 Posted September 16, 2006 Could you explain how to use the usbdlm program to make a usb drive non-removable on any computer? I read the instructions but I am not clear on how to do this. Thanks. Quote
temperseed Posted September 16, 2006 Posted September 16, 2006 This goes on the switchblade (a *.bat, just make sure is ran after the admin account is created, so u just input that username here...) runas /user:[b]USERNAME[/b] "USBDLM -install" USBDLM -silentinstall net start USBDLM The .ini file [settings]ForceDriveLetters=1 DeleteMountPointsOnRemoval=1 LogLevel=3 WriteDebugInfo=0 [DriveLetters] Letter1=X [DriveLettersUsbPort1] PortName=5-8 Letter1=X Then again... this needs alot of work done. I can olso sugjest we use "CMDOW" specially those of us who use regular USB drives, so we can HIDE the .BAT window, and be less obvious. I usually just run the damn .bat file right on their face, but since it doesnt do or say anything they are like ... ermm wtf? (ohh well... nvm) :twisted: Quote
Plutonium Posted September 17, 2006 Posted September 17, 2006 Something wierd is happening with the my switchblade. I get this message when plug my usb drive(sandisk cruzer) in with the 1.2 payload on it and all. It takes about 3 mins to come up after i plug it in. here it is. http://www.trendmicro.com/vinfo/images/wor...sser_a_img2.gif from what I'v read this is the same message ppl would get when they were infected with sasser. I have windows sp2 updated and all. It only happens when i have the usb in the drive. i hope i dont have a virus ive never had one b4. *cries* oh btw other than that everything else works fine with the switchblade software Quote
teslafreak Posted September 17, 2006 Posted September 17, 2006 Something wierd is happening with the my switchblade.I get this message when plug my usb drive(sandisk cruzer) in with the 1.2 payload on it and all. It takes about 3 mins to come up after i plug it in. here it is. http://www.trendmicro.com/vinfo/images/wor...sser_a_img2.gif from what I'v read this is the same message ppl would get when they were infected with sasser. I have windows sp2 updated and all. It only happens when i have the usb in the drive. i hope i dont have a virus ive never had one b4. *cries* oh btw other than that everything else works fine with the switchblade software This is probably pwdump, if you drop in a new version, it should be fine. Quote
NiteMare Posted September 18, 2006 Posted September 18, 2006 Something wierd is happening with the my switchblade.I get this message when plug my usb drive(sandisk cruzer) in with the 1.2 payload on it and all. It takes about 3 mins to come up after i plug it in. here it is. http://www.trendmicro.com/vinfo/images/wor...sser_a_img2.gif from what I'v read this is the same message ppl would get when they were infected with sasser. I have windows sp2 updated and all. It only happens when i have the usb in the drive. i hope i dont have a virus ive never had one b4. *cries* oh btw other than that everything else works fine with the switchblade software if you want to get rid of that then all you have to do is execute this line in RUN shutdown.exe /a and that should remove that window so it wont make you restart ur comp Quote
harneable Posted September 18, 2006 Posted September 18, 2006 all that is, is when you open the command prompt (windows key + R and type in cmd) its a command called shutdown -i (i for initilize)and you cna select a ip or computer name and choose to shutdown the selected computer or log off the user and then type a message and the ammount of time the message will be visable and at the end of the alloted time it will take action, you can stop this ofcorse by typing shutdown -a (a for abort) in the command prompt. Quote
servzero Posted September 18, 2006 Posted September 18, 2006 I thought of a name for this type of attack, "Hit and Run Hacking" *shrugs* Quote
psichonico Posted September 18, 2006 Posted September 18, 2006 I just saw this site on digg. Its a way of finding keys, but finds more that what ive seen currently on the switchblade. http://www.raymond.cc/blog/archives/2006/0...-your-computer/ Hope someone will add this to a future switchblade. Quote
Darren Kitchen Posted September 18, 2006 Author Posted September 18, 2006 I just saw this site on digg. Its a way of finding keys, but finds more that what ive seen currently on the switchblade.http://www.raymond.cc/blog/archives/2006/0...-your-computer/ Hope someone will add this to a future switchblade. How is that any different from the product key dump that's on the current switchblade? Quote
patman Posted September 18, 2006 Posted September 18, 2006 good information's folks, any u3-enabled model you guys recommand ? Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.