Jump to content

USB Switchblade Development

Darren Kitchen

By Darren Kitchen
in USB Hacks

 Share

Recommended Posts

  • Replies 581
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

renegadecanuck Newbie

renegadecanuck

Posted
Posted
Hi renegadecanuck

I posted a fix for your problem a couple of pages back. The problem is with PWDUMP, go and get the latest version and replace the version on your key. It works perfectly after.

Even with the newest version of PWdump, I get problems "Unable to find writable share on 127.0.0.1", I'm assuming of course that the files in the PwDumpDebug work properly, since I can't compile/understand C++ or C.
Link to comment
Share on other sites
Sloth Newbie

Sloth

Posted
Posted

kind of off topic but referring back to my last post about the privlage escalating, it seems that one of the computers i tested it on had some spyware running on it and now everytime i log on with the username i tested it with it automaticly boots me into system, which i think sucks personally...so just wanted to give fair warning to anyone who is going to mess around with the privlage escalating to make sure you have NO unwanted apps that you dont want to obtain "system"...oh well...

-Sloth

Link to comment
Share on other sites
DLSS Newbie

DLSS

Posted
Posted

OK so i did a 'lil updating to the switchblade here's the notes and a download link :

*replaced the pspv with the ie 7 compatible iepv

*updated Mail PassView 1.35 to 1.36

*updated the nircmd from 1.8.2 to 1.85

*updated produkey from v 1.0.4 to 1.0.6

* added the scan.cmd to start it manually if autorun was disabled.

*added wul.exe (WinUpdatesList) (so u can estimate how vulnerable the pc is to wich attacks)

WinUpdatesList displays the list of all Windows updates (Service Packs and Hotfixes) installed on your local computer. For hotfix updates, this utility also displays the list of files updated with these hotfixes. In addition, it allows you to instantly open the Web link in Microsoft Web site that provides more information about the selected update, uninstall an update, copy the update information to the clipboard, or save it to text/HTML/XML file.

http://www.clan1.mod-servers.net/l0s3c0d3/...switchbl4de.rar

Link to comment
Share on other sites
renegadecanuck Newbie

renegadecanuck

Posted
Posted

DLSS, does the delete all mp3,wma, etc run automatically? Cause that kinda defeats the purpose of stealth.

Oh, and in cmd.bat, shouldn't the file for windows update lsit dumping be "wul.exe", not "wol.exe"? SOrry, i would correct it myself, but I'm currently trying to work on customizing/updating the U3 compliant version.

Other than that, looks good.

Link to comment
Share on other sites
DLSS Newbie

DLSS

Posted
Posted
DLSS, does the delete all mp3,wma, etc run automatically? Cause that kinda defeats the purpose of stealth.

Oh, and in cmd.bat, shouldn't the file for windows update lsit dumping be "wul.exe", not "wol.exe"? SOrry, i would correct it myself, but I'm currently trying to work on customizing/updating the U3 compliant version.

Other than that, looks good.

oops will fix that , and no the deleter wont run @ all i actually put that in my own one to use against a certain person not for public ....

u can delete that out of it , i will now correct the wol , wul thing y ... sorry again , i'm not 2 fresh 2dayz ...

Link to comment
Share on other sites
Mikwit Newbie

Mikwit

Posted
Posted

Hey, I've been looking around for exe compressors/encryptors/packers, and after some testing I'm going to say that the only (to my 'public info' knowlegde) viable solution for AV protection is Morphine. I've tested PEPack, Morphine, Mew10 (Mew 11 is down??), and UPX, and combinations of them, and the only one that has worked was a single encrytion with Morphine.

It works out well that Morphine works because each time it encrypts the exe or dll its different from when someone else encrypts it. Morphine V2.7 can be found at http://hxdef.org/download/Morphine27.zip and info on it can be found at http://www.secretashell.com/BobSoft/Morphine.html

For a big list of packers go hurr http://web.archive.org/web/20041010121600/....de/packers.htm the site has been down for some time, so finding files is a hassle

Note: I don't have a super virus scanner, so I don't know it even gets around them, so here is a dl of a pre-encrypted pwdump for you guys to test http://www.box.net/public/c5j4ypdii7

Link to comment
Share on other sites
Mikwit Newbie

Mikwit

Posted
Posted

woops, seems as though I made a little mistake in my research. packing pwdump with Morph will still work, (I've done that), but now my computer isn't outputting any information on my computer no matter what version I'm using (Including the original), so my final conclusion on PEPack, Mew10, and UPX may be wrong. Also, I've found a huge resource of Exe encryptors... I question if I should post this or not, but It already has a Google page rank of 4 and from 2002 (not to mention the obvious name) http://www.exetools.com

Link to comment
Share on other sites
spit334 Newbie

spit334

Posted
Posted

New to the forum, not new to the general community...

I wonder if you can use a linux distro to get access to root then use this technique (or something similar) to get the administrative password hashes.

If this is stupid, tell me, but ive been exploring this as a way to getting around having to be logged in as administrator for the switchblade to work

Link to comment
Share on other sites
G-Stress Newbie

G-Stress

Posted
Posted

This is partially a double post, sorry, but no one gave any feedback. Just wondering would it be possible and wouldn't you guys find it interesting if the switchblade could dump wireless keys/profile information? For example dumping a wireless key with they type and length of encryption?

Just though some might find this interesting, if not is it at least possible?

Link to comment
Share on other sites
killzone Newbie

killzone

Posted
Posted

I was thinking that instead of trying to gain sysadmin privilage why not simply wait for the sys admin to logon.

1: place usb in back port;

2: have the code in usb wait till sysadmin logs on and then execute.

3: disable popup alerting to presance of usb

4: retrive flash drive when sys admin is nolonger at the target pc.

Is this feasible>? If so does someone want to see if they can develop the code to do it. I just dont have the time at the momnet.

thanks for your replies

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...