MMb884 Posted October 8, 2006 Share Posted October 8, 2006 Hey xFilthyxJesusx, do you have an antidote for your version? Or can I use the U3 antidote? Quote Link to comment Share on other sites More sharing options...
foikerz Posted October 8, 2006 Share Posted October 8, 2006 Well I found out the hard way that Dan's antidote wont work. I done it the filthy way. 1)Safe mode -> login as Administrator 2)Delete the $NTUnistall9313etc. directory 3)Then checked all of my running tasks and remove all those noty .exes Peace out. Quote Link to comment Share on other sites More sharing options...
revolations2525 Posted October 8, 2006 Share Posted October 8, 2006 Hope this be the right section, But I came across this free peice of software the works with usb thumb/pen drives, and the first thing that poped into my head was the hacksaw and swithcblade. So, I hope the software helps, because both projects are really cool. http://www.mypendrive.org/ Quote Link to comment Share on other sites More sharing options...
nullspace Posted October 9, 2006 Share Posted October 9, 2006 I actually tried this software and it basically creates a autorun.inf nothing past that. revolations2525: um nice try but this is basically something not only we can do ourselves but is already used and basically the means of which the non-U3 drives work automatically. Question: In Spektormax's version (I am sure others may apply) I can't see any practical use for modsmax.bat besides maximizing a window which will only alert someone to the fact something weird is going on. Quote Link to comment Share on other sites More sharing options...
operat0r_001 Posted October 9, 2006 Share Posted October 9, 2006 shhhhhyou may want to look into desktop.ini and folder.htt as a autorun workaround -=-=-= Got Spam ? Scripts Systems / Network Consultant Quote Link to comment Share on other sites More sharing options...
pseudobreed Posted October 9, 2006 Share Posted October 9, 2006 I thought that was a Windows 98 thing. In order to get that to work on XP is to have the desktop viewing a webpage. It's very rare to see a user have that setup, actually I can not think of one person who uses it. Unless you know something I dont. *Edit - Got it to work but you have to view the folder and my AV had a fit with the folder.htt file. Quote Link to comment Share on other sites More sharing options...
Shanghai Posted October 9, 2006 Share Posted October 9, 2006 The Hacksaw made it onto Cyberspeak, a very popular network security podcast. It's mentioned on the Oct. 8th episode. http://cyberspeak.libsyn.com/ Quote Link to comment Share on other sites More sharing options...
InSecure Posted October 9, 2006 Share Posted October 9, 2006 Maybe I'm retarded, but I downloaded the RAR file, extracted it and performed steps 1&2. That went fine. When I began step 3, I noticed that there were no files within the /wip/sbs folder. There is the CMD file though. Is anyone else having this problem? Where can I get a copy of the complete WIP folder ? Thanks... Quote Link to comment Share on other sites More sharing options...
pseudobreed Posted October 10, 2006 Share Posted October 10, 2006 Turn on View System and Hidden Files in the Explorer > Tools > Folder Options > View Quote Link to comment Share on other sites More sharing options...
InSecure Posted October 10, 2006 Share Posted October 10, 2006 Thanx pseudobreed. Its been one of those days...:D Quote Link to comment Share on other sites More sharing options...
keia71 Posted October 10, 2006 Share Posted October 10, 2006 Does it leave any of the info about your email on the PC anywhere? Quote Link to comment Share on other sites More sharing options...
Silva Posted October 10, 2006 Share Posted October 10, 2006 Does it leave any of the info about your email on the PC anywhere? Well of course, it copies over the send.bat which contains you email address, if it didn't how would it know where to send the emails to ? Quote Link to comment Share on other sites More sharing options...
keia71 Posted October 10, 2006 Share Posted October 10, 2006 Ya I did not even think of that. Im a rookie forgive me.. Quote Link to comment Share on other sites More sharing options...
Silva Posted October 10, 2006 Share Posted October 10, 2006 Don't worry you learn something new everyday :). Quote Link to comment Share on other sites More sharing options...
Hug_It Posted October 10, 2006 Share Posted October 10, 2006 I set it up, changed the e-mail variables (checked multiple times). It creates the directory and starts the sbs.exe process but it doesn't email anything out when another USB drive is inserted into the machine. Is there a problem with having the emailto and emailfrom being the same account? Quote Link to comment Share on other sites More sharing options...
InSecure Posted October 11, 2006 Share Posted October 11, 2006 What files would need to be modified if you wanted to dump and e-mail certain folders? Like the other poster mentioned the iPod situation. For example, I just want folders that includes "CSC" in their name. Or, files that have the extension " .MP3 " Thanks for this awesome tool. Quote Link to comment Share on other sites More sharing options...
RegRipper Posted October 12, 2006 Share Posted October 12, 2006 Dammit... now I need to update our work Security policy to turn off autorun... the switchblade was bad enough. All the guys cover their USB ports now when I walk into the room ;) ReG Quote Link to comment Share on other sites More sharing options...
Swimfin131 Posted October 13, 2006 Share Posted October 13, 2006 I run a MacBook, :D Is there anyway to make a hacksaw on a mac? I tryed to google some, but the results didn't really help... Suggestions are always appreciated Quote Link to comment Share on other sites More sharing options...
CaveMan Posted October 13, 2006 Share Posted October 13, 2006 question... what happens if i plug in my 300 gb external USB hard drive... will it pretend its a memory stick and try to e-mail it to me? Quote Link to comment Share on other sites More sharing options...
pseudobreed Posted October 13, 2006 Share Posted October 13, 2006 On Darren's payload, yes. That is why it was a working POC. Aka, learn from it and tweak it for your needs. It was just proof that it can be done. There are plenty of ways to fix it: Exclude folders Limit the folder size etc Quote Link to comment Share on other sites More sharing options...
CaveMan Posted October 13, 2006 Share Posted October 13, 2006 k ty Quote Link to comment Share on other sites More sharing options...
priegog Posted October 13, 2006 Share Posted October 13, 2006 Well I found out the hard way that Dan's antidote wont work.I done it the filthy way. 1)Safe mode -> login as Administrator 2)Delete the $NTUnistall9313etc. directory 3)Then checked all of my running tasks and remove all those noty .exes Peace out. Well, I can't seem to figure out how to modify the original antidote batch file to make it work with filthy jesus' version. Would anyone who has come up with it would care to share? (come on, I know at least a few of you have, it seems pretty easy, altho I lack the knowledge to do it) Quote Link to comment Share on other sites More sharing options...
Swimfin131 Posted October 13, 2006 Share Posted October 13, 2006 Am i to take it there is no way to make a hacksaw on a mac? Quote Link to comment Share on other sites More sharing options...
pseudobreed Posted October 13, 2006 Share Posted October 13, 2006 Macs are unhackable. Youre lucky. Actually, I never mess with a mac except to fix my little sister's so I would have no idea where to start. Im a Microsoft Fan Boi, not by choice. Well, I guess you could start by plugging the drive in and see if it autoruns the payload. If so, then find the unix equivalant of most the tools. That would take some google'ing and I doubt you will find everything you are looking for. Quote Link to comment Share on other sites More sharing options...
moonlit Posted October 13, 2006 Share Posted October 13, 2006 Macs are unhackable. Youre lucky. Uhh... sorry? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.