Jump to content

New custom payload!!!


kz26
 Share

Recommended Posts

After growing tired of the prepackaged payloads hosted here at Hak5, I decided to make my own. After several weeks of (successful) field testing, here it is. The package comes with an autorun.inf, so simply unrar onto the root of your USB drive.

It still features the same great silent run capability...

Payload contents:

1. Firefox password dumper by Nagareshwar Y Talekar

2. pwdump6 by fizzgig/Foofus Networking

3. NirCmd by Nir Sofer/NirSoft

4. LSADump by Nir Sofer/NirSoft

5. TightVNC server (http://www.tightvnc.com)

6. ProduKey by Nir Sofer/NirSoft

7. Outlook PST Password Dumper by Nir Sofer/NirSoft

8. Mail Passview by Nir Sofer/NirSoft

9. Network Password Recovery by Nir Sofer/NirSoft

10. Protected Storage Passview by Nir Sofer/NirSoft

11. NetResView by Nir Sofer/NirSoft

If you have any ideas for more useful tools to be added, please post.

Link to comment
Share on other sites

Guest Twilight Zone

What is new here ? Same tools like in other payloads , same things are detectable by firewall and antivirus and same things that doesnt work (Firefox) ...nothing new , just one more prepackaged payload.

Link to comment
Share on other sites

What is new here ? Same tools like in other payloads , same things are detectable by firewall and antivirus and same things that doesnt work (Firefox) ...nothing new , just one more prepackaged payload.
Well he didn't exactly claim that it's a panacea. Sometimes just the things you learn from doing something like this can make it worth it and why not then share it with others who might also find it useful.
Link to comment
Share on other sites

Guest Twilight Zone

Ok,I agree with that,learning is fun,but I think that is much more fun when you make your own idea and realize that idea in something that work.I think on something else : nobody have new ideas for payloads,everybody just copy/paste finished comand lines and provided tools from other payloads.For example,These days I make something for slurping data and chatlogs from icq,trilian,google talk,gaim,yahoo talk etc and now I must install all this programs just to find where are locations and names for relevant files,instead of sharing this informations with somebody who actually use this programs.Nobody research anymore,they just wait finall product.No doubt that almost everybody have own modificated payload,but where are new ideas from these modifications, like before few month?

Link to comment
Share on other sites

I guess it's just hard to come up with new ideas, especially when you don't have a lot of experience with it yet. Also, when people have new ideas or features, it doesn't mean that they also want to share it, because it's either too powerful, or some other reason. (TZ: you got my payload and you know it's don't really want to give it out to public either. )

Link to comment
Share on other sites

Thats why sometimes to think about the next coolest payload, hack, whatever, you've got to take a few steps back and look at the bigger picture. Command line tools can be glued together all day for the same basic task of private data retrival, but when it comes down to it the next sparkly that's going to peak your interest will be the tool for the problem you didn't even know you had.

Link to comment
Share on other sites

  • 2 weeks later...
Is this supposed to be detected by almost all Anti-Hack/Virus scanners? It was labeled as "hack tool" for me by norton and others.

If not, how do you get around this?

The actual tools like pwdump can be detected by anti-virus programs as "hacking tools" or something like that. To get around that you have to encrypt the files with special tools, there are tools that trojan/RAT makers use, like packers/scramblers/crypters that basically encrypt the files and leave a stub of code to decrypt and run it.
Link to comment
Share on other sites

Is this very hard to code? I have an encrypter but I geuss it would be hard to do this myself?
It's not really hard. There are programs already made for this purpose and they're generally pretty easy to use. But finding one that really is undetectable by anti-virus programs is the challenge, but that shouldn't be very difficult either.
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...