ir1337 Posted April 25, 2008 Share Posted April 25, 2008 Another great addition to usbhacks looks amazing damn great job Quote Link to comment Share on other sites More sharing options...
Che Roriniho Posted May 11, 2008 Share Posted May 11, 2008 So, any more news of a new version. Also, DID the auto-replication thing get in, or was it just an idea that was bouncing about? Quote Link to comment Share on other sites More sharing options...
Xakep Posted May 13, 2008 Share Posted May 13, 2008 Sounds like my tipe of Program, I will have to install this to my old USB Switchblade Quote Link to comment Share on other sites More sharing options...
Leapo Posted June 6, 2008 Author Share Posted June 6, 2008 Ok guys, I know I haven't touched this in a while...checking in so you know I'm not dead. Looking through all the old scripts, its occurred to me that the payload in its current state is a collection of hacks piled one on top of the other. There are a few gems in there, but it all could largely be done much better. Keep an eye on this thread, a massive overhaul is coming, I'll have it ready in a couple of weeks... Quote Link to comment Share on other sites More sharing options...
elmer Posted June 6, 2008 Share Posted June 6, 2008 I may end up coding up a simple Ruby app to run everything, but we will see. Quote Link to comment Share on other sites More sharing options...
Leapo Posted June 9, 2008 Author Share Posted June 9, 2008 UPDATE: VERSION 0.8.0.0 PRE-RELEASE IS OUT! This is a test release for you all to try out, which I feverishly rebuilt from the ground up over the last few days (wow, i actually beat my "couple of weeks" deadline by a bit, hope this makes up for the huge delay between updates). I trashed most of the old script and rebuilt the entire payload using GonZors as a base...though I doubt much of his code would be at all recognizable after what I've done to it, I pretty much put his payload through a wood chipper and put it back together again. Keep in mind that this is pre-release quality, I haven't personally tested everything on the payload, so some things may or may not work (please report anything broken). I'm going to go ahead and add a link to this release to the front page and re-order my original post a bit to highlight the changes. Tell me what you think of the new setup, report any bugs or issues, and start up the think-tank because I'm ready to implement new features and I need ideas! Full U3 Compatibility - NEW FEATURE The System directory of the payload (where anything at risk of being nuked resides) is now capable of running directly from the U3 partition. This pre-release download includes both the U3 and Non-U3 versions of the payload, but i have not yet created a pre-built U3 ISO. Menu System - OVERHAULED This is a big one, I think I spent more time on the menu system than anything else in the payload. Menu.bat (located on the flash partition in both the U3 and non-U3 builds) will now let you manage every single aspect of the payload, without mucking around with a text editor. The whole thing has been fleshed out with a full working nested menu system, ASCII GUI, loading animations, and even drive-type detection (some parts of the payload are specific to the Non-U3 version and are either not available or not needed on U3 drives). 2500 lines of script later, I have a 134kb batch file that is the best Text UI i believe is possible using batch. Note for U3 users: Auto-Update is currently only available in the non-U3 version of the payload because it needs to modify the System directory. I'm working on a solution to this. Module Management - OVERHAULED No more editing Start.bat, you can manage this from within Menu.bat with a pseudo-GUI. Not only is this more simple, it's necessary for allowing settings changes without reflashing the U3 partition on U3 drives. Available Modules - NOTICE Remember when i said this was a pre-release? Well it's not just because some things might not work (though by all accounts they should be fine), but it's because some modules are completely missing. Now don't fret, most everything important has been re-implemented into this new build, just a few niceties like auto-compressing log files that need to be re-coded. DOWNLOAD THE USB POCKET KNIFE V0.8.0.0 Pre-Release includes both U3 and Non-U3 version. The U3 version has the ISO sources but no pre-built ISO, the final version will be a little more put-together (I rushed to get this thing out the door, I'm trying to get this back up to date and i don't want to lose steam). Download Mirrors: RapidShare Quote Link to comment Share on other sites More sharing options...
X3N Posted June 17, 2008 Share Posted June 17, 2008 I'm new here... I am rewriting the switchblade in autoit and was wondering if anyone is interested in that or if they wanted to contribute. Once i complete the payload i will post the source code. AutoIT has some cool ways of doing things in windows that is far superior to vbs or bat scripts. However I am making it compatible with some existing bat scripts. Also i am interested in doing this same thing in different scripting languages including Perl and ruby. Does anyone have experience with creating portable Perl or ruby environments for development and or deployment on systems that dont have the binaries installed already? Quote Link to comment Share on other sites More sharing options...
mleo2003 Posted June 17, 2008 Share Posted June 17, 2008 I play with AutoIt, and had a payload made in it too, but decided not to release it. AutoIt is an interpreted language that makes exe's by combining the source you write with a static binary header. What this means is, if your payload starts getting flagged as a virus/hacktool by anti-virus software, so will all other AutoIt scripts, including other people's. Not wanting to be that much of an asshole, I decided it was best not to give that to people. This isn't just a problem with AutoIt, but with any interpreted language that can be compiled to an exe, which I believe both Perl and Ruby can. I'm not trying to rain on your parade, just letting you know while it is possible, it's not something that would be good for everyone (course, the switchblade could also be seen as something not good for everyone). Quote Link to comment Share on other sites More sharing options...
X3N Posted June 17, 2008 Share Posted June 17, 2008 Yeah i noticed that a while back when some of my other scripts got flagged for no reason... Maybe i wont post my code... Quote Link to comment Share on other sites More sharing options...
mleo2003 Posted June 17, 2008 Share Posted June 17, 2008 There's one thing I have that I might post: the vbscript that autoruns from the CD partition bugged me, so I remade it in AutoIt, gave it the U3 Launcher's Icon, and just made it look like the original. All it did was search all drives for "go.exe" off the root, and try to run it. I think I'll rewrite it, to have a little error checking, and also search for go.bat, as well as go.exe. Something like that could be very useful, in a non-destructive way. Quote Link to comment Share on other sites More sharing options...
X3N Posted June 17, 2008 Share Posted June 17, 2008 in autoit i setup my script to search for a volume label to set the drive letter variable... you could also use the drive's serial number. lots of options. Quote Link to comment Share on other sites More sharing options...
silentknight329 Posted June 18, 2008 Share Posted June 18, 2008 dude this is sick.... i am going to dl... but i have a quick question... how big is the file if i wanted to dl yah i have dialup... Quote Link to comment Share on other sites More sharing options...
Leapo Posted June 18, 2008 Author Share Posted June 18, 2008 dude this is sick.... i am going to dl... but i have a quick question... how big is the file if i wanted to dl yah i have dialup... Erm...if you click the rapidshare link it tells you right there. It's a little over 20MB. Quote Link to comment Share on other sites More sharing options...
X3N Posted June 19, 2008 Share Posted June 19, 2008 i will be also switching to autoit for sending mail via smtp + ssl instead of using blat and stunnel because creating a service and then deleting it is more messy then just using autoit. I like to have the output of the switchblade to get emailed to myself as well as saved on the memstick. In regards to using autoit instead of bat scripts it tends to be more reliable... bat scripts fail more often for unknown reasons... Quote Link to comment Share on other sites More sharing options...
Xakep Posted June 22, 2008 Share Posted June 22, 2008 You need make the payload so that macafee won't detect it they are the hardest av to get around. I have seen a lot of payloads/other get totaly nuked by that av. Quote Link to comment Share on other sites More sharing options...
Leapo Posted June 22, 2008 Author Share Posted June 22, 2008 I like to have the output of the switchblade to get emailed to myself as well as saved on the memstick. That'll be in the next release. You need make the payload so that macafee won't detect it they are the hardest av to get around. I have seen a lot of payloads/other get totaly nuked by that av. If you had read the first post or the included readme you would know this payload is practically impossible to nuke. The U3 version can't be touched by AV software, and the non-U3 version can be backed up and restored from the included menu.bat at any time. Keeping the executables in the payload up to date (on the non-U3 version at least) can also help stop antiviruses from detecting them; just like backup/restore, this is built into Menu.bat. RTFM next time, please. Quote Link to comment Share on other sites More sharing options...
X3N Posted June 23, 2008 Share Posted June 23, 2008 the exe's can also be repacked to get by av stuff... Quote Link to comment Share on other sites More sharing options...
Leapo Posted June 24, 2008 Author Share Posted June 24, 2008 the exe's can also be repacked to get by av stuff... Yes, that can work, but I've seen VERY strong opposition to every payload released here with repacked executables (usually because they don't know what else might have been packed in). That said, I /might/ build in an auto-repack that the user can activate themselves if they wish. let me add that to the list... Quote Link to comment Share on other sites More sharing options...
Xakep Posted June 25, 2008 Share Posted June 25, 2008 If you had read the first post or the included readme you would know this payload is practically impossible to nuke. The U3 version can't be touched by AV software, and the non-U3 version can be backed up and restored from the included menu.bat at any time. Keeping the executables in the payload up to date (on the non-U3 version at least) can also help stop antiviruses from detecting them; just like backup/restore, this is built into Menu.bat. RTFM next time, please. I did read the readme and THIS WHOLE THREAD! I just added alittle input on how McAfee detects ALOT of these programs your using! You might want to test your payload on McAfee youself. Sorry I misspelled McAfee on my last comment. Quote Link to comment Share on other sites More sharing options...
Leapo Posted June 25, 2008 Author Share Posted June 25, 2008 I just added alittle input on how McAfee detects ALOT of these programs your using! You might want to test your payload on McAfee youself. Same base set of programs as just about every other payload around here, they all get detected as well. Like I've already said, I didn't make the executables, and short of repacking them (which a lot of people don't like) there's not much I (or anybody else can do) can do. Quote Link to comment Share on other sites More sharing options...
Xakep Posted June 26, 2008 Share Posted June 26, 2008 Ok, yah I know like you said "I didn't make the executables, and short of repacking them (which a lot of people don't like)" Hey, But at least you are creating the .bats and making a GREAT Payload! One other thing have you and Gonzor tried working on the payload together? I saw a few posts that some people made that said "why don't you and Gonzor work on the payload together?" But I didn't see any offical feedback yet. It wasn't quite stated that you ARE working together. I just thought I'd ask! Great work so far! Quote Link to comment Share on other sites More sharing options...
Leapo Posted June 26, 2008 Author Share Posted June 26, 2008 Gonzor and I aren't working together, generally because there's no need to formally do so. Side note: your sig is really fucking annoying, mind toning it down a smidgen? Quote Link to comment Share on other sites More sharing options...
Xakep Posted June 26, 2008 Share Posted June 26, 2008 Oh, ok. Also sorry about the annoying userbars I will get on that as soon as possible! I didn't realize your eyes were offended by them : )! Thanks for the help! Quote Link to comment Share on other sites More sharing options...
Xakep Posted June 26, 2008 Share Posted June 26, 2008 Do you know were I can get a re installation program for a 1gb geeksquad u3 usb? I looked all over for at least 4 months. Also I was wondering would I be able to use the sandisk one instead, if so can you give me a link to the re installer? [i'm not sure if what I have is the right program.] I would greatly appreasheat (sorry if I misspelled that.)your help! Quote Link to comment Share on other sites More sharing options...
tempnode Posted June 30, 2008 Share Posted June 30, 2008 Do you know were I can get a re installation program for a 1gb geeksquad u3 usb? Geeksquad's website: http://www.geeksquad.com/downloads/U3Updat...BBY_2.1.0.1.exe Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.