Jump to content

USB Pocket-Knife Development

Leapo

By Leapo
in USB Hacks

 Share

Recommended Posts

  • Replies 818
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Posted Images

Verye Newbie

Verye

Posted
Posted
pocketknife doesn't work on vista

Well, it works, just it doesn't do it automatically. If I want it to work right I simply have to click "view folder." I can exit it and it works fine.

But are you saying this problem occurs on Vista universally? If so, then okay, I understand.

Link to comment
Share on other sites
Abigwar Newbie

Abigwar

Posted
Posted
I'm not familiar with the "old method," sorry. What folder icon??

Also, I have another question, though this one isn't support-related:

How do I get someone's Windows login password? I got a bunch of hashes, and I'm presuming these are what I need...but how do I decrypt them?

And finally, I'd just like to speak up about the method of payload development that's been going on in this thread. It is very, very confusing that multiple people are making multiple updates to Leapo's payload. A GUI, bug fixes, etc. It's impossible for anyone to keep up.

In fact, I personally believe having independent payloads in general is bad. Leapo had the right idea; a payload with just about everything. People have been working with Leapo on this payload to make it a fusion of the best ideas and features, and that's been working, but I understand that he's been inactive for a while and people are taking it upon themselves to edit it and add/edit things to make it better. I know that he hasn't been on in a while, but I feel that things would be simpler and better for everyone if they simply collaborated with Leapo and worked on it with him, so there's only one version of Leapo's payload. Unless he does not plan on updating it any time in the next 2 months, or has quit, then people should just be working with him.

Google John The Ripper, and I respectfully disagree. Such is the nature of community development. It benefits us all. You're just behind the learning curve. You'll catch up...

Link to comment
Share on other sites
DMilton Newbie

DMilton

Posted
Posted
And finally, I'd just like to speak up about the method of payload development that's been going on in this thread. It is very, very confusing that multiple people are making multiple updates to Leapo's payload. A GUI, bug fixes, etc. It's impossible for anyone to keep up.

First of all, if we wanted to develop an independent payload, we surely would do. I have my own payload, of course, as many of us have. But the final purpose of posting in this Pocket Knife Thread is precisely allowing Leapo in developing his payload. This stuff doesn't belong to Leapo, but the entire community.

But if Leapo did the effort to compile in a batch a compendium of other scripts, and tryed to improve them is because, probabily he had an altruistic thought.

The reason of posting is, precisely, helping in developing his first (and now very evolved) code. Without the collaboration of many people (I would not nominate anyone for not forgetting anyone), he probabily would have left this proyect.

But don't forget that if you, me (or someone else) post a code trying to update the code is, surelly, because we want to collaborate and, of course, making readers understand the code and share knowledge.

But the last one that has to update his code is Leapo. By the way, we only can try to help.

In fact, I personally believe having independent payloads in general is bad. Leapo had the right idea; a payload with just about everything. People have been working with Leapo on this payload to make it a fusion of the best ideas and features, and that's been working, but I understand that he's been inactive for a while and people are taking it upon themselves to edit it and add/edit things to make it better. I know that he hasn't been on in a while, but I feel that things would be simpler and better for everyone if they simply collaborated with Leapo and worked on it with him, so there's only one version of Leapo's payload. Unless he does not plan on updating it any time in the next 2 months, or has quit, then people should just be working with him.

In fact me too, but as you see, if someone wants to make a independent payload, he does it in a independent thread... If you refer to someone that are developing a GUI, surely, if Leapo sees that, will contact him/them (and vice-versa) to work hand in hand. If the author of a GUI, show us (by publishing the code) how he did it, surely, it'll be usefull, because it's one more less thing to do (or one more thing to improve! :blink:) Those who doesn't want to be "one more" but "The One", haven't no place in this forum...

Finally, I don't know if he is planning on updating the payload, probably yes (he told it a few days ago), but also probably he has other things to do (as many of us). In second place, there's many things to do, many improvements to implement and many others to investigate. Then, let Leapo decide if he wants to do it, and let others to decide if we want to use his code (as me), helping him in it's developing and others in understanding of how it works. I remember GonZor did the same far, far time ago (sigh!), and the response to him was the same as for Leapo, in fact I remember many people helping in Gonzor's stuff (will not say names).

As far as I know, Leapo always appreciated contributions, then be sure, when he can read the post, recompile, compile and rebuild his code, he'll do it. Otherwise, I'm sure he'll pass the baton...

Meanwhile, I will be waiting for his answers and learning more things (There's some very good threads here and in other communities), and the developing of this kind of stuf will surely be alive, with of without Leapo (better with).

Every body knows that Leapo begun this Thread and did the first re-compilation, re-compilated from other re-compilations, searching for code from other anonymous people (and not anonymous ones), and those from others... till the beginnings of the times... :P There's no new in doing so, but is a work in doing it.

Can you contribute? Perfect, do it...

We still be waiting for next release, with or without GUI... (Better with)

Link to comment
Share on other sites
Verye Newbie

Verye

Posted
Posted
First of all, if we wanted to develop an independent payload, we surely would do. I have my own payload, of course, as many of us have. But the final purpose of posting in this Pocket Knife Thread is precisely allowing Leapo in developing his payload. This stuff doesn't belong to Leapo, but the entire community.

But if Leapo did the effort to compile in a batch a compendium of other scripts, and tryed to improve them is because, probabily he had an altruistic thought.

The reason of posting is, precisely, helping in developing his first (and now very evolved) code. Without the collaboration of many people (I would not nominate anyone for not forgetting anyone), he probabily would have left this proyect.

But don't forget that if you, me (or someone else) post a code trying to update the code is, surelly, because we want to collaborate and, of course, making readers understand the code and share knowledge.

But the last one that has to update his code is Leapo. By the way, we only can try to help.

In fact me too, but as you see, if someone wants to make a independent payload, he does it in a independent thread... If you refer to someone that are developing a GUI, surely, if Leapo sees that, will contact him/them (and vice-versa) to work hand in hand. If the author of a GUI, show us (by publishing the code) how he did it, surely, it'll be usefull, because it's one more less thing to do (or one more thing to improve! :blink:) Those who doesn't want to be "one more" but "The One", haven't no place in this forum...

Finally, I don't know if he is planning on updating the payload, probably yes (he told it a few days ago), but also probably he has other things to do (as many of us). In second place, there's many things to do, many improvements to implement and many others to investigate. Then, let Leapo decide if he wants to do it, and let others to decide if we want to use his code (as me), helping him in it's developing and others in understanding of how it works. I remember GonZor did the same far, far time ago (sigh!), and the response to him was the same as for Leapo, in fact I remember many people helping in Gonzor's stuff (will not say names).

As far as I know, Leapo always appreciated contributions, then be sure, when he can read the post, recompile, compile and rebuild his code, he'll do it. Otherwise, I'm sure he'll pass the baton...

Meanwhile, I will be waiting for his answers and learning more things (There's some very good threads here and in other communities), and the developing of this kind of stuf will surely be alive, with of without Leapo (better with).

Every body knows that Leapo begun this Thread and did the first re-compilation, re-compilated from other re-compilations, searching for code from other anonymous people (and not anonymous ones), and those from others... till the beginnings of the times... :P There's no new in doing so, but is a work in doing it.

Can you contribute? Perfect, do it...

We still be waiting for next release, with or without GUI... (Better with)

I understand what you're saying. However, I personally find it confusing if people go through the trouble to make an edit to his payload, then upload it, then ask other people to download it. I've seen a few things like that here.

Recommendations or writing bits of code to improve it make sense, it's just that going through the trouble of essentially releasing another version of it, with or without Leapo's permission, in his thread, seems odd.

But whatever. I'm not really complaining. It's just that I see cool edits and additions in this thread, and I think to myself, "hmmm, should I download/add this, or should I just wait for Leapo to implement it?" I'm just eagerly anticipating Leapo's next update.

Link to comment
Share on other sites
Verye Newbie

Verye

Posted
Posted

Hey, I have (another) question, and also an idea.

The question...when I put the flash drive in computers with Windows 2000, 9 times out of 10 a message will pop up saying there's some sort of error with "wscript.exe," and it says to "please ensure that a floppy is drive A:." Now, this may be a problem due to the fact that these are being used on computers which previously had floppy drives, but were removed and disabled in the BIOS. Not sure why PocketKnife would cause an error having anything to do with floppies though, and I do not know what "wscript.exe" specifically means. This isn't a very big problem, since the payload still runs fine, just...I have to exit the error every time I put it in one of their computers, except for like 1 or 2 computers.

Second, the suggestion. The slurp application info is a very nice idea. I know it can take time, but slurping little bits and pieces of info like that is just helpful. However, what would make it even better is if it would also capture Notepad and possibly Word files that don't have much text in them. People often put passwords or private pieces of information in Notepad files. So, maybe it should capture all Notepad files that have, say, fewer than 40 words in them, or X amount of characters, or whatever.

I'm not sure if this would be hard to code, and also, I'm thinking that if it has to search the whole computer for them it may take a long time to run, so maybe it could just search the Desktop and Documents folders.

Link to comment
Share on other sites
DMilton Newbie

DMilton

Posted
Posted
Hey, I have (another) question, and also an idea.

The question...when I put the flash drive in computers with Windows 2000, 9 times out of 10 a message will pop up saying there's some sort of error with "wscript.exe," and it says to "please ensure that a floppy is drive A:." Now, this may be a problem due to the fact that these are being used on computers which previously had floppy drives, but were removed and disabled in the BIOS. Not sure why PocketKnife would cause an error having anything to do with floppies though, and I do not know what "wscript.exe" specifically means. This isn't a very big problem, since the payload still runs fine, just...I have to exit the error every time I put it in one of their computers, except for like 1 or 2 computers.

The solution is modifying the GO.VBS. In this thread is the solution by mencargo...

Second, the suggestion. The slurp application info is a very nice idea. I know it can take time, but slurping little bits and pieces of info like that is just helpful. However, what would make it even better is if it would also capture Notepad and possibly Word files that don't have much text in them. People often put passwords or private pieces of information in Notepad files. So, maybe it should capture all Notepad files that have, say, fewer than 40 words in them, or X amount of characters, or whatever.

I'm not sure if this would be hard to code, and also, I'm thinking that if it has to search the whole computer for them it may take a long time to run, so maybe it could just search the Desktop and Documents folders.

In my case, I don't think i'll use this way of slurping but if it can be useful for more people, I could try to script it it... Anybody?

In any case, probably the consumption of time would do the slurping action not to be very efficient. Probably it will be better to slurp all the .txt, .doc, .rtf files...

Link to comment
Share on other sites
X3N Newbie

X3N

Posted
Posted

there is a python program called slurp that does this. It would be cool to write this in open source. I prefer not to slurp with bat scripts. Python or C++ or C or even AutoIT would be ideal. I think AutoIt might be too slow though which is why id like to see someone make some stuff in Python.

Article explaining it

http://www.usbhacks.com/2006/10/29/how-to-...sb-flash-drive/

More info

http://sharp-ideas.net/ideas/2006/01/20/re...-of-data-theft/

the demo program slurp 2.0

http://www.sharp-ideas.net/downloads.php

Link to comment
Share on other sites
Verye Newbie

Verye

Posted
Posted
The solution is modifying the GO.VBS. In this thread is the solution by mencargo...

Oh, it fixes this error too? Perfect then.

In my case, I don't think i'll use this way of slurping but if it can be useful for more people, I could try to script it it... Anybody?

In any case, probably the consumption of time would do the slurping action not to be very efficient. Probably it will be better to slurp all the .txt, .doc, .rtf files...

Slurping all the .txt files would probably work.

Also, another quick question...I put the SwitchBlade into a friend's computer today, to show him its capabilities, and his AVG detected it as soon as I put it in. I did not have any installers enabled; it was just LSA secrets, PWDUMP, Application Info slurping, and FF/IE/Chrome password grabbing. Everytime AVG popped up with a message saying "unwanted program/virus/whatever detected," I'd always click Ignore. When I got the logs though, it said "Access denied" under all the categories. I guess AVG blocks Firefox/IE/Chrome passwords, and LSA Secrets?? Or is it just that it blocked all those parts of PocketKnife, and since they couldn't run, it displayed "Access denied"?

Note, I was not running with AVKill enabled. Alex told me that the AVKill program itself is detected by many AVs. So, I'm wondering, when IS it useful to have it enabled? Does it stop AVG?

Thanks.

Link to comment
Share on other sites
elmer Newbie

elmer

Posted
Posted
there is a python program called slurp that does this. It would be cool to write this in open source. I prefer not to slurp with bat scripts.

I just wrote up a 2 line Ruby program in 30 seconds that will copy all .txt files in its current folder to a directory you specify. If you want I can extend it to where you can specify what file types you want. Once that is done I could add a GUI I guess. That's not a bad idea, actually. It should make for a great test app. The 2 lines I referred to are the following:

require 'fileutils'
FileUtils.cp(Dir.glob("*.txt"),"/home/elmer/txt")

e:Alright, now it's been expanded to 9 lines. You can now define your destination and what file types you would like copied. If the destination directory does not exist, it will create it. I guess the GUI is up next?

require 'fileutils'
dest="/home/elmer/slurp"
if File.exist?(dest) == true
else
    Dir.mkdir(dest)
end
["*.txt", "*.mp3"].each do |w|
    FileUtils.cp(Dir.glob(w),dest)
end

e2:I actually think this would be better as a text-only app. I'll compile it as an EXE that can be configured using a .yaml file, but I can't find a ruby compiler that works. exerb comes out with an unusable EXE and RubyScript2Exe doesn't work.

Link to comment
Share on other sites
Verye Newbie

Verye

Posted
Posted
The autorun works fine, but when I try to run the pocketknife from option 2 of MENU.bat, I receive the error:

Script: G:\SYSTEM\GO.VBS

Line: 16

Char: 9

Error: The system cannot find the file specified.

Code: 80070002

Source: (null)

Everyone gets that error, myself included. I'm too lazy to edit GO.vbs and re-customize the flash drive though, and clicking the U3 icon in My Computer does the same job.

If you ever want to run it manually, just click the U3 CD-ROM icon.

Link to comment
Share on other sites
elmer Newbie

elmer

Posted
Posted

OK, I've done almost everything I can to make this a good slurping tool. If you would like anything else (besides a GUI, I don't want to put that much time into this) ask, and I'll see if I can do it. As of right now it will create a configuration file if none exists, create the destination folder if it does not exist, and copy recursively all files ending in the extensions you specify in the config file.

I give to thee slurp.rb - a simple Ruby script to recursively copy files with certain extensions (as defined in slurp.yaml) to a certain directory (also defined in slurp.yaml). It is 14 lines long, including one line of explanation at the beginning of the file. The only problem is that I can't find a working compiler for Ruby. You can find a syntax-highlighted version here.

As I can't find a working Ruby compiler, it only works on systems with Ruby installed. If anybody knows of a Ruby compiler other than exerb and RubyScript2Exe, please let me know so I can check it out. Once I find a working Ruby compiler I can make this into an exe that will be able to run on any Windows machine.

Link to comment
Share on other sites
X3N Newbie

X3N

Posted
Posted
OK, I've done almost everything I can to make this a good slurping tool. If you would like anything else (besides a GUI, I don't want to put that much time into this) ask, and I'll see if I can do it. As of right now it will create a configuration file if none exists, create the destination folder if it does not exist, and copy recursively all files ending in the extensions you specify in the config file.

I give to thee slurp.rb - a simple Ruby script to recursively copy files with certain extensions (as defined in slurp.yaml) to a certain directory (also defined in slurp.yaml). It is 14 lines long, including one line of explanation at the beginning of the file. The only problem is that I can't find a working compiler for Ruby. You can find a syntax-highlighted version here.

As I can't find a working Ruby compiler, it only works on systems with Ruby installed. If anybody knows of a Ruby compiler other than exerb and RubyScript2Exe, please let me know so I can check it out. Once I find a working Ruby compiler I can make this into an exe that will be able to run on any Windows machine.

will it search the entire computer?

Link to comment
Share on other sites
noir Newbie

noir

Posted
Posted

I can't figure out what I'm doing wrong with this. I can't seem to get menu.bat to actually do anything. I can navigate the menus but trying to enable or disable modules doesn't work. I'm trying to do this on XP SP 2. Is there something I'm missing?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...