Jump to content

USB Pocket-Knife Development


Leapo
 Share

Recommended Posts

  • 3 weeks later...
  • Replies 818
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Posted Images

  • 4 weeks later...

Ok guys, I know I haven't touched this in a while...checking in so you know I'm not dead.

Looking through all the old scripts, its occurred to me that the payload in its current state is a collection of hacks piled one on top of the other. There are a few gems in there, but it all could largely be done much better.

Keep an eye on this thread, a massive overhaul is coming, I'll have it ready in a couple of weeks...

Link to comment
Share on other sites

UPDATE: VERSION 0.8.0.0 PRE-RELEASE IS OUT!

This is a test release for you all to try out, which I feverishly rebuilt from the ground up over the last few days (wow, i actually beat my "couple of weeks" deadline by a bit, hope this makes up for the huge delay between updates). I trashed most of the old script and rebuilt the entire payload using GonZors as a base...though I doubt much of his code would be at all recognizable after what I've done to it, I pretty much put his payload through a wood chipper and put it back together again. Keep in mind that this is pre-release quality, I haven't personally tested everything on the payload, so some things may or may not work (please report anything broken).

I'm going to go ahead and add a link to this release to the front page and re-order my original post a bit to highlight the changes. Tell me what you think of the new setup, report any bugs or issues, and start up the think-tank because I'm ready to implement new features and I need ideas!

Full U3 Compatibility - NEW FEATURE

The System directory of the payload (where anything at risk of being nuked resides) is now capable of running directly from the U3 partition. This pre-release download includes both the U3 and Non-U3 versions of the payload, but i have not yet created a pre-built U3 ISO.

Menu System - OVERHAULED

This is a big one, I think I spent more time on the menu system than anything else in the payload. Menu.bat (located on the flash partition in both the U3 and non-U3 builds) will now let you manage every single aspect of the payload, without mucking around with a text editor. The whole thing has been fleshed out with a full working nested menu system, ASCII GUI, loading animations, and even drive-type detection (some parts of the payload are specific to the Non-U3 version and are either not available or not needed on U3 drives). 2500 lines of script later, I have a 134kb batch file that is the best Text UI i believe is possible using batch.

Note for U3 users: Auto-Update is currently only available in the non-U3 version of the payload because it needs to modify the System directory. I'm working on a solution to this.

Module Management - OVERHAULED

No more editing Start.bat, you can manage this from within Menu.bat with a pseudo-GUI. Not only is this more simple, it's necessary for allowing settings changes without reflashing the U3 partition on U3 drives.

Available Modules - NOTICE

Remember when i said this was a pre-release? Well it's not just because some things might not work (though by all accounts they should be fine), but it's because some modules are completely missing. Now don't fret, most everything important has been re-implemented into this new build, just a few niceties like auto-compressing log files that need to be re-coded.

DOWNLOAD THE USB POCKET KNIFE V0.8.0.0 Pre-Release

includes both U3 and Non-U3 version. The U3 version has the ISO sources but no pre-built ISO, the final version will be a little more put-together (I rushed to get this thing out the door, I'm trying to get this back up to date and i don't want to lose steam).

Download Mirrors:

RapidShare

Link to comment
Share on other sites

  • 2 weeks later...

I'm new here... I am rewriting the switchblade in autoit and was wondering if anyone is interested in that or if they wanted to contribute. Once i complete the payload i will post the source code. AutoIT has some cool ways of doing things in windows that is far superior to vbs or bat scripts. However I am making it compatible with some existing bat scripts.

Also i am interested in doing this same thing in different scripting languages including Perl and ruby. Does anyone have experience with creating portable Perl or ruby environments for development and or deployment on systems that dont have the binaries installed already?

Link to comment
Share on other sites

I play with AutoIt, and had a payload made in it too, but decided not to release it. AutoIt is an interpreted language that makes exe's by combining the source you write with a static binary header. What this means is, if your payload starts getting flagged as a virus/hacktool by anti-virus software, so will all other AutoIt scripts, including other people's. Not wanting to be that much of an asshole, I decided it was best not to give that to people.

This isn't just a problem with AutoIt, but with any interpreted language that can be compiled to an exe, which I believe both Perl and Ruby can.

I'm not trying to rain on your parade, just letting you know while it is possible, it's not something that would be good for everyone (course, the switchblade could also be seen as something not good for everyone).

Link to comment
Share on other sites

There's one thing I have that I might post: the vbscript that autoruns from the CD partition bugged me, so I remade it in AutoIt, gave it the U3 Launcher's Icon, and just made it look like the original. All it did was search all drives for "go.exe" off the root, and try to run it.

I think I'll rewrite it, to have a little error checking, and also search for go.bat, as well as go.exe. Something like that could be very useful, in a non-destructive way.

Link to comment
Share on other sites

dude this is sick.... i am going to dl... but i have a quick question... how big is the file if i wanted to dl

yah i have dialup...

Erm...if you click the rapidshare link it tells you right there. It's a little over 20MB.

Link to comment
Share on other sites

i will be also switching to autoit for sending mail via smtp + ssl instead of using blat and stunnel because creating a service and then deleting it is more messy then just using autoit. I like to have the output of the switchblade to get emailed to myself as well as saved on the memstick.

In regards to using autoit instead of bat scripts it tends to be more reliable... bat scripts fail more often for unknown reasons...

Link to comment
Share on other sites

You need make the payload so that macafee won't detect it they are the hardest av to get around. I have seen a lot of payloads/other get totaly nuked by that av.

Link to comment
Share on other sites

I like to have the output of the switchblade to get emailed to myself as well as saved on the memstick.

That'll be in the next release.

You need make the payload so that macafee won't detect it they are the hardest av to get around. I have seen a lot of payloads/other get totaly nuked by that av.

If you had read the first post or the included readme you would know this payload is practically impossible to nuke. The U3 version can't be touched by AV software, and the non-U3 version can be backed up and restored from the included menu.bat at any time. Keeping the executables in the payload up to date (on the non-U3 version at least) can also help stop antiviruses from detecting them; just like backup/restore, this is built into Menu.bat.

RTFM next time, please.

Link to comment
Share on other sites

the exe's can also be repacked to get by av stuff...

Yes, that can work, but I've seen VERY strong opposition to every payload released here with repacked executables (usually because they don't know what else might have been packed in).

That said, I /might/ build in an auto-repack that the user can activate themselves if they wish. let me add that to the list...

Link to comment
Share on other sites

If you had read the first post or the included readme you would know this payload is practically impossible to nuke. The U3 version can't be touched by AV software, and the non-U3 version can be backed up and restored from the included menu.bat at any time. Keeping the executables in the payload up to date (on the non-U3 version at least) can also help stop antiviruses from detecting them; just like backup/restore, this is built into Menu.bat.

RTFM next time, please.

I did read the readme and THIS WHOLE THREAD!

I just added alittle input on how McAfee detects ALOT of these programs your using!

You might want to test your payload on McAfee youself.

Sorry I misspelled McAfee on my last comment.

Link to comment
Share on other sites

I just added alittle input on how McAfee detects ALOT of these programs your using!

You might want to test your payload on McAfee youself.

Same base set of programs as just about every other payload around here, they all get detected as well. Like I've already said, I didn't make the executables, and short of repacking them (which a lot of people don't like) there's not much I (or anybody else can do) can do.

Link to comment
Share on other sites

Ok, yah I know like you said "I didn't make the executables, and short of repacking them (which a lot of people don't like)" Hey, But at least you are creating the .bats and making a GREAT Payload! One other thing have you and Gonzor tried working on the payload together? I saw a few posts that some people made that said "why don't you and Gonzor work on the payload together?" But I didn't see any offical feedback yet. It wasn't quite stated that you ARE working together. I just thought I'd ask!

Great work so far!

Link to comment
Share on other sites

Oh, ok. Also sorry about the annoying userbars I will get on that as soon as possible! I didn't realize your eyes were offended by them : )! Thanks for the help!

Link to comment
Share on other sites

Do you know were I can get a re installation program for a 1gb geeksquad u3 usb? I looked all over for at least 4 months. Also I was wondering would I be able to use the sandisk one instead, if so can you give me a link to the re installer? [i'm not sure if what I have is the right program.]

I would greatly appreasheat (sorry if I misspelled that.)your help!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...