Communicating With A Lost USB Drive

[Phylix]

Just over the weekend, I went through the horrible ordeal of losing my USB drive.  For those few days, I felt. . .  incomplete.  Of course, I had backed up my data, but it was a few months old.  I work at a school as a technician and I had looked through the semester's course schedule to see one professor who may have retrieved it.  After asking him today and discovering he did not have anyone turn a drive in, I was quite disappointed.  I suspected a student had found it after taking out one of the computers for what I assume was for a computer building class and had simply kept it.  I felt pretty helpless.

So I made a vow to myself to never let this happen again.  I've been following Hak. 5 since early first season and the Switchblade was one of my favorite tools from the show.  I spent most of the morning catching up on its progress and an idea hit me after seeing a feature in Leapo's Pocket-Knife payload that would simply not run the payload if a specific file existed on the hard drive.  So I searched and I searched, but I couldn't find any information on creating a payload that checks a web page for a specific file before continuing to run or not.

I've tried searching for command line programs that would download files, but that's all they did. . .  Download a file.  I know I could probably have it download the file and then read it off the USB drive, but that would seem to make the process much slower. 

I'm not experienced with batch files, so does anyone know a way to quickly retrieve data from a website and maybe use an IF statement with it?  And also execute DOS commands retrieved from the same place?

I know the Switchblade has E-Mail capabilities, but I don't feel like it's enough.

Oh, and I did get my USB drive back.  The other technician I work with found it, but didn't know it was mine.  Unfortunately, it just broke two hours ago. . .  So I'll still have to buy a new one.

[Sparda]

wget is probably what you want. Don't know why windows doesn't come with these basic tools.

[Phylix]

Yeah...  I've looked at wget for Windows and cURL.  I've gone through the documentation and they don't seem to have anything that would allow me to do an easy check for a file on a website.

But I've been thinking, and I guess I could just have it always check to see if a file exists and download it to the USB drive and always check if that file has been downloaded first.  The only problem is that if the partition is formatted or all my files are simply deleted, a suspicious file will always be downloaded, so keeping it all on the CD drive partition would just seem more elegant.

[GonZor]

[me=GonZor]is confused[/me]

I've thought about this idea a lot before and only recently decided to start doing something about it. I haven't actually written any code for my idea but reading your post's I am left confused as to what you are trying to accomplish. Why would you need to check if a file exists on a web server? Isn't that over complicating things?

[Sparda]

No, becasue thats how you get remote control. Since you can 'send' things to the drive, the drive has to 'fetch' things from a server you have control of.

[Phylix]

This was how I was picturing it:

-I lose my USB drive and someone else picks it up, but doesn't return it.

-I immediately upload a file on my website:  http://www.phylix.com/1.txt

-The next time someone plugs in my USB drive, it will check to see if 1.txt exists, otherwise 404.

  -If 1.txt exists set it to do one/some of these (Maybe by reading what is inside 1.txt?):

    -Delete my files.

    -Encrypt my files.

    -Upload/E-Mail sensitive files from person's computer.

    -Run Switchblade.

    -Execute DOS commands.

    -Download and run a file.

    -Anything else I can't think of right now.

  -If 404 error, do nothing.

[Sparda]

Perhaps you should change there desktop back ground as well "Hay, return that whihc is  not yours! You are been watched." + revers VNC.

[Peppery]

I've been thinking about something like this for many months now, I didn't know there'd be this much demand.

How I'd do it is insert my own custom . exe into the Autorun before Launchpad starts.  Let it do it's stuff, then load launchpad.  This may take a bit longer for you to get to your U3 application list, but hopefully not that much.

I'll cook up some code now to get this going.

[Peppery]

Okay, I've written up some code to do this. See this topic for more details. I hope it helps =)

[digip]

Perhaps you should change there desktop back ground as well "Hay, return that whihc is  not yours! You are been watched." + revers VNC.

That would be priceless! Maybe do the whole "silent patch" thing ala Microsoft and leave a little nasty gram from the user who stole it.

Is there a way to make it auto run something on Linux as well. What happens when the user who takes it is nto running windows? How would you then send a message to the user? And waht about a MAC.

This would actually make a pretty decent security product for a drive though. Say, your in the government and you have your stuff stolen, you could make sure that whenever it gets plugged it it runs a sequence of jobs and phones home no matter what system it is plugged into. Makes it easier to track and the possibility to recover it, if not catch up with the person who took said device. They should start making them with GPS in them as well so people can track stolen drives, pcs, etc...

Imagine sending a pop to the user that tells him or her their Lat and Long coordinates and warns them to mail the device to a certain address or be arrested within the next few hours. I bet you would shit a brick, even if it wasn't true, if a fake message like that might get your device returned if all it did was pop that up on insertion. It doesn't even have to be their real coordinates (although they might actually check). You would probably have a pretty good return percentage. Make an official government like type of image and disclaimer along with the pop up to make it look more authentic. Might scare some people into actually mailing it to you.

[GonZor]

Imagine sending a pop to the user that tells him or her their Lat and Long coordinates and warns them to mail the device to a certain address or be arrested within the next few hours. I bet you would shit a brick, even if it wasn't true, if a fake message like that might get your device returned if all it did was pop that up on insertion. It doesn't even have to be their real coordinates (although they might actually check). You would probably have a pretty good return percentage. Make an official government like type of image and disclaimer along with the pop up to make it look more authentic. Might scare some people into actually mailing it to you.

Sounds like a good idea :P

At my old school the people that would be the ones to steal the USB drives wouldn't be smart enough to check, they would believe it but they would more likely bin the drive rather than mail it back. and so you would once again be without a drive.

[digip]

I almost want to try this just to see what happens. I have a few 128 meg freebies I got from Staples with my cd spindles, but they are not U3, so do not know how I would get them to launch anything, but I would be willing to leave one in a cafe somewhere, just to see what happens. Maybe have it designed to post to my website everytime its plugged in and get me the ip address of the user so I can then do a location assesment on the isp and general location it ended up in.

Is there a way to make any generic USB drive launch programs on insertion, or do they have to be U3 capable drives?

[Xqtftqx]

Well Aculary the testing for the file chould be very easy.

make a html document with:

<title>0</title>

now make a vb app

add a webbrowser and browse to that file.

add the code to Me.Load To check that file for a 1 in the title

and then it chould run some code that whould do what you want

[Sparda]

Well Aculary the testing for the file chould be very easy.

make a html document with:

<title>0</title>

now make a vb app

add a webbrowser and browse to that file.

add the code to Me.Load To check that file for a 1 in the title

and then it chould run some code that whould do what you want

Similaly, you could do some really strange stuff. You could include some *cuts him self* vb script (it hurts so much) in the page and have the executable run it so you can do any thing (literally) remotely.