suicidemayhem Posted January 9, 2008 Share Posted January 9, 2008 so, instead of fighting with the auto run on non U3 usb keys and hoping the person will run the program (if you are not accessing the computer), why cant this be installed on a cheap cd and instead of the information being written on the drive, it writes to the root directory *.log/*.rar of the computer, emails results, and deletes the file? the person gets what they need off the cd and is none the wiser? in this case, autorun will obviously work (unless disabled completely) and if the cd is just blank, the person may just discard it, leaving no trace at all. none of the programs, that i have seen, need to write to themselves or on the disk they are on, they write data where you tell it correct? could this be done?? Quote Link to comment Share on other sites More sharing options...
SomeoneE1se Posted January 9, 2008 Share Posted January 9, 2008 um... huh? Quote Link to comment Share on other sites More sharing options...
suicidemayhem Posted January 9, 2008 Author Share Posted January 9, 2008 instead of writing the log to (USB DRIVE)..documentslogfiles(computername), write it to %SystemRoot%Logfiles%computername% and email that file. since the "USB" drive will not have to be written on at that point, a standard cd can call the shots and email the logfile to its destination. Quote Link to comment Share on other sites More sharing options...
SomeoneE1se Posted January 9, 2008 Share Posted January 9, 2008 I think someone did this already Quote Link to comment Share on other sites More sharing options...
suicidemayhem Posted January 9, 2008 Author Share Posted January 9, 2008 I've made it. A cd that installs itself on the desktop, creates and emails the log file, then removes itself from the system. Do you know what a 50 pack of CD's runs? yeah, MUCH cheaper than usb keys. and the fact that it autoruns FLAWLESSLY is an extreme benefit. Quote Link to comment Share on other sites More sharing options...
Xqtftqx Posted January 10, 2008 Share Posted January 10, 2008 U3 hacking... windows thinks its a cd. no difrence, exept its cheaper Quote Link to comment Share on other sites More sharing options...
sc0rpi0 Posted January 10, 2008 Share Posted January 10, 2008 so, instead of fighting with the auto run on non usb keys and hoping the person will run the program (if you are not accessing the computer), why cant this be installed on a cheap cd and instead of the information being written on the drive, it writes to the root directory *.log/*.rar, emails results, and deletes the file? the person gets what they need off the cd and is none the wiser? in this case, autorun will obviously work (unless disabled completely) and if the cd is just blank, the person may just discard it, leaving no trace at all. none of the programs, that i have seen, need to write to themselves or on the disk they are on, they write data where you tell it correct? could this be done?? Sure, just one problem. USB drives put the information on the USB drive. Since cd's cannot be written to, the logs must be ftpd or email off. Chances are, if your target is not your grandma, then the target's firewall will block the email leaving you with nothing. :( Great idea though. Quote Link to comment Share on other sites More sharing options...
GonZor Posted January 10, 2008 Share Posted January 10, 2008 Sure, just one problem. USB drives put the information on the USB drive. Since cd's cannot be written to, the logs must be ftpd or email off. Chances are, if your target is not your grandma, then the target's firewall will block the email leaving you with nothing. :( Great idea though. Actually *MOST* firewalls allow any outgoing traffic (even Smoothwall until recently by default allowed any outgoing traffic), And most people only use windows built in firewall. Quote Link to comment Share on other sites More sharing options...
suicidemayhem Posted January 10, 2008 Author Share Posted January 10, 2008 Sure, just one problem. USB drives put the information on the USB drive. Since cd's cannot be written to, the logs must be ftpd or email off. Chances are, if your target is not your grandma, then the target's firewall will block the email leaving you with nothing. :( Great idea though. I already have a working cd. in fact, the files are hidden, the cd 'looks' completely blank. the program files are copied to the computer, executed, and a log file appears in my inbox within 30 seconds. there is no sign anything happened at all. tested on 4 computers, no problems at all. afterwards, all the copied programs and such are removed from the system and no trace is left. Quote Link to comment Share on other sites More sharing options...
Sparda Posted January 10, 2008 Share Posted January 10, 2008 no trace is left. Not possible on windows Quote Link to comment Share on other sites More sharing options...
suicidemayhem Posted January 10, 2008 Author Share Posted January 10, 2008 ok, no trace that unless you dont know more than how to open microsoft word and get online you cant find it. better? Quote Link to comment Share on other sites More sharing options...
moonlit Posted January 10, 2008 Share Posted January 10, 2008 no trace is left. Not possible Fixed. Quote Link to comment Share on other sites More sharing options...
sc0rpi0 Posted January 10, 2008 Share Posted January 10, 2008 Sure, just one problem. USB drives put the information on the USB drive. Since cd's cannot be written to, the logs must be ftpd or email off. Chances are, if your target is not your grandma, then the target's firewall will block the email leaving you with nothing. :( Great idea though. Actually *MOST* firewalls allow any outgoing traffic (even Smoothwall until recently by default allowed any outgoing traffic), And most people only use windows built in firewall. Thanks for the information. Most people I know use either Mcafee or Norton. I believe that both block outbound until permission is granted. Although this can be easily fixed by "netstop security center," the security center stops the ftp. Quote Link to comment Share on other sites More sharing options...
Sparda Posted January 11, 2008 Share Posted January 11, 2008 no trace is left. Not possible Fixed. Mounting a NTFS (or any file system for that matter) partition in Linux or BSD (off a live disk of course) read only would leave no trace. ;) At least not in the computers 'mind'. In reality (is that different to the computers mind some how?) you would of course leave traces. We are not talking in this contexts, so these points are a bit moot. Quote Link to comment Share on other sites More sharing options...
sc0rpi0 Posted January 11, 2008 Share Posted January 11, 2008 I already have a working cd. in fact, the files are hidden, the cd 'looks' completely blank. the program files are copied to the computer, executed, and a log file appears in my inbox within 30 seconds. there is no sign anything happened at all. tested on 4 computers, no problems at all. afterwards, all the copied programs and such are removed from the system and no trace is left. If it's not too much trouble, would you mind posting the files in something like a zip? With MediaFire, the file can be hosted in a matter of seconds. Thanks very much. Quote Link to comment Share on other sites More sharing options...
suicidemayhem Posted January 11, 2008 Author Share Posted January 11, 2008 something is up with my server for my site. ill have a rar up asap for you to see what i have done. keep in mind my code is very disorganized, im new to this. i haven't programmed since high school c++. it does work perfectly (except for the keylogger for now), but it is nowhere near finished. this is just a version that was thrown together to make sure it worked. with that being said, let me figure out why it wont upload. Quote Link to comment Share on other sites More sharing options...
sc0rpi0 Posted January 12, 2008 Share Posted January 12, 2008 something is up with my server for my site. ill have a rar up asap for you to see what i have done. keep in mind my code is very disorganized, im new to this. i haven't programmed since high school c++. it does work perfectly (except for the keylogger for now), but it is nowhere near finished. this is just a version that was thrown together to make sure it worked. with that being said, let me figure out why it wont upload. No hurry. Thanks. Quote Link to comment Share on other sites More sharing options...
suicidemayhem Posted January 12, 2008 Author Share Posted January 12, 2008 ok, its up. www.rivalgraphix.com/public/ should be the only file there now, Sawblade2.0 again, remember its all over the place file-wise, but it works. modifications can definitely be done/improved/added. right now it logs almost all the stuff switchblade did, plus it installs a keylogger. the install works fine, just cant get the scheduler thing to work properly. and its not as hidden as it was, i stripped it down to learn the code better. go.cmd is basically everything, i didn't use start.bat. go seemed to have everything i wanted to get done, so i started there. it also works very fast, logs being emailed to me within 20-30 seconds. i have tried it on 5 computers. worked perfect on 4 (xp), but failed on the last (nt i believe). the one it failed on is a rip station for printing at work, but as far as i have determined, the code/variables are different in nt than xp, so that may be it. besides, i dont know anyone running just nt except maybe at school. INSTALL: Just drop the three folders to a cd and burn. dont forget to edit the send files to add your own email. there is one file in each folder that emails need to be added to. the go.cmd file controls the email for the log and external ip for now. there are some weird command lines at the bottom that rename the c drive, popup network msgs, etc. these were thrown in there personally to send to people i know, just to mess with them and for me to familiarize myself with the commands. they are commented out, have nothing to do with the program. HAVE FUN, let me know how it works out! oh, and it installs to the desktop because i wanted to see it happen, not have to dig through directories to find the folder. it deletes all the files inside the TEMP folder afterwards, but for some reason doesn't delete the folder, haven't figured that out. install path will definitely be changed in the future mods. its named Sawblade cause the original Saw dvd was in front of me at the time and it does go along with the whole 'blade' naming theme... Quote Link to comment Share on other sites More sharing options...
moonlit Posted January 12, 2008 Share Posted January 12, 2008 no trace is left. Not possible Fixed. Mounting a NTFS (or any file system for that matter) partition in Linux or BSD (off a live disk of course) read only would leave no trace. ;) At least not in the computers 'mind'. In reality (is that different to the computers mind some how?) you would of course leave traces. We are not talking in this contexts, so these points are a bit moot. Ok, so there are ways, but there could well be network logs and such, it's not just the local machine that can log... Quote Link to comment Share on other sites More sharing options...
Archangel Posted January 12, 2008 Share Posted January 12, 2008 Aye CD is not the greatest to use if your computer is under a user level where so many privileges are taken away you can not even put in a CD just to play music on let alone access a program. I started out using floppys before I had finally got a USB key which makes so much more difference then before. CD's are only good for such a time before you can get into networked computers. Then the best way to go is either USB or floppy. But thats how I see it in the simplest way. Quote Link to comment Share on other sites More sharing options...
suicidemayhem Posted January 12, 2008 Author Share Posted January 12, 2008 I agree, cds cant be used all the time, especially since just about every computer has usb, its much faster, dont have to rely on email, etc. but, with a cd, i can give someone files/data/whatever and have the progs loaded on it hidden. there are benefits to the cd, even if the usb key is better. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.