teknicalissue Posted May 9, 2008 Posted May 9, 2008 hello, im new to this forum but it looks really kick @$$ EDIT: this may seem skidish but hey?, a contribution is a contribution right? now while watching you vids i was actually thinking. . what if i want to take passwords from the target computer AND "Disable" it to its knees where the only way to bring it back is to reformat. now how is this done? well i used fgdump for the passwords (if anyone can provide a link for IE passwords and stuff like that i would HIGHY appreciate it) and once that has been opened, it proceeds to open up the "Injection" what the injection does relies on two things. is the user running enough privlages to edit protected system files? if yes then edit the system32 files AND the sytem32 back up files, also edit the files that allows the system to be accessed through safe mode. if the user is not running with enough privlages then place a specific file into the all users start up (ONLY IN XP) and launch a message saying ("The system has been infiltrated, please log in as an administrator and edit security settings")<---- or something along those lines. maybe a basic fork attack to convince the IT in the target work place to log in as an administrator. once the IT logs in as administrator, the whole system files editing comes in to place, thus bringing down the system to its knees AND you have a few password hashes as your reward. i hope this helps =) btw I love this forum/Hack. 5 haha its pretty awsome Quote
natural_orange Posted May 9, 2008 Posted May 9, 2008 And that is what we call a virus... Would you really want someone to do that to you? probably not... Quote
SomeoneE1se Posted May 9, 2008 Posted May 9, 2008 I'll help you figure it out if you can name one white hat use for this Quote
manuel Posted May 9, 2008 Posted May 9, 2008 oh that kind of lethal injection... I thought you meant you'd swallow the drive and hope it lethally inject you. Here's to hoping. Quote
teknicalissue Posted May 9, 2008 Author Posted May 9, 2008 actually ive already made it lol, im just posting it so people would know =) a white hat use? im not gonna lie i don't really see a white hat use... and yes natural, i agree lol i would hate this to be unleashed on me (even though i unleashed it on myself by accident 2 times lol) but yea those are my 2 cents Quote
SomeoneE1se Posted May 9, 2008 Posted May 9, 2008 wow, you're like that DEA angent "I am the only in this room who can handle this glock9" *bang* he shoots himself in the foot.... only you did it twice... Quote
teknicalissue Posted May 9, 2008 Author Posted May 9, 2008 hahaha thats basicly how it went, first incident was when i first finished the first batch.. lol haha i was like "lets try it =)" lol so i unleashed it on me and the second time was when i had the flash drive ready haha i accidently pluged it in thinking it had my essay and guess what? haha my comp's O/S was done and gone lol Quote
Darren Kitchen Posted May 9, 2008 Posted May 9, 2008 White Hat use: Switchblade payload that echo "Your system has been compromised. No data was stolen. You have not been infected. This note describes the vulnerability and possible workarounds. blah blah blah" >> "%userprofile%Start MenuStartupNotification.txt" Back in the day while wardriving we'd look for shared printers and print out a little notice about how to enable WEP (WPA wasn't out yet). Quote
SomeoneE1se Posted May 9, 2008 Posted May 9, 2008 not for the switchblade, I've seen white hat uses for it*, but for this payload What's the white hat use for fucking over an OS? (*moonlit you need to build a anti USB hack payload) Quote
teknicalissue Posted May 9, 2008 Author Posted May 9, 2008 well a white hack use for this i would think is basicly to test your skills...then again that would go more towards the gray hat side.... i mean if you were an IT professional and i were to bring this issue upto you, wouldn't you do something about it kinda thing? lol but then again lol this falls under alll sorts of usb hacks haha i honestly don't think there really is a complete white hat use for this Quote
moonlit Posted May 9, 2008 Posted May 9, 2008 Please report to Moonlit's office, c/o whichever is the nearest country where murder isn't a punishable offence. Thanks. Quote
teknicalissue Posted May 9, 2008 Author Posted May 9, 2008 wait. huuuuhhh?? haha and i can name a country where you CAN get away with murder =), venezuela. Quote
moonlit Posted May 9, 2008 Posted May 9, 2008 I'm running low on methods of textually suggesting that I'm thoroughly pissy with people who design things specifically to fuck with systems. At least some method of preventing the attacks or antidotes would be nice. Quote
chazzm Posted May 9, 2008 Posted May 9, 2008 I gotta say to post this kinda thing is alright, BUT I would think that a way to prevent this would be a much better way to spend time!!! I mean if you are that pissed to do something like this to someone maybe you need a time out or something LOL,,, ("Hacking" Get in, Get out, Leave no trace!!!) Quote
Xqtftqx Posted May 9, 2008 Posted May 9, 2008 just hit the fucking thing with a hammer, less work. Quote
Scorpion Posted May 9, 2008 Posted May 9, 2008 I would say one way to stop it from happening is disable Autorun or make the program look for a little file in a certain area if it see it, it wont attack thats what i've done with one of my programs that TAKES pictures from My Pictures and My Documents and sends it by FTP to a server (works well). A third option is when it saves a file on its drive the computers name so its like i've already been here or he's in my list i wont do it honest Quote
teknicalissue Posted May 9, 2008 Author Posted May 9, 2008 haha moonlit lol im not gonna use it on some one else i honestly just like having something like that with me, lol same feeling as when you write a program and your like OMFG IT WORKSS!!!, honestly guys ha i really don't have any intensions on using it on some one, like i said lol it was just an idea i had.. NOW to prevent this sort of thing, have a batch file (or any other type of file) that saves/records and backs up your sytem files AND make it run on everyrestart on the autorun in the C: drive... lol goodness haha im sorry for posting this post, to me it looked like a sound idea =/ Quote
nicatronTg Posted May 10, 2008 Posted May 10, 2008 When I read the topic, I thought that you modded a usb drive to give you a lethal injection. Didn't we have a "No harmful USB hacks" thread? Oh, yes, here: http://hak5.org/forums/index.php?showtopic=8358 Quote
teknicalissue Posted May 10, 2008 Author Posted May 10, 2008 my bad lol, if you guys want delete this post, i don't wanna break your rules =) Quote
nicatronTg Posted May 10, 2008 Posted May 10, 2008 My guess is that it is fine, as Moonlit already has seen it, and usually pwns the thread if it is bad, before it gets elaborate. Quote
teknicalissue Posted May 10, 2008 Author Posted May 10, 2008 haha good lol but yea, lol i don't wanna give a bad first impression or anything Quote
nicatronTg Posted May 10, 2008 Posted May 10, 2008 You want to see the topic entitled: "readme.txt - the final readme", as it has valuable information that you may need for this forum. Quote
Angablade Posted May 10, 2008 Posted May 10, 2008 I have figured out after a while how this could be used as a white hat use. Now place yourself in this predicament: You have been hacked.. and it's valuable information about your credit shit.. not.. say you know who it is.. you can access the computer and the files.. but you don't want to be known by the person.. So, You put the injection in.. and bam.. your shit is protected.. :) Now, this may never happen.. but to keep in mind.. that you asked for a white hat use. Quote
SomeoneE1se Posted May 10, 2008 Posted May 10, 2008 I have figured out after a while how this could be used as a white hat use. Now place yourself in this predicament: You have been hacked.. and it's valuable information about your credit shit.. not.. say you know who it is.. you can access the computer and the files.. but you don't want to be known by the person.. So, You put the injection in.. and bam.. your shit is protected.. :) Now, this may never happen.. but to keep in mind.. that you asked for a white hat use. how about unplugging the ethernet cable Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.