nuttz Posted June 3, 2008 Share Posted June 3, 2008 I apologize in advance if this has been answered else where, I have look but have no doubt missed someting :/ How useful are these switchblade payloads when run on an account with out Admin access. I'm thinking on use in a basic 'pen test' scenario* where I can just plug a key into an unmanned PC and letting it slurp data off it then yanking he key. From what I can see gonzor's payload with the VNC disabled would probably be my best bet, would that be correct? Most other payloads seem to install a lot of software on the PC in question. * I'm not a pen tester (obviously :) ) but looking to maybe get into the area. Quote Link to comment Share on other sites More sharing options...
kz26 Posted June 4, 2008 Share Posted June 4, 2008 Basically, anything that accesses protected system stuff (pretty much all password dumpers, services, and other such tools won't work) file copy should work, though. If you want it to run completely silently look at one of the U3 payloads. If you don't have/want/need U3 there are many other options. Not trying to advertise myself here, but I actually designed my ZBLADE2 payload with something like this in mind. It uses ROBOCOPY to mirror the file types you select, and detects whether or not admin access is present and runs the appropriate tools. Good luck :) Quote Link to comment Share on other sites More sharing options...
trustme Posted June 4, 2008 Share Posted June 4, 2008 Our payload tends to work fine if there isn't an AV running, you prolly want to disable the hacksaw as well as vnc. Register at out site to get access to the beta (not really a beta, but it has updated (Read: not as likely to be detected) payload exes). Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.