SanDisk Cruzer Micro - Page 2

beakmyn · 04-02-2007

Quote:

Originally Posted by theprez98

PackageFactory for U3

convert applications to run on U3

I have some 200 applications And some others that have to be zipped with a password so that the overzealous antivirus doesn't delete them. Until I can find a freeware encrypter.

DaKahuna · 04-02-2007

I have taken a spare SanDisk mini cruiser and am running Switchblad on it. When I plug it into my Windows XP box at work which is running McAfee AV and AS, the pwdump file is being deleted and the log file shows everything collected except the password dumps. I guess that is a good thing !!

Anyone have a version of PWDump that does not get deleted by AV/AS products?

theprez98 · 04-02-2007

Quote:

Originally Posted by DaKahuna

Anyone have a version of PWDump that does not get deleted by AV/AS products?

Yes and no. I have an encrypted version that Symantec ignored at home, but found here at work. I haven't checked versions though to compare. Either way, you definitely need some form of encrpyter or file packer. Somewhere there is also a avkill.exe(?) that disables some AV products (free stuff mostly).

theprez98 · 04-02-2007

Quote:

Originally Posted by beakmyn

I have some 200 applications And some others that have to be zipped with a password so that the overzealous antivirus doesn't delete them. Until I can find a freeware encrypter.

I'm looking for something as well. The key being if it is a popular encrypter, Symantec probably already knows about it.

DaKahuna · 04-02-2007

I hear that. Okay, Let me see what I can come up with and we can compare notes later. Disabling AV is not how I would want to do it. I would prefer something undetected.

Barry · 04-02-2007

Just to let you know, they do work with Vista, you just have to get them to brows the folder.

theprez98 · 04-02-2007

Quote:

Originally Posted by DaKahuna

I hear that. Okay, Let me see what I can come up with and we can compare notes later. Disabling AV is not how I would want to do it. I would prefer something undetected.

Exactly. However, if you could write part of the batch file to automatically disable the AV program upon inserting the usb drive, that would serve the same purpose.

theprez98 · 04-02-2007

Quote:

Originally Posted by Barry

Just to let you know, they do work with Vista, you just have to get them to brows the folder.

That's the same concept that works with non-U3 drives. If you can get the person to browse the folder it will automatically launch the go file (at least that's how I understand it).

beakmyn · 04-02-2007

Quote:

Originally Posted by theprez98

Exactly. However, if you could write part of the batch file to automatically disable the AV program upon inserting the usb drive, that would serve the same purpose.

Mcafee Enterprise automatically enables itself if disabled after a few minutes. And it's a PITA if you're trying to compress/encrypt/pack a file and it deletes it on you!

Oh and Get Pstart U3 edition
Install it
Move your current Pstart.xml file \<UUID>\Data and rename it as Settings.xml
Move all your files to \<UUID>\Data and Pstart functions just fine (download the version from author of pstart instead of using a packager)
Ejecting the drive will shutdown pstart for you.

<UUID> is the unique id assigned by launcher

beakmyn · 04-24-2007

Based on Amish MaxDamage

So I've been having fun and tweaking it. If you want it here it is.
I'll be adding a U3 package and letting the built autorun in U3 launchpad run it.

http://www.frontiernet.net/~wardrive...witchblade.zip

!switchblade#

Added:

net share
net user
cleaned up code and fixed a couple bugs
Firepassword
different pwdump version (also experimenting with fgdump)
clipboard contents
nircmd to play 2600 Hz tone when done

Looking into using removedrive to perform self-eject when done (it copies itself to temp if called from running drive)

beakmyn · 04-28-2007

only it cost $499.00
http://gizmodo.com/gadgets/tell-me-where-the-bomb-is/

Barry · 04-28-2007

Quote:

Originally Posted by beakmyn

only it cost $499.00
http://gizmodo.com/gadgets/tell-me-where-the-bomb-is/

I wish. I wonder if they would count school computer technicians as "investigators"? They only sell to law enforcement. On a side... A while back when linux was still being ported the iPods, some one had a proof of concept app that ran on them. You could plug your iPod running linux into a mac's firewire port and pull the shadow file from a machine that was locked. I don't know if they ever released it or not.

beakmyn · 05-14-2007

Looks like someone is marketing the Max Damage Switchblade / Back orifice

http://www.snoopstick.com/

theprez98 · 05-14-2007

Quote:

Originally Posted by beakmyn

Looks like someone is marketing the Max Damage Switchblade / Back orifice

http://www.snoopstick.com/

Unfortunately, it was only a matter of time.

ccie4526 · 05-17-2007

Put beakmyn's zip onto my non-U3 Apacer, have plugged into several machines, and rooted only one. Thus, thinking I need to do U3 after all.

Saw the Cruzer Micro 1Gb at WalMart last week for $19.99, looked like regular price. Guess I'm gonna have to break down and get one.

04-02-2007	#21 (permalink)
Barry Managing the iTards. Join Date: Dec 2002 Location: Ohio Posts: 5,367	Just to let you know, they do work with Vista, you just have to get them to brows the folder. __________________ Atheism is a non-prophet organization.

04-24-2007	#25 (permalink)
beakmyn root\.workspace\.garbage. Join Date: Aug 2003 Posts: 4,796	Based on Amish MaxDamage So I've been having fun and tweaking it. If you want it here it is. I'll be adding a U3 package and letting the built autorun in U3 launchpad run it. http://www.frontiernet.net/~wardrive...witchblade.zip !switchblade# Added: net share net user cleaned up code and fixed a couple bugs Firepassword different pwdump version (also experimenting with fgdump) clipboard contents nircmd to play 2600 Hz tone when done Looking into using removedrive to perform self-eject when done (it copies itself to temp if called from running drive) __________________ Daughter with arms inside shirt: "Daddy I'm not Armish" ┌──────────────────────────────┐ ╞ NS Icons Explained\|et hoc genus omne ╡ └──────────────────────────────┘ Last edited by beakmyn : 04-24-2007 at 01:26 PM.

04-28-2007	#26 (permalink)
beakmyn root\.workspace\.garbage. Join Date: Aug 2003 Posts: 4,796	Barry's got one now too only it cost $499.00 http://gizmodo.com/gadgets/tell-me-where-the-bomb-is/ __________________ Daughter with arms inside shirt: "Daddy I'm not Armish" ┌──────────────────────────────┐ ╞ NS Icons Explained\|et hoc genus omne ╡ └──────────────────────────────┘

05-14-2007	#28 (permalink)
beakmyn root\.workspace\.garbage. Join Date: Aug 2003 Posts: 4,796	Looks like someone is marketing the Max Damage Switchblade / Back orifice http://www.snoopstick.com/ __________________ Daughter with arms inside shirt: "Daddy I'm not Armish" ┌──────────────────────────────┐ ╞ NS Icons Explained\|et hoc genus omne ╡ └──────────────────────────────┘

05-17-2007	#30 (permalink)
ccie4526 My search-fu is weak! Join Date: Jun 2002 Location: West BFE, Texas Posts: 419	Put beakmyn's zip onto my non-U3 Apacer, have plugged into several machines, and rooted only one. Thus, thinking I need to do U3 after all. Saw the Cruzer Micro 1Gb at WalMart last week for $19.99, looked like regular price. Guess I'm gonna have to break down and get one. __________________ --- <#include std.disclaimer.h> AltarThug of Wired and Unwired, The Church of WiFi http://www.churchofwifi.org http://www.linuxisforbitches.com http://www.wigle.net http://www.kismetwireless.net

04-02-2007	#17 (permalink)
DaKahuna Dirty Ol' Man Join Date: Jan 2006 Location: If you find out, let me know! Posts: 421	I have taken a spare SanDisk mini cruiser and am running Switchblad on it. When I plug it into my Windows XP box at work which is running McAfee AV and AS, the pwdump file is being deleted and the log file shows everything collected except the password dumps. I guess that is a good thing !! Anyone have a version of PWDump that does not get deleted by AV/AS products?

04-02-2007	#20 (permalink)
DaKahuna Dirty Ol' Man Join Date: Jan 2006 Location: If you find out, let me know! Posts: 421	I hear that. Okay, Let me see what I can come up with and we can compare notes later. Disabling AV is not how I would want to do it. I would prefer something undetected.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode