Date: Wed, 27 Oct 2010 21:35:00 +0200
From: xpo xpo <smashxpo@...il.com>
To: full-disclosure@...ts.grok.org.uk
Cc: bugtraq@...urityfocus.com
Subject: USBsploit 0.4b - added: Auto[run|play] USB infection & PDF

PoC to generate Reverse TCP backdoors (x86, x64, all ports), malicious
LNK and PDF files with fileformat exploits. It can also help to run
Auto[run|play]/[EXE|LNK|PDF] USB remote infections and dumping all USB
files remotely on multiple targets (and multiple USB drives) at the
same time. A set can be specified to dump only files with specific
extensions. USBsploit works through Meterpreter sessions with a light
(31MB) modified version of Metasploit (3.4.2-dev). The interface is a
mod of SET. The Meterscript script usbsploit.rb of the USBsploit
Framework can otherwise be used with the original Metasploit Framework
(3.5.1-dev).

The USBsploit v0.4b home page :

http://secuobs.com/news/27102010-usbsploit_v0.4b_meterpreter_msf_3.shtml

The .svn

https://svn.secuobs.com/svn

The .run

https://www.secuobs.com/usbsploit/usbsploit-0.4-BETA-linux-i686.run

The .tar.gz

https://www.secuobs.com/usbsploit/usbsploit-0.4-BETA-linux-i686.tar.gz

Some videos:

- Auto[run|play]/PDF infection:

http://secuobs.com/news/27102010-usbsploit_v0.4b_meterpreter_msf_1.shtml

- Auto[run|play]/LNK infection:

http://secuobs.com/news/12102010-usbsploit_v0.3b_meterpreter_msf_1.shtml

- Auto[run|play]/EXE infection:

http://secuobs.com/news/14072010-usbsploit_v0.2b_meterpreter_msf_3.shtml

- Reverse TCP backdoor and USB files dumping using a specific set of
extensions

http://secuobs.com/news/14072010-usbsploit_v0.1b_meterpreter_msf_2.shtml

- Reverse TCP backdoor and all USB files dumping

http://secuobs.com/news/14072010-usbsploit_v0.1b_meterpreter_msf_1.shtml

Some other videos about using the usbsploit.rb script with the
original Metasploit Framework are available on
http://youtube.com/secuobs

XPO

Powered by blists - more mailing lists