[<prev] [next>] [day] [month] [year] [list]
Message-ID: <AANLkTimp8BsSTmj9j7X0KtnLkmpeeab5G_aVP+qYUNeT@mail.gmail.com>
Date: Wed, 27 Oct 2010 21:35:00 +0200
From: xpo xpo <smashxpo@...il.com>
To: full-disclosure@...ts.grok.org.uk
Cc: bugtraq@...urityfocus.com
Subject: USBsploit 0.4b - added: Auto[run|play] USB
infection & PDF
PoC to generate Reverse TCP backdoors (x86, x64, all ports), malicious
LNK and PDF files with fileformat exploits. It can also help to run
Auto[run|play]/[EXE|LNK|PDF] USB remote infections and dumping all USB
files remotely on multiple targets (and multiple USB drives) at the
same time. A set can be specified to dump only files with specific
extensions. USBsploit works through Meterpreter sessions with a light
(31MB) modified version of Metasploit (3.4.2-dev). The interface is a
mod of SET. The Meterscript script usbsploit.rb of the USBsploit
Framework can otherwise be used with the original Metasploit Framework
(3.5.1-dev).
The USBsploit v0.4b home page :
http://secuobs.com/news/27102010-usbsploit_v0.4b_meterpreter_msf_3.shtml
The .svn
https://svn.secuobs.com/svn
The .run
https://www.secuobs.com/usbsploit/usbsploit-0.4-BETA-linux-i686.run
The .tar.gz
https://www.secuobs.com/usbsploit/usbsploit-0.4-BETA-linux-i686.tar.gz
Some videos:
- Auto[run|play]/PDF infection:
http://secuobs.com/news/27102010-usbsploit_v0.4b_meterpreter_msf_1.shtml
- Auto[run|play]/LNK infection:
http://secuobs.com/news/12102010-usbsploit_v0.3b_meterpreter_msf_1.shtml
- Auto[run|play]/EXE infection:
http://secuobs.com/news/14072010-usbsploit_v0.2b_meterpreter_msf_3.shtml
- Reverse TCP backdoor and USB files dumping using a specific set of
extensions
http://secuobs.com/news/14072010-usbsploit_v0.1b_meterpreter_msf_2.shtml
- Reverse TCP backdoor and all USB files dumping
http://secuobs.com/news/14072010-usbsploit_v0.1b_meterpreter_msf_1.shtml
Some other videos about using the usbsploit.rb script with the
original Metasploit Framework are available on
http://youtube.com/secuobs
XPO
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists