lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <AANLkTimp8BsSTmj9j7X0KtnLkmpeeab5G_aVP+qYUNeT@mail.gmail.com>
Date: Wed, 27 Oct 2010 21:35:00 +0200
From: xpo xpo <smashxpo@...il.com>
To: full-disclosure@...ts.grok.org.uk
Cc: bugtraq@...urityfocus.com
Subject: USBsploit 0.4b - added: Auto[run|play] USB
	infection & PDF

PoC to generate Reverse TCP backdoors (x86, x64, all ports), malicious
LNK and PDF files with fileformat exploits. It can also help to run
Auto[run|play]/[EXE|LNK|PDF] USB remote infections and dumping all USB
files remotely on multiple targets (and multiple USB drives) at the
same time. A set can be specified to dump only files with specific
extensions. USBsploit works through Meterpreter sessions with a light
(31MB) modified version of Metasploit (3.4.2-dev). The interface is a
mod of SET. The Meterscript script usbsploit.rb of the USBsploit
Framework can otherwise be used with the original Metasploit Framework
(3.5.1-dev).

The USBsploit v0.4b home page :

http://secuobs.com/news/27102010-usbsploit_v0.4b_meterpreter_msf_3.shtml

The .svn

https://svn.secuobs.com/svn

The .run

https://www.secuobs.com/usbsploit/usbsploit-0.4-BETA-linux-i686.run

The .tar.gz

https://www.secuobs.com/usbsploit/usbsploit-0.4-BETA-linux-i686.tar.gz

Some videos:

- Auto[run|play]/PDF infection:

http://secuobs.com/news/27102010-usbsploit_v0.4b_meterpreter_msf_1.shtml

- Auto[run|play]/LNK infection:

http://secuobs.com/news/12102010-usbsploit_v0.3b_meterpreter_msf_1.shtml

- Auto[run|play]/EXE infection:

http://secuobs.com/news/14072010-usbsploit_v0.2b_meterpreter_msf_3.shtml

- Reverse TCP backdoor and USB files dumping using a specific set of
extensions

http://secuobs.com/news/14072010-usbsploit_v0.1b_meterpreter_msf_2.shtml

- Reverse TCP backdoor and all USB files dumping

http://secuobs.com/news/14072010-usbsploit_v0.1b_meterpreter_msf_1.shtml

Some other videos about using the usbsploit.rb script with the
original Metasploit Framework are available on
http://youtube.com/secuobs

XPO

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ