We can make a USB flash drive become our ultimate hacking tool...
Normally we do this in order for us to obtain critical information such as passwords...
I have seen people posting up questions asking:
-"i have autorun.inf,why it cannot autorun my virus?"
-"i have put an autorun.inf script,why it still cannot autorun?"
We all know that Windows doesn’t autoplay autorun.inf for normal USB flash drives but then there is a type of USB flash drive called U3 smart drive which will automatically launch “U3 Launchpad†when plugged into a computer.
Some of the example for U3 USB flash drive are SanDisk Cruzer Micro, SanDisk Cruzer Titanium and Memorex Mini TravelDrive.They are more expensive than the normal USB flash drive.
Here is the picture:
[You must be registered and logged in to see this image.]The concept of how can U3 smart drive autorun program is quite simple. Normal USB flash drives only has 1 drive letter but for U3 smart drive, it has 2 drives. One is the normal storage drive and the other one is an emulated CD drive.
Here is the picture:
[You must be registered and logged in to see this image.]USB Switchblade goal is to silently recover information from computers running Windows 2000 or higher. It is able to get password hashes, LSA secrets, IP information, etc… USB Switchblade also requires administrative privileges in order to run the payload. I will demonstrate on how to hack U3 smart drive with -=GonZor=- SwitchBlade technique.
1. Download -=GonZor=- Payload V2.0
2. Download Universal Customizer
3. Unzip the Universal Customizer to “C:\Universal_Customizerâ€
4. Unzip the -=GonZor=- Payload V2.0 to “C:\Payloadâ€
5. Copy the file U3CUSTOM.ISO from C:\Payload to C:\Universal_Customizer\BIN replacing the old one.
6. Run C:\Universal_Customizer\Universal_Customizer.exe and plug in U3 smart drive.
- Select Accept and click Next.
- Close all U3 applications and any applications that access your U3 drive and click Next.
- Set a password for the backup zip file (Empty password not allowed)
- Click Next and it will start backing up data. Wait for the Universal Customizer to modify your CD partition and replace your files to the flash drive.
- The modification should now be complete, Unplug your U3 Drive and plug it back in
[You must be registered and logged in to see this image.]7. Copy “C:\Payload\SBConfig.exe†to the mass storage of the flash drive
8. Run SBConfig.exe from flash drive
[You must be registered and logged in to see this image.]- Select the check boxes of the Payload options you would like to use
- Enter your email address and password for the HackSaw if you wish to use it.
- Click “Update Config†button, a message box should appear to confirm this is completed
- Toggle between using the payload or not by clicking the “Turn PL Onâ€/â€Turn PL Off†button
- Toggle between using the U3 Launcher or not by clicking the “Turn U3 Launchpad Onâ€/â€Turn U3 Launchpad Off†button
9. You now have -=GonZor=- Payload V2.0 in your U3 smart drive which can automatically steal password once it is plugged in to a computer with administrative privileges.
I have tested it and it is very nice.It runs silently.Here is the result that i get:
[You must be registered and logged in to see this image.]Download link:
-=GonZor=- Payload V2.0
[You must be registered and logged in to see this link.]Universal Customizer
[You must be registered and logged in to see this link.]Some of the antivirus softwares will detect it as malwares,but it is not...
This kind of situation is called "False Positive"...
Network+ , Security+ , CCNA , Certified Ethical Hacker (CEH), Computer Hacking Forensic Investigator (CHFI), Certified Security Professional (CSP)