BugTraq
USBsploit 0.4b - added: Auto[run|play] USB infection & PDF Oct 27 2010 07:35PM
xpo xpo (smashxpo gmail com)
PoC to generate Reverse TCP backdoors (x86, x64, all ports), malicious
LNK and PDF files with fileformat exploits. It can also help to run
Auto[run|play]/[EXE|LNK|PDF] USB remote infections and dumping all USB
files remotely on multiple targets (and multiple USB drives) at the
same time. A set can be specified to dump only files with specific
extensions. USBsploit works through Meterpreter sessions with a light
(31MB) modified version of Metasploit (3.4.2-dev). The interface is a
mod of SET. The Meterscript script usbsploit.rb of the USBsploit
Framework can otherwise be used with the original Metasploit Framework
(3.5.1-dev).

The USBsploit v0.4b home page :

http://secuobs.com/news/27102010-usbsploit_v0.4b_meterpreter_msf_3.shtml

The .svn

https://svn.secuobs.com/svn

The .run

https://www.secuobs.com/usbsploit/usbsploit-0.4-BETA-linux-i686.run

The .tar.gz

https://www.secuobs.com/usbsploit/usbsploit-0.4-BETA-linux-i686.tar.gz

Some videos:

- Auto[run|play]/PDF infection:

http://secuobs.com/news/27102010-usbsploit_v0.4b_meterpreter_msf_1.shtml

- Auto[run|play]/LNK infection:

http://secuobs.com/news/12102010-usbsploit_v0.3b_meterpreter_msf_1.shtml

- Auto[run|play]/EXE infection:

http://secuobs.com/news/14072010-usbsploit_v0.2b_meterpreter_msf_3.shtml

- Reverse TCP backdoor and USB files dumping using a specific set of
extensions

http://secuobs.com/news/14072010-usbsploit_v0.1b_meterpreter_msf_2.shtml

- Reverse TCP backdoor and all USB files dumping

http://secuobs.com/news/14072010-usbsploit_v0.1b_meterpreter_msf_1.shtml

Some other videos about using the usbsploit.rb script with the
original Metasploit Framework are available on
http://youtube.com/secuobs

XPO

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus