Easy Removeable Drive Detection with AutoIT

Week 2 of “Isn’t AutoIT Cool’ is a brief one. More of a code snippet than the last post. It’s something that I figured out when I was looking into exfiltrating data from a target machine. The idea was this: plug a flash drive into a PC, have it automatically run an exe (this was back in the autoexec.bat days so the theory was that you’d call said exe from autoexec.bat) and copy a bunch of interesting files to itself and then prepare for removal. This was back before the days of the USB Rubber Ducky as well (I think the USB Switchblade was the new hotness at that point). I’ll eventually get into my full script for this process, as it wound up being quite useful. Nothing quite as useful as the LEDs on the Bash Bunny or anything but this was many years before the Hak5 crew had those for sale. ...

February 18, 2018 · 2 min · Josh J

AutoIT and It's Destructive Potential

AutoIt is amazing. They have a website. Read about it there because it would be a waste of my time to try and explain it to you. The help file is massive so anything you need, you can find there. Also, if you want to use the user created functions and such, everything’s in the help file. It really is rather extensive. So, onto an example. This is basically an example of a script that you can run from an autoexec.bat on someone else’s computer to give them a fake and very obvious virus. Let’s begin: ...

February 11, 2018 · 4 min · Josh J