Do the default delays for the payloads work on all new machines?
30 views
Skip to first unread message
Dillon Korman
Dec 27, 2012, 4:46:24 PM12/27/12
to kautily...@googlegroups.com
Hi. I was wondering if the default delays you integrated in your payloads, such as the waiting for drivers and initial setup, work on all new machines. I use my Teensy on my own machine all the time for testing payloads and I have no issue with the setup as I already did it. If I plug the Teensy into a completely new machine, will the default delays work to provide a clean initial setup and continue with the rest of the payload? It would be great if you could tell me what those delays are. No rush, but I just want to confirm you were hoping to add persistence at some point for the toolkit. Thanks!
nikhil mittal
Dec 30, 2012, 7:47:00 AM12/30/12
to kautily...@googlegroups.com, Dillon Korman
Hi,
The default delays work for "clean" machine. You can try attaching to a VM or change the default PID & VID of Teensy as described in this post http://labofapenetrationtester.blogspot.in/2012/02/bypassing-end-point-protector-4.html
This way Teensy would be detected as a new hardware and you can test for yourself whether it works or not :)
To understand the delays I would recommend you to go through this post http://labofapenetrationtester.blogspot.in/2012/10/kautilya-040-reliable-payload-execution.html and source code. I would be happy to answer specific questions related to the source code.
I had started working on persistence as many have requested this but I am currently tied to multiple things and a new release would get delayed.
Hope you found Kautilya useful!
--
Regards,
Nikhil
nikhil_mitt
http://labofapenetrationtester.blogspot.com/
The default delays work for "clean" machine. You can try attaching to a VM or change the default PID & VID of Teensy as described in this post http://labofapenetrationtester.blogspot.in/2012/02/bypassing-end-point-protector-4.html
This way Teensy would be detected as a new hardware and you can test for yourself whether it works or not :)
To understand the delays I would recommend you to go through this post http://labofapenetrationtester.blogspot.in/2012/10/kautilya-040-reliable-payload-execution.html and source code. I would be happy to answer specific questions related to the source code.
I had started working on persistence as many have requested this but I am currently tied to multiple things and a new release would get delayed.
Hope you found Kautilya useful!
On Fri, Dec 28, 2012 at 3:16 AM, Dillon Korman <dkki...@gmail.com> wrote:
Hi. I was wondering if the default delays you integrated in your payloads, such as the waiting for drivers and initial setup, work on all new machines. I use my Teensy on my own machine all the time for testing payloads and I have no issue with the setup as I already did it. If I plug the Teensy into a completely new machine, will the default delays work to provide a clean initial setup and continue with the rest of the payload? It would be great if you could tell me what those delays are. No rush, but I just want to confirm you were hoping to add persistence at some point for the toolkit. Thanks!
Regards,
Nikhil
nikhil_mitt
http://labofapenetrationtester.blogspot.com/
Reply all
Reply to author
Forward
0 new messages