digg

Facebook Connect Join Digg About

List of hacking applications that run on USB flash drive

watchyourend.com Security applications such as namp and ethereal are appearing that run straight from a thumb drive and packet capture, detection and injection tools no longer require the installation of WinPCap or other third-party packet capture drivers.

Who dugg this? Made popular Apr 29, 2006

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

31 Comments

show profanity settings
expand all
  • dankers, on 10/12/2007, -0/+19Tools listed in the article and links to their downloads

    Nmap
    http://www.insecure.org/nmap/download.html

    Etheral
    http://www.ethereal.com/download.html

    Showtraf
    http://sourceforge.net/projects/showtraf

    TCPDump
    http://www.tcpdump.org/#current

    Nemesis
    http://nemesis.sourceforge.net/

    John the Ripper
    http://www.openwall.com/john/

    Netpass
    http://www.nirsoft.net/utils/network_password_recovery.html (i think that's it?)

    But seriously the article could have used a couple more utilities for wireless hacking.
    Here is a link to a site with all those tools there plus many more to choose from.

    http://www.nirsoft.net/utils/index.html

    Here is a link to the top 10 tools that the downloaders have chosen.
    http://www.nirsoft.net/top_utilities_downloads.html
    Better selection maybe for the novice hacker.
  • ruffyen, on 10/12/2007, -1/+16next time chose a site that has links to the programs...im lazy and i dont like searching :) good article though as i was unaware that some of the programs on that page were able to run from USB stick...thanks
  • Absalon, on 10/12/2007, -0/+3http://digg.com/security/Great_Collection_of_Password_Recovery_Tools_and_MORE_

    old story but usefull also they all run on a thumbdrive :)
  • kenwestin, on 10/12/2007, -0/+3http://packetstuff.com/index.htm
  • buttcheese, on 10/12/2007, -0/+3its a new feature of the win xp pro kernal update that went out about 3 months ago. i have a mouse that does the same thing, loads drivers into kernal heap and initialises dormant wifi stack. thats what it was used for for. these apps have been modified to use that hook.
  • daenyth, on 10/12/2007, -0/+3most likely your antivirus complained because nmap is often filed as a "hack tool"
    are you using norton?
  • daenyth, on 10/12/2007, -4/+7im fairly sure its not possible to include a driver within an executable file, as it is something that involves the kernel and hardware. also blogspam, and no sources backing up the claims.
  • Krusz, on 10/12/2007, -1/+4I dugg it simply to remember the names of all the programs, but seriously, without links to downloads, this article is practically useless.
  • godsfilth, on 10/12/2007, -1/+3after some searching around i found this site (http://packetstuff.com/index.htm) i havnt tested them yet but it says no need for winPCap and has most of the tools from that site
  • daenyth, on 10/12/2007, -1/+3those are only the normal versions; they require winpcap
  • dbr_onix, on 10/12/2007, -2/+4Mhh.. Ethereal requires WinPCap, which can't be run of the USB drive, so it's pretty much useless..

    Excuse the unoriginal-ness, but
    Better List :
    [*] Backtrack, on USB key/CD

    Since you wont get problems trying to run stuff that requires admin priv's.. Though they should really stop you booting of USB/CD for thay very same reason..
    - Ben
  • dwight0, on 10/12/2007, -0/+2has anyone got a good idea or app /script for creating a reverse ssh tunnel on a win machine. This way you can execute an app at the location, and it will connect to your home workstation and from your home workstation you can connect back to the remote location pc without having to worry about a firewall.
  • jlund, on 10/12/2007, -0/+2With administrative privileges it is not difficult...

    In a Win32 binary, you can include the driver as a resource using something such as:

    http://www.codeproject.com/win32/binaryresources.asp

    You can then extract the driver file then install/start/stop it dynamically using the Service Control Manager routines (ie OpenSCManager, CreateService, StartService, etc..)

  • hello2usir, on 10/12/2007, -0/+2That "binres" class is awful. It bloats the crap out of something that would normally take only a few lines of straight API calls. Then again that's the MFC programmers' credo.
  • kenwestin, on 10/12/2007, -0/+1No WinPCap is not required

    (http://packetstuff.com/index.htm)
  • mtaylor, on 10/12/2007, -0/+1You CAN run some of these apps from the thumb drive, I run CAIN+ABEL from my thumb drive, all I did was take the dlls from winpcap, and put them in the cain root folder, and now I can use cain, as well as other *****, like ethereal!!

    However, you need to register the dll into the memory before you use the packet stealing portions of winpcap!
  • shadowsurfr1, on 10/12/2007, -0/+1@jo42:

    it's a read background in firefox for me, what are you using?
  • battletux, on 10/12/2007, -2/+3Ditto, There's too much crap on the net to have to look through to find a portable version of nmap
  • inactive, on 10/12/2007, -2/+2What crap is this? Spam for a stupid blog. Ethereal needs winpcap on the host machine and that needs low level work. Portable nmap is not easy to do. And the guy doesn't even have links to any real apps on the site. Spam. Negative digg.
  • slythfox, on 10/12/2007, -1/+1I think I [would have gotten] a virus from Nmap's websiste... Careful.
  • AFLaxMid, on 12/03/2008, -0/+0It is important to know that although a computer not connected to its business network may still infect the network through usb infected devices. This article does a good job of usb specific viruses that may infect a network.
  • SlowOnTheUptake, on 10/12/2007, -2/+2One he didn't mention is smsniff. That can be used without WinPCap or with; it also supports a "raw sockets" mode which doesn't require WinPCap. I think it was mentioned in a list of USB portable programs found just a few days ago here on digg.
  • t3hX, on 10/12/2007, -1/+1Ummm, I think this is blog spam for DeviceWall. Note the ad at the top, and the link down the boittom...
    Maybe I'm just paranoid?
  • z0iid, on 10/12/2007, -0/+0seriously, none of these would present any danger to most corporate networks (with a good administrator). nothing is being run at the workstation level that would present a security risk. all of our users are on a restricted vlan. they could see traffic to and from their workstation to whatever servers they are authenticated to, but that won't help them get a higher level of authentication than they already have.

    even using DamnSmallLinux - won't change how they are connected to the network. Each port on every switch is setup to reflect what vlan (and restriction that go with it) they are running through. As far as "John the Ripper" goes (or any other password cracker goes) - they use brute force. What good network administrator lets more than 10 password attempts before locking out an account, thus requiring the user to call the HelpDesk (or whatever your company calls it)? Usually it is 3 attempts. So, if you try "administrator" (which won't be the network administrator, it will just be local administrator), and lock out the account, it won't even matter. If you try to use a known network administrators logon ID, and succeed in locking them out - they will be able to find out what computer was doing the password attempts.

    Good luck hacking though if you work someplace where the network admin is an idiot, or the place isn't up on basic security.
  • begforme, on 10/12/2007, -0/+0how did you do that? I tried doing that but Cain+Abel won't run.
  • kenwestin, on 10/12/2007, -2/+1You found it :-)
  • jo42, on 10/12/2007, -4/+2Just wait 'til the virus & spyware writers start using this 'feature'...

    PS. What's with the retarded site? Very light gray text on a white background. --digg;
  • RoyHobbs, on 10/12/2007, -4/+2@shadowsurf what is a read background??

    no digg post the links to the programs....
  • inactive, on 10/12/2007, -6/+2In reality none of these are anything I'd consider "hacking" programs. Maybe network admin programs but not hacking. True they can be used for hacking uses but it's more admin side than anything. Actually the only hacking program up there is john the ripper but still, a good resource to know.

    ----------------
    Come on diggers help me out and click this link: http://gh.ffshrine.org/soundtracks.php?r=3654 (696/1000
    Thanks to all who've helped me so far!
  • Mesach, on 10/12/2007, -9/+3If you are that lazy then you will surely not make use of these programs, because these are not script kiddie tools, I believe you are looking for metasploit.

    and no I will not link to it, do some work for christs sake.
  • crackintosh, on 10/12/2007, -9/+2oops

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.