USBsploit is a PoC to generate Reverse TCP backdoors, malicious PDF or LNK files. But also running Auto[run|play] infections and dumping all USB files remotely on multiple targets at the same time, a set of extensions to dump can be specified. All EXE, PDF and LNK on the USB targets can also be replaced by malicious ones. USBsploit works through Meterpreter sessions (wmic, railgun, migration) with a light modified version of Metasploit. The interface is a mod of SET (The Social Engineering Toolkit). The Meterscript scripts of the USBsploit Framework can also be used with the original Metasploit Framework.
Changelog in USBsploit v0.6b:
- Add an option to the replacement module, allowing to try to upload
- first a custom infected version for each original PDF & EXE files
- available on the USB target. If not succeeding, generic malicious ones will be used.
- Add autosploit CLI to automate the creation of the malicious files &
- launching multi-handler listeners. Almost all USBsploit options can be
- now specified via specific switches on the command line and used via scripts.
- Internal Metasploit core updated with the one of the last SVN
- version (metasploit v3.7.0-dev svn r12145 2011.03.26).
- Add documentation in the ./readme/doc file (need to svn update after v0.6b installation)
- Some bugfixes.
Download USBSploit
Video
USBsploit 0.6 BETA: using autosploit CLI to automate the infection of all original EXE & PDF files
usbsploit.rb 0.6b split into 3 scripts w/ MSF: custom infection to replace all original EXE & PDF
USBsploit 0.6 BETA: Replace and infect all EXE and PDF with payload embedded into the orignal files
The post USBsploit v0.6b appeared first on .
