• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

[APP][BETA]USB Cleaver - USB Password Recovery Tool

Search This thread

x3maniac

Inactive Recognized Developer
Sep 2, 2008
361
427
New York
www.novaspirit.com
Hi there!

Those of you who are familiar with USB Haksaw or USB Switchblade then you probably know what this app is all about. For those who a not familiar GOTO Description just like the USB Switchblade you can select the payload you want to use to shorten the hack time.

This program is very beta! and welcome as much feedback and I can get!

: Description
The goal of the USB Cleaver is to silently recover information from a target Windows 2000 or higher computer, including password hashes, LSA secrets, IP information, etc... beauty lies in the fact that the payload can run silently and without modifying the system or sending network traffic, making it near invisible. It captures all the information to a LOG file stored in your sdcard and can be reviewed at anytime.

: Payloads
  • Dump System Information
  • Dump IE Passwords
  • Dump Chrome Passwords
  • Dump Firefox Passwords
  • Dump Wifi Passwords

: Features
  • Allows you to select the payloads you want to use

:Changes
v0.1.3r1
  • temporary removed disclaimer screen causing possible F/C on first run(please let me know if you still get fc with this version)
v0.1.3
  • fix possible bug causing force close on first run
v0.1.2
  • Fixed issue where starting application with sdcard mount causes F/C
  • added new BG to show if sd card is available or not
  • changed main background and Gaussian Blur the line in the middle
v0.1.1
  • Fixed Disclaimer bug - getting stuck on main intent
v0.1
  • Initial beta release

: Future Payloads
  • Dump Network Services
  • Dump Port Scan
  • Dump Product Keys
  • Dump Mail Passwords
  • Dump Windows Update List
  • Install Silent VNC
  • Dump LSA Secrets
  • xCopy files "documents", "pictures", etc....
  • More to come....

: How to use
  1. Download and install APK if you havn't done so aready
  2. Accept Disclaimer & Download Payloads
  3. goto "enable / disable payloads" to generate payload file
  4. mount android to PC and run go.bat from root of sdcard (if android 2.1 and before Autorun.inf is generated, click on drive icon and will run payload)

1.png

2.png


: Disclaimer
This program will hold no responsibility for your action. What you decide to do with this application is your own decision, and the developer(s) of this application will hold no responsiblity for your actions or will be responsible for his/her misdeeds. this application was not created to encourage and/or intended hacking anything other then your own equipment.
 
Last edited:

x3maniac

Inactive Recognized Developer
Sep 2, 2008
361
427
New York
www.novaspirit.com
The title of the thread ("Hacking for the weak") begs to differ. I understand you want to put a disclaimer, but you probably shouldn't advertise the tool as a hacking tool if it "was not created to encourage hacking"

lols your right. I will have to change that. :) what i meant was i don't encourage hacking anything other then your own equipment
 
  • Like
Reactions: La1z and WickedDaze

x3maniac

Inactive Recognized Developer
Sep 2, 2008
361
427
New York
www.novaspirit.com
I mean, do you have to mount the sd card?
Also what app do you need to run the .bat file?
Sent from my MikG'd Evo 4g with Swype

mounting is a linux term of attaching a file system, what i ment was to "turn on usb storage"
mount.png


a .bat file(batch file) can be ran on any windows / dos system. just double click on go.bat to run the payloads. what this app does is generates this batch file as you select the payloads that you want.

batch.png


hope this helps
 
  • Like
Reactions: IIIIkoolaidIIII

Top Liked Posts

  • There are no posts matching your filters.
  • 66
    Hi there!

    Those of you who are familiar with USB Haksaw or USB Switchblade then you probably know what this app is all about. For those who a not familiar GOTO Description just like the USB Switchblade you can select the payload you want to use to shorten the hack time.

    This program is very beta! and welcome as much feedback and I can get!

    : Description
    The goal of the USB Cleaver is to silently recover information from a target Windows 2000 or higher computer, including password hashes, LSA secrets, IP information, etc... beauty lies in the fact that the payload can run silently and without modifying the system or sending network traffic, making it near invisible. It captures all the information to a LOG file stored in your sdcard and can be reviewed at anytime.

    : Payloads
    • Dump System Information
    • Dump IE Passwords
    • Dump Chrome Passwords
    • Dump Firefox Passwords
    • Dump Wifi Passwords

    : Features
    • Allows you to select the payloads you want to use

    :Changes
    v0.1.3r1
    • temporary removed disclaimer screen causing possible F/C on first run(please let me know if you still get fc with this version)
    v0.1.3
    • fix possible bug causing force close on first run
    v0.1.2
    • Fixed issue where starting application with sdcard mount causes F/C
    • added new BG to show if sd card is available or not
    • changed main background and Gaussian Blur the line in the middle
    v0.1.1
    • Fixed Disclaimer bug - getting stuck on main intent
    v0.1
    • Initial beta release

    : Future Payloads
    • Dump Network Services
    • Dump Port Scan
    • Dump Product Keys
    • Dump Mail Passwords
    • Dump Windows Update List
    • Install Silent VNC
    • Dump LSA Secrets
    • xCopy files "documents", "pictures", etc....
    • More to come....

    : How to use
    1. Download and install APK if you havn't done so aready
    2. Accept Disclaimer & Download Payloads
    3. goto "enable / disable payloads" to generate payload file
    4. mount android to PC and run go.bat from root of sdcard (if android 2.1 and before Autorun.inf is generated, click on drive icon and will run payload)

    1.png

    2.png


    : Disclaimer
    This program will hold no responsibility for your action. What you decide to do with this application is your own decision, and the developer(s) of this application will hold no responsiblity for your actions or will be responsible for his/her misdeeds. this application was not created to encourage and/or intended hacking anything other then your own equipment.
    4
    really like the app, very clever cleaver :)

    from what i could gather by the instructions, after setting payloads in the app on phone we connect phone and mount sd card then start the exe files from within windows explorer. some of the programs were self explanatory but others i didnt have a clue what they were for, maybe a ref guide or table of programs like a legend and quick explanation of each would be helpful.

    would it be possible to execute the exe files from within the phone app instead of from windows explorer. if youve lost your login password you cant exactly use explorer.

    i found lots of user names and some passwords were recovered xda amongst them but the important ones were not but then if i lost my barclays account details i could recover them from barclays lol

    this app has masses of potential, very interesting indeed, although kaspersky was jumping all over when trying to run the exe's :good:

    thank you.

    Is this project abandoned?

    no, but with the birth of my son i've been really bz the past few months.

    hi all,

    i've got the same problem.

    nothing is beeing created in the log.

    the folder is always empty

    i connect with my S3 via MTP and execute the batch file.

    Same for me, anyone got the solution - even if thats to point out that I'm doing something stupid?

    I used to have a HTC G2. now i own a SGS3. so i will be looking into this.

    Uuh, cant find the go.dat file
    maybe its because my tab does not have a SD card so it wont mount?
    Any help?
    Thanks in advance

    Edit: after ejecting a few times I found the. Dat
    But then when trying o run I got an error
    Unable to locate disk

    i did not really make any error corrections for sdcard missing and where to store log file. i'll look into that


    * Project is being resumed! and i will try to make it more configurable. updates might be slow at time. it when my son will let me :D
    3
    Hey do you have a thread for Portable Tool Kit? It looks like a really good app but it keeps force closing on me. I feel like the xda community as a whole could benefit from a thread for that app though.

    Sent from Alan's MT4G- Don't Forget to Thank if You Are Helped

    yea portable tool kit was the 1st app i created in android it was like my "hello world" project type thing. a huge stepping stone for this app. i had it out for about 2 weeks now with 200+ downloads on the market. don't know if that is good or not. but since I've been working on this project i noticed i did a lot of wrong things in portable tool kit.. as we speak i'm re-coding the entire program from scratch for portable tool kit. so hopefully the f/c will be no more. i'm also working on a new app called photo web server. i will have a link up of that later. it turns your phone to a HTTP server and a nicely coded java to display all your images without having the trouble of trying to mount your phone through a USB.

    This doesn't seem to work when using MTP. Also, a lot of Chrome passwords don't show up (perhaps mine are encrypted, but some show up), and no Wifi passwords appear in the dump.

    it depends on how your saving your passwords in chrome.. WiFi passwords are pulled from wireless zero configuration. if you logged into a wireless router and saved the password so windows can log in automatically, this is where the passwords are pulled from.

    v0.4 will be revamped and all the payloads will reside in the /res folder. no need to download the payloads anymore and will have 2 more payload.

    sorry for the delays in updating the projects. with a new born full time job and working on 2 projects at the same time. it gets a little tough.
    2
    The title of the thread ("Hacking for the weak") begs to differ. I understand you want to put a disclaimer, but you probably shouldn't advertise the tool as a hacking tool if it "was not created to encourage hacking"

    lols your right. I will have to change that. :) what i meant was i don't encourage hacking anything other then your own equipment
    2
    Thanks for sharing this, I suspect cheating home so this may come in handy, only issue: she uses mac....so, what does it take to port/recode it? Or if someone knows a way to get passwords recovered from mac? Probably I'll get my needs as I'm bootcamp windows as well ;)

    recently i've been busy with my new post [Win32/64][Dual Boot] Tubuntu - Dual boot 1 click installer SBK2 Only! Lubuntu Inside for transformers trying to convert my transformer to a full os. but i am triple booting on my dell d620 with linux / windows 7 / mac os(10.7.4) and i did manage to get some tools for password recovery for macs. never thought about making a tool for that os but i can look into it later. it's almost linux so shouldn't be too hard