MaxFocus Remote Wipe required. (Urgent)

Mokester said:
I ROFL at that last part! ^^^^
Click to expand...

Well it will automatically start doing this:
OPD_Results.jpg
 
OaksLabs said:
Here is the same tool without the warnings (no user interaction required with this one): http://www.oakslabs.com/OPD2.exe

But for the love of God don't double click on it!!
Click to expand...
So, turns out he's not kidding........














Threw it on a Win 7 VM to see what happens. Once the CMD window closed I opened task manager and launched explorer and the typical user data storage locations are gone! Then if you reboot the machine is no longer bootable. Pretty cool tool........hmm............
 
Slaters Kustum Machines said:
So, turns out he's not kidding........
Threw it on a Win 7 VM to see what happens. Once the CMD window closed I opened task manager and launched explorer and the typical user data storage locations are gone! Then if you reboot the machine is no longer bootable. Pretty cool tool........hmm............
Click to expand...

Yes -- which is why I felt the need to put a warning with it. I designed this tool for a quick PC wipe before disposal, and the regular version makes you acknowledge two warnings that everything is about to be wiped.

I do have some ethical reservations about this tool because it is so destructive, but it is a non-secure delete and in theory a file undelete tool can recover the data -- but you'd have to sift through a lot of other files. I haven't tried this, but at the very least PhotoRec could get the data.
 
OaksLabs said:
Yes -- which is why I felt the need to put a warning with it. I designed this tool for a quick PC wipe before disposal, and the regular version makes you acknowledge two warnings that everything is about to be wiped.

I do have some ethical reservations about this tool because it is so destructive, but it is a non-secure delete and in theory a file undelete tool can recover the data -- but you'd have to sift through a lot of other files. I haven't tried this, but at the very least PhotoRec could get the data.
Click to expand...
It's like the fully automated active@killdisk bootable disk that boots straight to data destruction with no warning whatsoever.
 
bertie40 said:
I saw the following.

http://www.fixitscripts.com/problems/simple-download-and-install-silent-exe

So, by plugging in the location of that prog, and linking it to a startup event, when that scumbag fires up the machine, it will wipe it.

Can a tracert or some other location finder command be included.

Sorry,.....scripting just aint ma thang
Click to expand...

If you can put OPD2.exe in the startup folder of the PC and a batch file with :
Code: 
shutdown /r /t 0
that should be enough to nuke the PC.

For the tracert information, I'd do something like this (batch file):
Code: 
REM Save tracert infomation to file in C: drive
tracert 8.8.8.8 >c:\tracert.txt

REM Open FTP Firewall port
netsh firewall add allowedprogram program=C:\Windows\System32\ftp.exe "FTP" ENABLE

REM Make a script file to auto-FTP the tracert file

REM FTP Server
echo open ftp.oakslabs.com> c:\temp.txt

REM Username
echo public_ftp>> c:\temp.txt

REM Password
echo *************>> c:\temp.txt

REM File
echo send C:\tracert.txt>> c:\temp.txt

echo quit>> c:\temp.txt


REM Run FTP
ftp -s:c:\temp.txt

This script has my public FTP information in it -- if you can't find a FTP server to use and I see your file come in I'll send it to you.
 
Last edited:
OaksLabs said:
Yes -- which is why I felt the need to put a warning with it. I designed this tool for a quick PC wipe before disposal, and the regular version makes you acknowledge two warnings that everything is about to be wiped.

I do have some ethical reservations about this tool because it is so destructive, but it is a non-secure delete and in theory a file undelete tool can recover the data -- but you'd have to sift through a lot of other files. I haven't tried this, but at the very least PhotoRec could get the data.
Click to expand...

If it does not touch the FAT then recovery would be pretty easy using any number of tools.
 
FremontPC said:
I don't suppose there's any covert way to get the mac address from that dongle, is there? Is that something that Max could find out?
Click to expand...
If the devices have the 9.10 agent you can enable network discovery and get the MAC that way.

The assets tab should also have all available adapters and MAC's listed for the devices.

The Summary tab will give internal and external IP addresses.
 
I appreciate it may be able to retrieve the data, but nevertheless, this is a significant step forward for us.

If nothing else to comfort the owners a bit.

Now all I need is some way to trigger the webcam and ftp the photos back.
[emoji48]
 
I getting "installation package could not be opened, verify package exists etc".
I've come across this before but cant remember how i got around it.

some msiexec command switch ?

Edit: solved
 
Last edited:
Code: 
Run this script from GFI Script Check and pass the Prey API key as the only parameter. This is for the latest (at the time) 64bit version. It should work unless the hosting changes as they seem to keep all prior versions.

@echo off
bitsadmin /transfer myDownloadJob /download /priority high https://s3.amazonaws.com/prey-releases/node-client/1.3.9/prey-windows-1.3.9-x64.msi c:\Support\prey-windows-1.3.9-x64.msi
c:
cd c:\Support
msiexec.exe /i prey-windows-1.3.9-x64.msi /lv installer.log /q AGREETOLICENSE=yes API_KEY=%1 INSTALLDIR="c:\Prey"
 
Any updates? With OPD.exe, it is a silent destroy with no confirmations, but have any other of the laptops been turned on/connected to the internet?
 
Nope. I've created the script and set it to install and run.

I've only seen one machine come online.

It wasn't just my customer which got robbed. They rampaged through the entire building, breaking into all the other offices and nicking stuff

Weirdly, they ignored several laptops in the office, and, thankfully, didn't look in the hallway cabinet where the NAS was.

It would be nice to track them down, but the higher priority is to scrub the data.

Did this company have insurance cover for this ?
No.

This didn't appear to be the work of kids.

They had to traverse several roofs, climb a wall and remove a metal grating covering one of the windows.
 
You must log in or register to reply here.

Similar threads

YeOldeStonecat
Looking for ideas to give me remote access for this long distance wireless project
Replies
18
Views
2K
YeOldeStonecat
YeOldeStonecat
bertie40
"Handbags at 12 paces" between me and ........ Mel.
Replies
3
Views
2K
gadgetfixup
gadgetfixup
Carl
Beware of this one (Sure you've seen it before)
Replies
16
Views
2K
ComputerRepairTech
ComputerRepairTech
Kitten Kong
  • Sticky
Questions and Answers relating to Microsoft Licencing Guidelines.
Replies
3
Views
12K
Rosco
Rosco
16k_zx81
Your perfect 'customer setup'
Replies
13
Views
2K
CompuMedics PC Repair
CompuMedics PC Repair
Back
Top