MS COFEE Computer Forensic Tools - Leaked

Discussion in 'Application Software' started by ESC 1000, Nov 10, 2009.

  1. kocoman

    kocoman MDL Senior Member

    May 16, 2007
    331
    4
    10
    Has anything find what FBI uses this for? ie: is the info gathered useful ?
     
  2. Brandypuff

    Brandypuff MDL Novice

    Oct 12, 2009
    32
    0
    0
    #22 Brandypuff, Nov 12, 2009
    Last edited: Nov 12, 2009
    COFEE is nothing more than a glorified sysinfo tool that runs a bunch of publically available command line utilities from sysinternals and ones native to the OS, some of which are:

    arp.exe
    at.exe
    cmd.exe
    getmac.exe
    hostname.exe
    ipconfig.exe
    ipxroute.exe
    msinfo32.exe
    nbtstat.exe
    net.exe
    netstat.exe
    openfiles.exe
    quser.exe
    route.exe
    sc.exe
    srvcheck.exe
    systeminfo.exe
    tasklist.exe
    autorunsc.exe
    cipher.exe
    handle.exe
    netdom.exe
    netstat.exe
    NW3C_SHA1.exe
    pausep.exe
    psfile.exe
    pslist.exe
    psloggedon.exe
    psservice.exe
    pstat.exe
    psuptime.exe
    SCLIST.EXE
    SHOWGRPS.EXE
    uptime.exe
    whoami.exe
     
  3. tmp_ac

    tmp_ac Guest

    Create stick, then you have only one exe and many scripts that are started by the exe, you can see the file of data, there is everything from your hard and software to be found at the report files, this scripts replaced easy everest and each key finder tool, very useful scripts.
     
  4. tmp_ac

    tmp_ac Guest


    Yes, if they catch your computer is running, they have MSCofee with all your passwords, no matter what and how you've encrypted your hard drive. Very, very bad Backdoor M$ Spyware Tool...


    I've already found a way that makes this tool completely useless ;)
     
  5. 7_eleven.hell-hole_rider

    Aug 15, 2009
    239
    52
    10
    #25 7_eleven.hell-hole_rider, Nov 15, 2009
    Last edited: Nov 15, 2009
    Thanks for sharing

    @tmp_ac

    by setup.exe do you mean (836KB) cofee executable found in "SourceDir" of x1.1.2 Installer.msi? :confused:

    tia for your time...

    p.s.
    didn't have a stick handy extracted to hdd to snoop around a bit, seeya on the rebound thanks again. off to work.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. genuine555

    genuine555 MDL Expert

    Oct 3, 2009
    1,674
    76
    60
    Is a win7 version available yet, or not ?
     
  7. gentoo

    gentoo MDL Senior Member

    Oct 6, 2009
    394
    9
    10
    No but MS is working on it.
     
  8. Brandypuff

    Brandypuff MDL Novice

    Oct 12, 2009
    32
    0
    0
    i see no indiction that the uilities provided with this tool are able to grab passwords.
     
  9. auvray

    auvray MDL Novice

    Aug 20, 2019
    1
    0
    0
    je ces que ces vieux de 12 ans mais est ce que cofee est toujour disponible si oui est ce que on peut m'envoyer le lien svp

    ps : je pete un cable a cause de bitlocker sa me casse vraiment les c*******
     
  10. pm67310

    pm67310 MDL Senior Member

    Sep 6, 2011
    377
    136
    10
    Please use english !

    Use Forensic Disk Decryptor by elcomsoft