Thursday, May 2, 2019
Home / Downloads / Swaparoo: Meterpreter script to backdoor Windows

Swaparoo: Meterpreter script to backdoor Windows

Un0wn_X wrote the batch automated code to replace sethc.exe (Sticky Keys) and utilman.exe (Utility Manager) into a cmd shell. This is valid to any windows operating system and can be easily executed during the windows login screen. In the windows login screen you are under NT AUTHORITY/SYSTEM account which you have highest privileges on a windows machine. You can get a cmd shell by pressing the Shift Key 5 times or by pressing the windows key + U or the blue colour icon at the bottom.

Un0wn_X had an idea to write a meterpreter script to make this easier for pentesters. Un0wn_X and Hood3dRob1n wrote a meterpreter script to to support the metasploit framework. This comes in handy when we use RDPs and we at that login session we can easily trigger cmd.

A demonstration video:

Download | Github

Download | Packetstorm

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Unveiling the mask V1.0

Unveiling the mask V1.0, pdf write up and analysis by Kaspersky Labs. Excerpt from the …