diff --git a/payloads/library/execution/Starting_a_PowerShell_with_administrator_permissions_in_Windows/README.md b/payloads/library/execution/Starting_a_PowerShell_with_administrator_permissions_in_Windows/README.md new file mode 100644 index 0000000..d12df5a --- /dev/null +++ b/payloads/library/execution/Starting_a_PowerShell_with_administrator_permissions_in_Windows/README.md @@ -0,0 +1,30 @@ +# Starting a PowerShell with administrator permissions in Windows 10/11 + +This script can be considered by people who are new to the world of scripts written in DuckyScript so that they can understand how to start a PowerShell with administrator permissions on a Windows machine. + +**Category**: Execute + +## Description + +This script can be considered by people who are new to the world of scripts written in DuckyScript so that they can understand how to start a PowerShell with administrator permissions on a Windows machine. + +Starting a PowerShell session with administrator privileges means the session has access to features and operations that require high permissions on the Windows operating system. + +Some PowerShell commands require administrator privileges to run properly. Starting PowerShell as an administrator allows you to execute commands that require elevated permissions, such as managing system services, changing security settings, creating or modifying user accounts, installing system-level software, and so on. + +It is important to note that running PowerShell with administrator privileges involves a higher level of responsibility and can cause significant changes to the system. Therefore, it is advisable to be careful and fully understand the effects of operations performed in a session with administrator privileges to avoid unwanted or harmful changes. + +## Dependencies + +* Nothing + +## Example + +- `STRINGLN Get-ExecutionPolicy -List` +![](docs/1.png) + +- `STRINGLN Set-ExecutionPolicy Bypass` +![](docs/2.png) + +- `STRINGLN Get-ExecutionPolicy -List` +![](docs/3.png) \ No newline at end of file diff --git a/payloads/library/execution/Starting_a_PowerShell_with_administrator_permissions_in_Windows/docs/1.png b/payloads/library/execution/Starting_a_PowerShell_with_administrator_permissions_in_Windows/docs/1.png new file mode 100644 index 0000000..f3efdd7 Binary files /dev/null and b/payloads/library/execution/Starting_a_PowerShell_with_administrator_permissions_in_Windows/docs/1.png differ diff --git a/payloads/library/execution/Starting_a_PowerShell_with_administrator_permissions_in_Windows/docs/2.png b/payloads/library/execution/Starting_a_PowerShell_with_administrator_permissions_in_Windows/docs/2.png new file mode 100644 index 0000000..4542c91 Binary files /dev/null and b/payloads/library/execution/Starting_a_PowerShell_with_administrator_permissions_in_Windows/docs/2.png differ diff --git a/payloads/library/execution/Starting_a_PowerShell_with_administrator_permissions_in_Windows/docs/3.png b/payloads/library/execution/Starting_a_PowerShell_with_administrator_permissions_in_Windows/docs/3.png new file mode 100644 index 0000000..0611f51 Binary files /dev/null and b/payloads/library/execution/Starting_a_PowerShell_with_administrator_permissions_in_Windows/docs/3.png differ diff --git a/payloads/library/execution/Starting_a_PowerShell_with_administrator_permissions_in_Windows/payload.txt b/payloads/library/execution/Starting_a_PowerShell_with_administrator_permissions_in_Windows/payload.txt new file mode 100644 index 0000000..5425348 --- /dev/null +++ b/payloads/library/execution/Starting_a_PowerShell_with_administrator_permissions_in_Windows/payload.txt @@ -0,0 +1,25 @@ +REM #################################################################################### +REM # | +REM # Title : Starting a PowerShell with administrator permissions in Windows | +REM # Author : Aleff | +REM # Version : 1.0 | +REM # Category : Execute | +REM # Target : Windows 10-11 | +REM # | +REM #################################################################################### + +REM Requirements: +REM - Nothing + +DEFAULT_DELAY 500 +GUI x +STRING a +LEFTARROW +ENTER + +DELAY 2000 +STRINGLN Get-ExecutionPolicy -List +STRINGLN Set-ExecutionPolicy Bypass +STRINGLN Get-ExecutionPolicy -List + +ALT F4