usbrubberducky-payloads/payloads/library/execution/-RD-UrAttaControl
I-Am-Jakoby dbf11cb23e
Add files via upload
2022-05-17 08:46:19 -05:00
..
README.md Add files via upload 2022-05-17 08:46:19 -05:00
UrAttaControl-Execute.txt Add files via upload 2022-05-17 08:46:19 -05:00

README.md

Logo

Table of Contents
  1. Description
  2. Getting Started
  3. Contributing
  4. Version History
  5. Contact
  6. Acknowledgments

UrAttaControl

A script used to open an elevated powershell console and execute admin level commands

Description

Completely ran from the execute file. Replace the URL in that file with yours leading to a base64 script

This script will use IEX to download a base64 script to the $Payload variable

Using a keystroke injections attack a heavily obfuscated and encoded snippet will download and execute any base64

script saved in the $Payload variable

This payload completely bypasses the UAC and will run any admin level script without a prompt

You can use this function I wrote to convert your .ps1 sscripts to Base64

https://github.com/I-Am-Jakoby/PowerShell-for-Hackers/blob/main/Functions/B64.md

Getting Started

Dependencies

  • DropBox or other file sharing service - Your Shared link for the intended file
  • Windows 10,11

(back to top)

Executing program

  • Plug in your device
  • A keystroke injection based payload will run

(back to top)

Contributing

All contributors names will be listed here

I am Jakoby

(back to top)

Version History

  • 0.1
    • Initial Release

(back to top)

Contact

I am Jakoby


Project Link: [https://github.com/I-Am-Jakoby/hak5-submissions/tree/main/RubberDucky/Payloads/RD-UrAttaControl)

(back to top)

Acknowledgments

(back to top)