Windows Persistent Reverse Shell for Bash Bunny
Author: 0dyss3us (KeenanV)
Version: 1.0
Description
Opens a persistent reverse shell through NetCat on victim's Windows machine and connects it back to host attacker.
Targets Windows 10 (working on support for older versions)
Connection can be closed and reconnected at any time
Deploys in roughly 15-20 sec
Works with NetCat
Requirements
Have a working Bash Bunny :)
STATUS
LED
STATUS
Purple
Setup
Amber (Single Blink)
Installing and running scripts
Green
Finished
Installation and Execution
Plug in Bash Bunny in arming mode
Move files from WindowsPersistentReverseShell to either switch folder
Edit the persistence.vbs file and replace ATTACKER_IP with attacker's IP and PORT with whichever port you like to use (I use 1337 ?)
Save the persistence.vbs file
Unplug Bash Bunny and switch it to the position the payload is loaded on
Plug the Bash Bunny into your victim's Windows machine and wait until the final light turns green (about 15-20 sec)
Unplug the Bash Bunny and go to attacker's machine
Listen on the port you chose in the persistence.vbs file on NetCat
Run the command nc -nlvp 1337 (replace the port with the port in persistence.vbs)
If using Windows as the attacker machine, you must install Ncat from: http://nmap.org/dist/ncat-portable-5.59BETA1.zip and use the command ncat instead of nc from the directory that you installed ncat.exe.
Wait for connection (Should take no longer than 1 minute as the powershell command runs every minute)
Once a Windows cmd prompt appears...YOU'RE DONE!! ? and you can disconnect and reconnect at any time as long as the user is logged in
Download
Click here to download