0dyss3us
-
Posts
4 -
Joined
-
Last visited
-
Days Won
1
Posts posted by 0dyss3us
-
-
Windows Persistent Reverse Shell for Bash Bunny
- Author: 0dyss3us (KeenanV)
- Version: 1.0
Description
Opens a persistent reverse shell through NetCat on victim's Windows machine and connects it back to host attacker.
- Targets Windows 10 (working on support for older versions)
- Connection can be closed and reconnected at any time
- Deploys in roughly 15-20 sec
- Works with NetCat
Requirements
Have a working Bash Bunny :)
STATUS
LED STATUS Purple Setup Amber (Single Blink) Installing and running scripts Green Finished Installation and Execution
- Plug in Bash Bunny in arming mode
- Move files from WindowsPersistentReverseShell to either switch folder
-
Edit the persistence.vbs file and replace
ATTACKER_IP
with attacker's IP andPORT
with whichever port you like to use (I use 1337 ?) - Save the persistence.vbs file
- Unplug Bash Bunny and switch it to the position the payload is loaded on
- Plug the Bash Bunny into your victim's Windows machine and wait until the final light turns green (about 15-20 sec)
- Unplug the Bash Bunny and go to attacker's machine
-
Listen on the port you chose in the persistence.vbs file on NetCat
-
Run the command
nc -nlvp 1337
(replace the port with the port in persistence.vbs) -
If using Windows as the attacker machine, you must install Ncat from: http://nmap.org/dist/ncat-portable-5.59BETA1.zip and use the command
ncat
instead ofnc
from the directory that you installed ncat.exe.
-
Run the command
- Wait for connection (Should take no longer than 1 minute as the powershell command runs every minute)
- Once a Windows cmd prompt appears...YOU'RE DONE!! ? and you can disconnect and reconnect at any time as long as the user is logged in
Download
Click here to download
- 1
[PAYLOAD] Windows Persistent Reverse Shell
in Payloads
Posted
Actually, I just did :) it just hasn't gotten accepted yet. Apparently binaries are not accepted so I've made a couple changes.