Jump to content
0dyss3us

[PAYLOAD] Windows Persistent Reverse Shell

Recommended Posts

Windows Persistent Reverse Shell for Bash Bunny

  • Author: 0dyss3us (KeenanV)
  • Version: 1.0

Description

Opens a persistent reverse shell through NetCat on victim's Windows machine and connects it back to host attacker.

  • Targets Windows 10 (working on support for older versions)
  • Connection can be closed and reconnected at any time
  • Deploys in roughly 15-20 sec
  • Works with NetCat

Requirements

Have a working Bash Bunny :)

STATUS

LED STATUS
Purple Setup
Amber (Single Blink) Installing and running scripts
Green Finished

Installation and Execution

  1. Plug in Bash Bunny in arming mode
  2. Move files from WindowsPersistentReverseShell to either switch folder
  3. Edit the persistence.vbs file and replace ATTACKER_IP with attacker's IP and PORT with whichever port you like to use (I use 1337 ?)
  4. Save the persistence.vbs file
  5. Unplug Bash Bunny and switch it to the position the payload is loaded on
  6. Plug the Bash Bunny into your victim's Windows machine and wait until the final light turns green (about 15-20 sec)
  7. Unplug the Bash Bunny and go to attacker's machine
  8. Listen on the port you chose in the persistence.vbs file on NetCat
    • Run the command nc -nlvp 1337 (replace the port with the port in persistence.vbs)
    • If using Windows as the attacker machine, you must install Ncat from: http://nmap.org/dist/ncat-portable-5.59BETA1.zip and use the command ncat instead of nc from the directory that you installed ncat.exe.
  9. Wait for connection (Should take no longer than 1 minute as the powershell command runs every minute)
  10. Once a Windows cmd prompt appears...YOU'RE DONE!! ? and you can disconnect and reconnect at any time as long as the user is logged in

Download

Click here to download

Share this post


Link to post
Share on other sites

Going to play with this. Just curious, how come you don't do a pull request and have it put in the main GitHub?

Share this post


Link to post
Share on other sites

I just saw your project.  Some other advice with executables is you should not include programs from other programs..like netcat.exe is part of nmap licensed to them.  If you want your thing to be binary-less, look at Powercat.  Nishang also as a script or two in there for netcat compatible reverse shells.

 

Share this post


Link to post
Share on other sites

Every time I try to run this on Win10 the ps script runs and once cmd.exe pops up there is an error message stating that Windows can not find the persistence.vbs file. I checked in the AppData directory referenced by the ps script and it is indeed not there. Even when I attempt to manually place it there it still doesn't work.

 

Any idea why?

Share this post


Link to post
Share on other sites
On 1/3/2020 at 12:32 PM, InfoSecFresh said:

Every time I try to run this on Win10 the ps script runs and once cmd.exe pops up there is an error message stating that Windows can not find the persistence.vbs file. I checked in the AppData directory referenced by the ps script and it is indeed not there. Even when I attempt to manually place it there it still doesn't work.

 

Any idea why?

I too am having this problem. It worked the first time on my standard windows 10 PC, but the more recent version of windows 10 is not working. 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...