1006 B
Payload Dropper
Description:
A simple script which downloads file from internet and execute the downloaded file.
1. PayLoad_Dropper.ino:
Starts run window and dump the whole payload string and execute it which downloads and execute the file after placing it on Desktop.
2. Remote_PS_Exec.ino:
Execute powershell script placed in a remote location. Following script uses MS16-032 local windows exploit to escalate privileges.
Tested on:
OS: Windows 10 Pro
User: Normal/Admin
Hardware: ATtiny85 (Chinese)
Requirements:
Internet Access
Screenshot
Fun Fact:
During creating this i found out that my antivirus was not allowing powershell -command invoke-item $env:UserProfile\desktop\catz.jpeg
to execute through RUN. Which i bypassed with powershell -command i'n'vo'k'e-it'e'm $env:UserProfile\desktop\catz.jpeg a very common method used by malware.