JOIN BREACHFORUMS TELEGRAM
[ Topic ] BadUSB - Payload Under SYSTEM
by 0x27 - Saturday July 8, 2023 at 12:47 AM

Posts: 420
Threads: 14
Joined: Jun 2023
Reputation: 1,860
#1
Jul 08, 2023, 12:47 AM (This post was last modified: Nov 13, 2023, 01:02 PM by 0x27.)
[Image: 2pdXomC.png]


So you've got a badusb or cheaper equivalent (malduino / digispark) that performs HID attacks. Well, lets see what we can do with that. I've created a malicious powershell command that downloads your malware / shellcode and executes it on the victims machine and attempts to elevate your malicious process to run under the SYSTEM context. Below is the script and a more detailed explanation as what takes place. Enjoy.

Hidden Content
You must register or login to view this content.


This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Scamming | https://doxbin.com/upload/0x27Doxxed | https://ibb.co/nqtc4prn
Reply
Elite User

Posts: 159
Threads: 10
Joined: Jun 2023
Reputation: 95
#2
Jul 08, 2023, 12:54 AM
More powerful when using with hoaxshell
Reply

Posts: 420
Threads: 14
Joined: Jun 2023
Reputation: 1,860
#3
Jul 08, 2023, 12:55 AM (This post was last modified: Jul 08, 2023, 12:55 AM by 0x27.)
you can use any C2 or Rat as you'd like Smile

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Scamming | https://doxbin.com/upload/0x27Doxxed | https://ibb.co/nqtc4prn
Reply
Elite User

Posts: 159
Threads: 10
Joined: Jun 2023
Reputation: 95
#4
Jul 08, 2023, 12:58 AM
(Jul 08, 2023, 12:55 AM)0x27 Wrote: you can use any C2 or Rat as you'd like Smile

Thanks for this
Reply
Banned

Posts: 92
Threads: 19
Joined: Jun 2023
Reputation: 30
#5
Jul 13, 2023, 06:48 PM
This code is definitely as valuable for spreading malware as it is for saturating a computer.

nice information!

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Scraping | Contact us via https://breachforums.ai/contact if you feel this is incorrect.
Reply

Posts: 420
Threads: 14
Joined: Jun 2023
Reputation: 1,860
#6
Jul 14, 2023, 03:04 AM (This post was last modified: Jul 18, 2023, 11:07 PM by 0x27.)
(Jul 13, 2023, 06:48 PM)B3ulah1 Wrote: This code is definitely as valuable for spreading malware as it is for saturating a computer.

nice information!

my pleasure

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Scamming | https://doxbin.com/upload/0x27Doxxed | https://ibb.co/nqtc4prn
Reply
Breached
Member
Posts: 8
Threads: 0
Joined: Jul 2023
Reputation: 0
#7
Jul 16, 2023, 10:06 AM
Thanks for share
Reply
Programmer
God
Posts: 272
Threads: 24
Joined: Jul 2023
Reputation: 2,602

Lotery WinnerGOD
#8
Aug 06, 2023, 02:14 PM
Great tutorial man! Cool
https://i.postimg.cc/gjgCpNTJ/st0jke-s-SIG.png
Website
Reply
Banned

Posts: 53
Threads: 6
Joined: Aug 2023
Reputation: -80
#9
Aug 25, 2023, 09:41 PM
(Jul 08, 2023, 12:54 AM)bytemafia Wrote: More powerful when using with hoaxshell

how do you combine or use it please?

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Attempting to sell credit card information
Reply
Breached
Member
Posts: 11
Threads: 10
Joined: Dec 2023
Reputation: 0
#10
Dec 11, 2023, 04:03 AM
this is awesome thanks you
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Python Chrome Data Stealer (url, username/email, password, etc) Discord Webhook mooning 140 9,304 Yesterday, 05:37 PM
Last Post: gergergergerg5825g651eg
  Xordium stealer for Pulsar v2.4.5 nullvex 23 818 Yesterday, 02:48 PM
Last Post: kochamapi4api
  Bypass AV and EDR - Halos Gate from Sektor7 0x01 124 11,022 Apr 25, 2026, 11:13 AM
Last Post: Ususuussss
  Malware On Steroids Carpenter12 0 77 Feb 10, 2026, 07:06 PM
Last Post: Carpenter12
  Malware Extension Spoofer Psych1c 19 611 Feb 10, 2026, 08:02 AM
Last Post: ucy

Forum Jump:


 Users browsing this forum: 1 Guest(s)