SoI want to be able to deploy a BAD USB payload on an unexpected Windows PC and have it secretly open a chanel to my home PC so I can access/view/download files without that person knowing, Is there any such BADUBS payloads that can do this and please link me as Im 100% new to computing ect but would like to have a friendly UI in assistance thanks!
1 Like
I don’t think you will have any luck with this. The request is as generic as possible. But I’ll try to underline my statement:
As I was younger, we have had tools like BackOrifice or Netbus for your request. But this won’t work today.
Today we have Mimikatz and similar. But this needs a deep understanding of Network and Operating system. And will detected from all AV solutions.
Just start with the basics. If course you could use something like PSCP as client and access via WinSCP… But before you use this via BadUSB/Flipper, try to understand how to use this tools manual first. It is very useful to understand routing for remote assess, as well.
1 Like
@LupusE Sub7 ? Damn those days where fun. I still hear the echo of the ICQ uhoh wav in my dreams.
But for mimikatz and smb1 it is more still somewhat local networking, i think he wants a remote administration tool is that he can reverse shell back into the machine. So real simple, he could have putty/ssh connect to is home shell and reverse shell trough that back to the machine, using local loopback.
@Chicken_shrimp , check out how to create a shell and a local loopback adapter config for putty, and how to back reverse shell trough it. so in local user first connection looks like it is going to 127.0.0.2 for example, multiple options possible, you can also use it as a proxy that way to basicly tunnel everything you want.
I think there are multiple explinations on howto, and with putty commandline you can badusb that into a single cmd or powershell command and you could use wmic/netsh or powershell to create another loopback adapter for example if you have local admin, otherwise you could use sockets on regular loopback 127.0.0.1 if you want to. There are multiple YT vids and manuals on this i think.