Safe-Haven

Safe-Haven
Download Copy
Title: Safe-Haven
Author: I am Jakoby

A script used to open an elevated powershell console and created a folder ignored by the AntiVirus. This is a UAC bypass payload that will open an elevated powershell console. Next a Directory called "safe" will be generated in your Documents Directory. The "safe" directory will be added to the Window's Defender Exclusion list. The AntiVirus will ignore all files downloaded to or ran from here.

Execution is the method of either remotely or locally running code — malicious or otherwise — on a target computer. Execution is typically coupled with other techniques to carry out more complex tasks, like performing reconnaissance, exfiltration or credential harvesting. Execution may be ephemeral, or coupled with persistence techniques used to maintain remote access or continued code execution. See all execution payloads.

This payload is for the Bash Bunny. Simultaneously mimic multiple trusted devices to trick targets into divulging sensitive information without triggering defenses. The Bash Bunny is truly the world's most advanced USB attack platform.

Submit your own payload, or browse more featured Bash Bunny Payloads.

 

 

Related Payloads

Same File Name Prank
Same File Name Prank
This payload renames files and folders to all have a similar name.
Read More
Exfiltrate NTLM Hash
Exfiltrate NTLM Hash
A payload used to exfiltrate the NTLM hash on a Windows machine.
Read More
Shark Net Sniff
Shark Net Sniff
uses tcpdump to capture network traffic for 1 minute and saves a pcap into loot storage folder
Read More