forked from keland/USB-Rubber-Ducky
-
Notifications
You must be signed in to change notification settings - Fork 86
Payload EICAR AV test
tautology0 edited this page Sep 17, 2013
·
1 revision
A simple test to place the EICAR AV test string in a file on the Desktop, which in theory should trigger the AV on the host. Useful if you're assessing a host with no other connectivity.
Original version by tautology.
DEFAULTDELAY 500
GUI r
STRING notepad.exe
ENTER
STRING X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
CTRL S
STRING %USERPROFILE%\desktop\eicar.com
ENTER
ALT F4