From 4ecfbf665e4656a7938db587898293ddd35f8171 Mon Sep 17 00:00:00 2001
From: Marc <foxtrot@realloc.me>
Date: Fri, 5 Jul 2019 08:41:35 +0100
Subject: [PATCH] Cleanup: Powershell_TCP_Extractor: Update Payload Header

---
 .../exfiltration/Powershell_TCP_Extractor/payload.txt | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/payloads/library/exfiltration/Powershell_TCP_Extractor/payload.txt b/payloads/library/exfiltration/Powershell_TCP_Extractor/payload.txt
index b5553363..2a27d33b 100644
--- a/payloads/library/exfiltration/Powershell_TCP_Extractor/payload.txt
+++ b/payloads/library/exfiltration/Powershell_TCP_Extractor/payload.txt
@@ -3,10 +3,15 @@
 # Title:         Powershell Extractor
 # Author:        $irLurk$alot
 # Version:       1.0
-# Target:        Windows
+# Targets:       Windows
+# Attack Modes:  HID, STORAGE
+# Description: Executes d.cmd from the selected switch folder of the Bash Bunny USB Disk partition,
+#              which in turn runs powershell script to copy move and extract data.
 #
-# Executes d.cmd from the selected switch folder of the Bash Bunny USB Disk partition,
-# which in turn runs powershell script to copy move and extract data.
+# LEDS:
+# Magenta: Setting Up
+# Yellow Blink: Executing Powershell
+# Green: Finished
 
 LED SETUP