hak5
/
omg-payloads
mirror of https://github.com/hak5/omg-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Username Change

pull/227/head
0i41E 2024-05-28 19:28:14 +02:00 committed by GitHub
parent 3740a986cd
commit 1bb43203e7
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
22 changed files with 28 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
payloads/library/credentials/SamDumpCable/README.md
View File

@ -1,6 +1,6 @@
**Title: SamDumpCable**
<p>Author: 0iphor13<br>
<p>Author: 0i41E<br>
OS: Windows<br>
Version: 1.0<br>
Requirements: OMG Firmware v.2.5 or higher</p>
@ -23,4 +23,4 @@ Afterwards you can use a tool like samdump2 to extract the users hashes.</p>
**!Disclaimer! samdump2 has proven to be unreliable in the recent past.**
![alt text](https://github.com/0iphor13/omg-payloads/blob/master/payloads/library/credentials/SamDumpCable/sam.png)
![alt text](https://github.com/0i41E/omg-payloads/blob/master/payloads/library/credentials/SamDumpCable/sam.png)

2
payloads/library/credentials/SamDumpCable/payload.txt
View File

@ -1,6 +1,6 @@
REM Title: SamDumpCable
REM Description: Dump users sam and system hive and exfiltrate them. Afterwards you can use a tool like samdump2, to get the users hashes.
REM Author: 0iphor13
REM Author: 0i41E
REM Version: 1.0
REM Category: Credentials
REM Requirements: OMG Firmware v.2.5 or higher

2
payloads/library/execution/Ai-Cable
View File

@ -1,7 +1,7 @@
REM Ai-Cable
REM Version 2.0
REM OS: MULTI (Tested with the OMG-Plug on Google Chrome/Windows 10 at screen resolution 1920 x 1080)
REM Author: 0iphor13
REM Author: 0i41E
REM This payload will write its own payload, until you kill it! Maybe, if you wait long enough, it will create a payload of the month...
REM Click run and let it happen, don't move! Might not work properly on every system due to timings, screen resolution, etc...

2
payloads/library/execution/FodCable - UAC Bypass/README.md
View File

@ -1,6 +1,6 @@
**Title: FodCable - UAC Bypass**
Author: 0iphor13
Author: 0i41E
Version: 1.0

2
payloads/library/execution/FodCable2 - UAC Bypass/README.md
View File

@ -1,6 +1,6 @@
**Title: FodCableII - UAC Bypass**
<p>Author: 0iphor13<br>
<p>Author: 0i41E<br>
Version: 1.0<br>
Requirements: OMG Firmware v.2.5 or higher</p>

2
payloads/library/execution/FodCable2 - UAC Bypass/payload.txt
View File

@ -1,7 +1,7 @@
REM FodCableII
REM Version 1.0
REM OS: Windows
REM Author: 0iphor13
REM Author: 0i41E
REM Requirements: OMG Firmware v.2.5 or higher
REM Using FodHelper.exe to bypass UAC and get an elevated shell

2
payloads/library/execution/Windows11_CommandPrompt_Downgrade/README.md
View File

@ -1,6 +1,6 @@
**Title: Windows11_CommandPrompt_Downgrade**
<p>Author: 0iphor13<br>
<p>Author: 0i41E<br>
OS: Windows11<br>
Version: 1.0<br>

2
payloads/library/execution/Windows11_CommandPrompt_Downgrade/payload.txt
View File

@ -1,7 +1,7 @@
REM Windows11_CommandPrompt_Downgrade
REM Version 1.0
REM OS: Windows11
REM Author: 0iphor13
REM Author: 0i41E
REM Requirements: OMG Firmware v.3.0 or higher
REM Changing the Command Prompt to Conhost, to enable hidden Powershell for certain W11 Builds.
REM Other Methods values are also provided for backup or simply playing around.

2
payloads/library/general/OMG-AwarenessTraining
View File

@ -1,7 +1,7 @@
REM OMG-AwarenessTraining
REM Version 1.1
REM OS: Windows
REM Author: 0iphor13
REM Author: 0i41E
REM A small message box, telling the user that he violated the security policy. The hostname of the user will be send to a webhook to report the incident
REM Fill in the (Web)hook URL, in LINE 31, where the hostname should be reported to.

2
payloads/library/general/Setup-Automation
View File

@ -1,7 +1,7 @@
REM Setup-Automation
REM Version 1.0
REM OS: Multi
REM Author: 0iphor13
REM Author: 0i41E
REM If you need to setup multiple cables via the python flasher, this might save you some time.
REM Make sure that another cable/plug/adapter is connected via programmer!

2
payloads/library/prank/-OMG-AcidBurn/README.md
View File

@ -105,7 +105,7 @@ Arf
* [Hak5](https://hak5.org/)
* [MG](https://github.com/OMG-MG)
* [0iphor13](https://github.com/0iphor13)
* [0i41E](https://github.com/0i41E)
* [PhilSutter](https://github.com/PhilSutter)

2
payloads/library/prank/-OMG-JumpScare/README.md
View File

@ -95,7 +95,7 @@ Arf
* [Hak5](https://hak5.org/)
* [MG](https://github.com/OMG-MG)
* [0iphor13](https://github.com/0iphor13)
* [0i41E](https://github.com/0i41E)
* [PhilSutter](https://github.com/PhilSutter)

2
payloads/library/remote_access/OMGHoax/payload.txt
View File

@ -2,7 +2,7 @@ REM OMGHoax
REM Version 1.0
REM OS: Windows
REM Author: rf_bandit
REM Thank You: t3l3machus, 0iphor13
REM Thank You: t3l3machus, 0i41E
REM Requirements: Firmware Version 3.0+
REM Simple way to use the Hoaxshell standalone listener with OMG cables/plug

2
payloads/library/remote_access/PingZhellCable/PingZhellClient.pl
View File

@ -15,7 +15,7 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# Modified by 0iphor13 for PingZhellCable
# Modified by 0i41E for PingZhellCable
#
#
#

4
payloads/library/remote_access/PingZhellCable/README.md
View File

@ -1,6 +1,6 @@
**Title: PingZhellCable**
<p>Author: 0iphor13<br>
<p>Author: 0i41E<br>
OS: Windows<br>
Version: 1.1<br>
Requirements: OMG Firmware v.2.5 or higher</p>
@ -28,7 +28,7 @@ Disable ICMP replies by the OS:
`sysctl -w net.ipv4.icmp_echo_ignore_all=1`
Start the client -> `perl PingZhellClient.pl`
![alt text](https://github.com/0iphor13/omg-payloads/blob/master/payloads/library/remote_access/PingZhellCable/setup.png)
![alt text](https://github.com/0i41E/omg-payloads/blob/master/payloads/library/remote_access/PingZhellCable/setup.png)
<p>!!!Insert the IP of your attacking machine into the payload variable $IP!!!<br>

2
payloads/library/remote_access/PingZhellCable/payload.txt
View File

@ -1,7 +1,7 @@
REM PingZhellCable
REM Version 1.1
REM OS: Windows
REM Author: 0iphor13
REM Author: 0i41E
REM Requirements: OMG Firmware v.2.5 or higher
REM Getting remote access via ICMP

6
payloads/library/remote_access/RemoteDeskCable/README.md
View File

@ -1,6 +1,6 @@
**Title: RemoteDeskCable**
<p>Author: 0iphor13<br>
<p>Author: 0i41E<br>
OS: Windows<br>
Version: 3.0<br>
Requirements: OMG Firmware v.3.0 or higher</p>
@ -17,5 +17,5 @@ What is RemoteDeskCable?
- Plug in your Cable/Plug/Adapter - run away
- Use a browser supporting MJPEG, like FireFox, and visit 127.0.0.1:#PORT.
- Fire up the payload for the screenshare to appear within FireFox.
![alt text](https://github.com/0iphor13/omg-payloads/blob/master/payloads/library/remote_access/RemoteDeskCable/Screenshot%20from%202022-01-16%2013-28-28.png)
![alt text](https://github.com/0iphor13/omg-payloads/blob/master/payloads/library/remote_access/RemoteDeskCable/Screenshot%20from%202022-01-16%2013-29-03.png)
![alt text](https://github.com/0i41E/omg-payloads/blob/master/payloads/library/remote_access/RemoteDeskCable/Screenshot%20from%202022-01-16%2013-28-28.png)
![alt text](https://github.com/0i41E/omg-payloads/blob/master/payloads/library/remote_access/RemoteDeskCable/Screenshot%20from%202022-01-16%2013-29-03.png)

2
payloads/library/remote_access/RemoteDeskCable/payload.txt
View File

@ -1,7 +1,7 @@
REM Title: RemoteDeskCable
REM Version: 3.0
REM OS: Windows
REM Author: 0iphor13
REM Author: 0i41E
REM Description: Get remote screen access to view targets screen.
REM Requirements: Firmware Version 3.0 min

2
payloads/library/remote_access/ReverseCable II/payload.txt
View File

@ -1,7 +1,7 @@
REM ReverseCableII
REM Version 1.0
REM OS: Windows / Linux(?) (Not tested with Powershell on Linux)
REM Author: 0iphor13
REM Author: 0i41E
REM UDP Reverse shell, based on ReverseDuckyIII, executed in the background. Might create a firewall pop up, but will execute anyway.
REM Fill in Attacker-IP and Port in Line 20

2
payloads/library/remote_access/ReverseCable/payload.txt
View File

@ -1,7 +1,7 @@
REM ReverseCable
REM Version 2.0
REM OS: Windows / Linux(?) (Not tested with Powershell on Linux)
REM Author: 0iphor13
REM Author: 0i41E
REM Requirements: Firmware Version 3.0 or higher
REM TCP Reverse shell, based on ReverseDuckyII, executed in the background

6
payloads/library/remote_access/ReverseCableSSL/README.md
View File

@ -1,6 +1,6 @@
**Title: ReverseCableSSL**
<p>Author: 0iphor13<br>
<p>Author: 0i41E<br>
OS: Windows<br>
Version: 2.0<br>
Requirements: OMG Firmware v.3.0 or higher</p>
@ -24,5 +24,5 @@ I recommend openssl itself or ncat - Example syntax for both:<br>
- Plug in Cable.
![alt text](https://github.com/0iphor13/omg-payloads/blob/master/payloads/library/remote_access/ReverseCableSSL/CreateCert.png)
![alt text](https://github.com/0iphor13/omg-payloads/blob/master/payloads/library/remote_access/ReverseCableSSL/StartScreen.jpg)
![alt text](https://github.com/0i41E/omg-payloads/blob/master/payloads/library/remote_access/ReverseCableSSL/CreateCert.png)
![alt text](https://github.com/0i41E/omg-payloads/blob/master/payloads/library/remote_access/ReverseCableSSL/StartScreen.jpg)

2
payloads/library/remote_access/ReverseCableSSL/payload.txt
View File

@ -1,7 +1,7 @@
REM ReverseCableSSL
REM Version 2.0
REM OS: Windows
REM Author: 0iphor13
REM Author: 0i41E
REM Requirements: OMG Firmware v.3.0 or higher
REM Getting encrypted remote access via powershell