hak5
/
usbrubberducky-payloads
mirror of https://github.com/hak5/usbrubberducky-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #376 from cribb-it/InvisableFolder 

New Payload - Invisable Folder
more_extensions
Dallas Winger 2023-10-16 06:46:25 -04:00 committed by GitHub
parent 32f771c077 ce77d83e99
commit 13161eded2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 129 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
payloads/library/execution/Win_HID_InvisableDesktopFolder/payload.txt Normal file
View File

@ -0,0 +1,91 @@
REM Title: Invisible Desktop Folder
REM Author: Cribbit
REM Description: Creates a some what invisible folder on the desktop.
REM Target: Windows 10 with english language
ATTACKMODE HID
EXTENSION DETECT_READY
REM VERSION 1.1
REM AUTHOR: Korben
REM_BLOCK DOCUMENTATION
USAGE:
Extension runs inline (here)
Place at beginning of payload (besides ATTACKMODE) to act as dynamic
boot delay
TARGETS:
Any system that reflects CAPSLOCK will detect minimum required delay
Any system that does not reflect CAPSLOCK will hit the max delay of 3000ms
END_REM
REM CONFIGURATION:
DEFINE #RESPONSE_DELAY 25
DEFINE #ITERATION_LIMIT 120
VAR $C = 0
WHILE (($_CAPSLOCK_ON == FALSE) && ($C < #ITERATION_LIMIT))
CAPSLOCK
DELAY #RESPONSE_DELAY
$C = ($C + 1)
END_WHILE
CAPSLOCK
END_EXTENSION
DELAY 1000
REM Minimize all windows
GUI m
DELAY 100
MENU
DELAY 100
REM Select Ne_w
w
REM Select _Folder
f
DELAY 100
REM hold ALT and type 255 on keypad.
INJECT_MOD
HOLD ALT
KPAD_2
KPAD_5
KPAD_5
INJECT_MOD
RELEASE ALT
ENTER
DELAY 100
MENU
DELAY 100
REM Select _Open
o
REM Select Pr_operties
o
DELAY 100
ENTER
DELAY 100
REM Move to tabs across the top
SHIFT TAB
SHIFT TAB
DELAY 100
REM Go across to customise
RIGHTARROW
RIGHTARROW
RIGHTARROW
RIGHTARROW
REM Select Change _Icon
ALT i
DELAY 100
REM Move to selection window
TAB
TAB
DELAY 100
REM move right 13 time to select the clear icon.
REM please check on your system that this is the case.
VAR $MOVERIGHT = 13
WHILE ( $MOVERIGHT > 0 )
RIGHTARROW
$MOVERIGHT = ( $MOVERIGHT - 1 )
END_WHILE
DELAY 100
REM Click OK twice
ENTER
ENTER

38
payloads/library/execution/Win_HID_InvisableDesktopFolder/readme.md Normal file
View File

@ -0,0 +1,38 @@
# :mag: Invisible Desktop Folder
* Author: Cribbit
* Version: 1
* Target: Windows 10 (English)
* Category: Execution
* Attackmode: HID
## :book: Description
Creates a somewhat invisible folder on the desktop.
Uses an invisible character for the name and a transparent icon.
This targets the English version of Windows. as it uses the underlined letters to select menu items and buttons.
## :musical_note: Notes
You will need the define KPAD_2 and KPAD_5 in your language file:
```JSON
"KPAD_SLASH":"00,00,54",
"KPAD_ASTERISK":"00,00,55",
"KPAD_MINUS":"00,00,56",
"KPAD_PLUS":"00,00,57",
"KPAD_ENTER":"00,00,58",
"KPAD_1":"00,00,59",
"KPAD_2":"00,00,5a",
"KPAD_3":"00,00,5b",
"KPAD_4":"00,00,5c",
"KPAD_5":"00,00,5d",
"KPAD_6":"00,00,5e",
"KPAD_7":"00,00,5f",
"KPAD_8":"00,00,60",
"KPAD_9":"00,00,61",
"KPAD_0":"00,00,62",
"KPAD_DOT":"00,00,63",
```
## :page_facing_up: Change Log
| Version | Changes |
| ------- | ------------------------------|
| 1.0 | Initial release |