[+] PASSIVE WINDOWS DETECT

2024-08-26 07:20:34 +02:00 · 2024-08-26 07:20:34 +02:00 · 82fcf60fab
parent fe6c828d62
commit 82fcf60fab
1 changed files with 64 additions and 20 deletions
--- a/payloads/library/prank/Pranh(ex)/payload.txt
+++ b/payloads/library/prank/Pranh(ex)/payload.txt
@ -1,31 +1,75 @@
-REM ##################################
-REM #                                |
-REM # Title        : Pranh(ex)       |
-REM # Author       : Aleff           |
-REM # Version      : 1.0             |
-REM # Category     : Prank           |
-REM # Target       : Windows 10/11   |
-REM #                                |
-REM ##################################
-
+REM_BLOCK
+##################################
+#                                #
+# Title        : Pranh(ex)       #
+# Author       : Aleff           #
+# Version      : 1.0             #
+# Category     : Prank           #
+# Target       : Windows 10/11   #
+#                                #
+##################################
+END_REM

 Plug-And-Play <3

+REM_BLOCK
+Requirements:
+    - Nothing (i know, it's absurd)

-REM Requirements:
-REM     - Nothing (i know, it's absurd)
-
-REM Note:
-REM     - For the creation of the executable, the hexadecimal code and in general to create this program I stuck to the payload: `Install And Run Any Arbitrary Executable - No Internet And Root Needed`
-REM     - Tested on Windows 11
-REM     - Running checked but not blocked by Avast antivirus
-REM     - Original Python code in assets/pranh(ex).py
-REM     - Hex content in assets/hexfile.txt
-REM     - exe file in assets/pranh(ex).exe
+Note:
+    - For the creation of the executable, the hexadecimal code and in general to create this program I stuck to the payload: `Install And Run Any Arbitrary Executable - No Internet And Root Needed`
+    - Tested on Windows 11
+    - Running checked but not blocked by Avast antivirus
+    - Original Python code in assets/pranh(ex).py
+    - Hex content in assets/hexfile.txt
+    - exe file in assets/pranh(ex).exe
+END_REM

 REM Here you should put your HEX code
 DEFINE #HEX_CODE example

+EXTENSION PASSIVE_WINDOWS_DETECT
+    REM VERSION 1.1
+    REM AUTHOR: Korben
+
+    REM_BLOCK DOCUMENTATION
+        Windows fully passive OS Detection and passive Detect Ready
+        Includes its own passive detect ready.
+        Does not require additional extensions.
+
+        USAGE:
+            Extension runs inline (here)
+            Place at beginning of payload (besides ATTACKMODE) to act as dynamic
+            boot delay
+            $_OS will be set to WINDOWS or NOT_WINDOWS
+            See end of payload for usage within payload
+    END_REM
+
+    REM CONFIGURATION:
+    DEFINE #MAX_WAIT 150
+    DEFINE #CHECK_INTERVAL 20
+    DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
+    DEFINE #NOT_WINDOWS 7
+
+    $_OS = #NOT_WINDOWS
+
+    VAR $MAX_TRIES = #MAX_WAIT
+    WHILE(($_RECEIVED_HOST_LOCK_LED_REPLY == FALSE) && ($MAX_TRIES > 0))
+        DELAY #CHECK_INTERVAL
+        $MAX_TRIES = ($MAX_TRIES - 1)
+    END_WHILE
+    IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
+        $_OS = WINDOWS
+    END_IF
+
+    REM_BLOCK EXAMPLE USAGE AFTER EXTENSION
+        IF ($_OS == WINDOWS) THEN
+            STRING HELLO WINDOWS!
+        ELSE
+            STRING HELLO WORLD!
+        END_IF
+    END_REM
+END_EXTENSION

 GUI r
 DELAY 1000