API tools faq
paste
Advertisement
AnonQC-Yuuki

BashBunny BlueTeamPCAudit/1.ps1

AnonQC-Yuuki
Apr 27th, 2020 (edited)
1,940
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PowerShell 2.46 KB | None | 0 0
raw download clone embed print report
  1. #* Made do be use as a bashbunny-payloads
  2. #* Author: Sorsnce
  3. #* Target: Windows 10
  4. #
  5. #Gets the current logged in username
  6. $user = $(Get-WMIObject -class Win32_ComputerSystem | select username).username
  7. #Varaiable you need to change for the script to work.#
  8. ######################################################
  9. #Set the following email address you want to send the email too.
  10. $To = "SecurityTeam@yahoo.com"
  11.  
  12. #Set to the SMTP server for your organization EXAMPLE: smtpserver = "smtp.yahoo.local"
  13. $smtpserver = "smtp.yahoo.local"
  14.  
  15. #The following trims off the domain in front of the username
  16. #EXAMPLE: $User = Yahoo\John.Smith --> $username = John.Smith
  17. $username = $user.Substring(6)
  18.  
  19. #Change $username+"" to your email EXAMPLE: $email = $username+"@yahoo.com"
  20. $email = $username+"@yahoo.com"
  21. ######################################################
  22. #Gets drive letter for the bashbunny                 #
  23. $drive = (Get-WMIObject Win32_Volume | ? { $_.Label -eq 'bashbunny' }).name
  24.  
  25. #Sets variable  to drive plus the file location
  26. $Test = $drive + "payloads\switch1\background.bmp"
  27.  
  28. #Sets variable to test the path to file (background.bmp)
  29. $Switch1 = Test-Path $Test
  30.  
  31. #Finds what switch bashbunny is set too
  32. if ($Switch1 -eq "True") {$Path = $drive + "payloads\switch1\background.bmp"}
  33. else {$Path = $drive + "payloads\switch2\background.bmp"}
  34.  
  35. #Sets wallpaper to background.bmp
  36. $setwallpapersrc = @"
  37. using System.Runtime.InteropServices;
  38. public class wallpaper
  39. {
  40. public const int SetDesktopWallpaper = 20;
  41. public const int UpdateIniFile = 0x01;
  42. public const int SendWinIniChange = 0x02;
  43. [DllImport("user32.dll", SetLastError = true, CharSet = CharSet.Auto)]
  44. private static extern int SystemParametersInfo (int uAction, int uParam, string lpvParam, int fuWinIni);
  45. public static void SetWallpaper ( string path )
  46. {
  47. SystemParametersInfo( SetDesktopWallpaper, 0, path, UpdateIniFile | SendWinIniChange );
  48. }
  49. }
  50. "@
  51. Add-Type -TypeDefinition $setwallpapersrc
  52. [wallpaper]::SetWallpaper($path)
  53. #This sets the subject for the email
  54. $subject = "PC Unlocked for $user"
  55. #This sets the BODY for the email, currently using HTML
  56. $body=@"
  57. <body>
  58. Security Violation!
  59. <p>
  60. $user left his or hers PC Unlocked!<br/>
  61. <p>
  62. </p>
  63. <p>Thanks,</p>
  64. <p></p>
  65. Cyber Security
  66. <p></p>
  67. <p>Sent from my bashbunny.</p>
  68. </body>
  69. "@
  70. #This sends the email with the attributes described above
  71. send-mailmessage -smtpserver $smtpserver -to $To -Subject $subject -from $email -body $body -BodyAsHtml
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!