diff --git a/payloads/library/prank/Win_PoSH_ExcelQRRickroll/QRcode.ps1 b/payloads/library/prank/Win_PoSH_ExcelQRRickroll/QRcode.ps1 new file mode 100644 index 00000000..e2ef3808 --- /dev/null +++ b/payloads/library/prank/Win_PoSH_ExcelQRRickroll/QRcode.ps1 @@ -0,0 +1,90 @@ +#$array = @((2,2), (2,3), (2,4), (2,5), (2,6), (2,7), (2,8), (2,9), (2,10), (2,11), (2,12), (2,13), (2,14), (2,15), (2,16), (2,17), (2,18), (2,19), (2,20), (2,21), (2,22), (2,23), (2,24), (2,25), (2,26), (3,2), (3,3), (3,4), (3,5), (3,6), (3,7), (3,8), (3,9), (3,10), (3,11), (3,12), (3,13), (3,14), (3,15), (3,16), (3,17), (3,18), (3,19), (3,20), (3,21), (3,22), (3,23), (3,24), (3,25), (3,26), (4,2), (4,3), (4,4), (4,5), (4,6), (4,7), (4,8), (4,9), (4,10), (4,11), (4,12), (4,13), (4,14), (4,15), (4,16), (4,17), (4,18), (4,19), (4,20), (4,21), (4,22), (4,23), (4,24), (4,25), (4,26), (5,2), (5,3), (5,4), (5,5), (5,6), (5,7), (5,8), (5,9), (5,10), (5,11), (5,12), (5,13), (5,14), (5,15), (5,16), (5,17), (5,18), (5,19), (5,20), (5,21), (5,22), (5,23), (5,24), (5,25), (5,26), (6,2), (6,3), (6,4), (6,5), (6,6), (6,7), (6,8), (6,9), (6,10), (6,11), (6,12), (6,13), (6,14), (6,15), (6,16), (6,17), (6,18), (6,19), (6,20), (6,21), (6,22), (6,23), (6,24), (6,25), (6,26), (7,2), (7,3), (7,4), (7,5), (7,6), (7,7), (7,8), (7,9), (7,10), (7,11), (7,12), (7,13), (7,14), (7,15), (7,16), (7,17), (7,18), (7,19), (7,20), (7,21), (7,22), (7,23), (7,24), (7,25), (7,26), (8,2), (8,3), (8,4), (8,5), (8,6), (8,7), (8,8), (8,9), (8,10), (8,11), (8,12), (8,13), (8,14), (8,15), (8,16), (8,17), (8,18), (8,19), (8,20), (8,21), (8,22), (8,23), (8,24), (8,25), (8,26), (9,2), (9,3), (9,4), (9,5), (9,6), (9,7), (9,8), (9,9), (9,10), (9,11), (9,12), (9,13), (9,14), (9,15), (9,16), (9,17), (9,18), (9,19), (9,20), (9,21), (9,22), (9,23), (9,24), (9,25), (9,26), (10,2), (10,3), (10,4), (10,5), (10,6), (10,7), (10,8), (10,9), (10,10), (10,11), (10,12), (10,13), (10,14), (10,15), (10,16), (10,17), (10,18), (10,19), (10,20), (10,21), (10,22), (10,23), (10,24), (10,25), (10,26), (11,2), (11,3), (11,4), (11,5), (11,6), (11,7), (11,8), (11,9), (11,10), (11,11), (11,12), (11,13), (11,14), (11,15), (11,16), (11,17), (11,18), (11,19), (11,20), (11,21), (11,22), (11,23), (11,24), (11,25), (11,26), (12,2), (12,3), (12,4), (12,5), (12,6), (12,7), (12,8), (12,9), (12,10), (12,11), (12,12), (12,13), (12,14), (12,15), (12,16), (12,17), (12,18), (12,19), (12,20), (12,21), (12,22), (12,23), (12,24), (12,25), (12,26), (13,2), (13,3), (13,4), (13,5), (13,6), (13,7), (13,8), (13,9), (13,10), (13,11), (13,12), (13,13), (13,14), (13,15), (13,16), (13,17), (13,18), (13,19), (13,20), (13,21), (13,22), (13,23), (13,24), (13,25), (13,26), (14,2), (14,3), (14,4), (14,5), (14,6), (14,7), (14,8), (14,9), (14,10), (14,11), (14,12), (14,13), (14,14), (14,15), (14,16), (14,17), (14,18), (14,19), (14,20), (14,21), (14,22), (14,23), (14,24), (14,25), (14,26), (15,2), (15,3), (15,4), (15,5), (15,6), (15,7), (15,8), (15,9), (15,10), (15,11), (15,12), (15,13), (15,14), (15,15), (15,16), (15,17), (15,18), (15,19), (15,20), (15,21), (15,22), (15,23), (15,24), (15,25), (15,26), (16,2), (16,3), (16,4), (16,5), (16,6), (16,7), (16,8), (16,9), (16,10), (16,11), (16,12), (16,13), (16,14), (16,15), (16,16), (16,17), (16,18), (16,19), (16,20), (16,21), (16,22), (16,23), (16,24), (16,25), (16,26), (17,2), (17,3), (17,4), (17,5), (17,6), (17,7), (17,8), (17,9), (17,10), (17,11), (17,12), (17,13), (17,14), (17,15), (17,16), (17,17), (17,18), (17,19), (17,20), (17,21), (17,22), (17,23), (17,24), (17,25), (17,26), (18,2), (18,3), (18,4), (18,5), (18,6), (18,7), (18,8), (18,9), (18,10), (18,11), (18,12), (18,13), (18,14), (18,15), (18,16), (18,17), (18,18), (18,19), (18,20), (18,21), (18,22), (18,23), (18,24), (18,25), (18,26), (19,2), (19,3), (19,4), (19,5), (19,6), (19,7), (19,8), (19,9), (19,10), (19,11), (19,12), (19,13), (19,14), (19,15), (19,16), (19,17), (19,18), (19,19), (19,20), (19,21), (19,22), (19,23), (19,24), (19,25), (19,26), (20,2), (20,3), (20,4), (20,5), (20,6), (20,7), (20,8), (20,9), (20,10), (20,11), (20,12), (20,13), (20,14), (20,15), (20,16), (20,17), (20,18), (20,19), (20,20), (20,21), (20,22), (20,23), (20,24), (20,25), (20,26), (21,2), (21,3), (21,4), (21,5), (21,6), (21,7), (21,8), (21,9), (21,10), (21,11), (21,12), (21,13), (21,14), (21,15), (21,16), (21,17), (21,18), (21,19), (21,20), (21,21), (21,22), (21,23), (21,24), (21,25), (21,26), (22,2), (22,3), (22,4), (22,5), (22,6), (22,7), (22,8), (22,9), (22,10), (22,11), (22,12), (22,13), (22,14), (22,15), (22,16), (22,17), (22,18), (22,19), (22,20), (22,21), (22,22), (22,23), (22,24), (22,25), (22,26), (23,2), (23,3), (23,4), (23,5), (23,6), (23,7), (23,8), (23,9), (23,10), (23,11), (23,12), (23,13), (23,14), (23,15), (23,16), (23,17), (23,18), (23,19), (23,20), (23,21), (23,22), (23,23), (23,24), (23,25), (23,26), (24,2), (24,3), (24,4), (24,5), (24,6), (24,7), (24,8), (24,9), (24,10), (24,11), (24,12), (24,13), (24,14), (24,15), (24,16), (24,17), (24,18), (24,19), (24,20), (24,21), (24,22), (24,23), (24,24), (24,25), (24,26), (25,2), (25,3), (25,4), (25,5), (25,6), (25,7), (25,8), (25,9), (25,10), (25,11), (25,12), (25,13), (25,14), (25,15), (25,16), (25,17), (25,18), (25,19), (25,20), (25,21), (25,22), (25,23), (25,24), (25,25), (25,26), (26,2), (26,3), (26,4), (26,5), (26,6), (26,7), (26,8), (26,9), (26,10), (26,11), (26,12), (26,13), (26,14), (26,15), (26,16), (26,17), (26,18), (26,19), (26,20), (26,21), (26,22), (26,23), (26,24), (26,25), (26,26)) +Clear-Host +<# Hak5.org +$points = @( + (2,2), (2,3), (2,4), (2,5), (2,6), (2,7), (2,8), (2,10), (2,12), (2,14), (2,16), (2,18), (2,20), (2,21), (2,22), (2,23), (2,24), (2,25), (2,26), + (3,2), (3,8), (3,11), (3,12), (3,13), (3,14), (3,15), (3,16), (3,18), (3,20), (3,26), + (4,2), (4,4), (4,5), (4,6), (4,8), (4,10), (4,11), (4,12), (4,15), (4,17), (4,20), (4,22), (4,23), (4,24), (4,26), + (5,2), (5,4), (5,5), (5,6), (5,8), (5,10), (5,11), (5,12), (5,14), (5,15), (5,16), (5,20), (5,22), (5,23), (5,24), (5,26), + (6,2), (6,4), (6,5), (6,6), (6,8), (6,10), (6,13), (6,14), (6,16), (6,17), (6,18), (6,20), (6,22), (6,23), (6,24), (6,26), + (7,2), (7,8), (7,12), (7,13), (7,16), (7,18), (7,20), (7,26), + (8,2), (8,3), (8,4), (8,5), (8,6), (8,7), (8,8), (8,10), (8,12), (8,14), (8,16), (8,18), (8,20), (8,21), (8,22), (8,23), (8,24), (8,25), (8,26), + (9,12), (9,14), (9,16), (9,17), (9,18), + (10,2), (10,3), (10,4), (10,5), (10,8), (10,10), (10,12), (10,13), (10,14), (10,15), (10,17), (10,18), (10,19), (10,22), (10,23), (10,24), (10,26), + (11,3), (11,4), (11,5), (11,6), (11,9), (11,10), (11,12), (11,14), (11,15), (11,19), (11,21), (11,25), + (12,2), (12,3), (12,4), (12,6), (12,7), (12,8), (12,9), (12,11), (12,12), (12,13), (12,14), (12,15), (12,18), (12,21), + (13,3), (13,4), (13,7), (13,9), (13,11), (13,12), (13,19), (13,20), (13,23), (13,24), + (14,3), (14,5), (14,6), (14,7), (14,8), (14,9), (14,11), (14,12), (14,14), (14,16), (14,17), (14,18), (14,20), (14,21), (14,22), (14,24), (14,25), (14,26), + (15,3), (15,11), (15,13), (15,14), (15,16), (15,17), (15,19), (15,20), (15,21), (15,22), (15,26), + (16,3), (16,7), (16,8), (16,9), (16,12), (16,13), (16,15), (16,19), (16,20), (16,22), (16,24), (16,25), + (17,2), (17,4), (17,5), (17,6), (17,7), (17,9), (17,10), (17,11), (17,12), (17,13), (17,16), (17,21), (17,23), (17,26), + (18,5), (18,6), (18,8), (18,14), (18,16), (18,17), (18,18), (18,19), (18,20), (18,21), (18,22), (18,23), (18,24), (18,25), (18,26), + (19,10), (19,12), (19,16), (19,18), (19,22), (19,26), + (20,2), (20,3), (20,4), (20,5), (20,6), (20,7), (20,8), (20,15), (20,16), (20,18), (20,20), (20,22), (20,23), (20,24), (20,25), (20,26), + (21,2), (21,8), (21,13), (21,15), (21,16), (21,17), (21,18), (21,22), (21,26), + (22,2), (22,4), (22,5), (22,6), (22,8), (22,11), (22,15), (22,16), (22,18), (22,19), (22,20), (22,21), (22,22), + (23,2), (23,4), (23,5), (23,6), (23,8), (23,10), (23,12), (23,19), (23,20), (23,21), (23,22), (23,24), (23,25), (23,26), + (24,2), (24,4), (24,5), (24,6), (24,8), (24,10), (24,11), (24,12), (24,16), (24,19), (24,20), (24,21), (24,22), (24,23), (24,24), (24,25), + (25,2), (25,8), (25,10), (25,13), (25,14), (25,15), (25,16), (25,20), (25,22), (25,24), + (26,2), (26,3), (26,4), (26,5), (26,6), (26,7), (26,8), (26,10), (26,11), (26,13), (26,20), (26,21), (26,22), (26,23), (26,24), (26,25), (26,26)) +#> +<# RickRoll #> +$points = @( + (2,2), (2,3), (2,4), (2,5), (2,6), (2,7), (2,8), (2,10), (2,11), (2,18), (2,20), (2,21), (2,22), (2,23), (2,24), (2,25), (2,26), + (3,2), (3,8), (3,18), (3,20), (3,26), + (4,2), (4,4), (4,5), (4,6), (4,8), (4,10), (4,13), (4,14), (4,15), (4,17), (4,20), (4,22), (4,23), (4,24), (4,26), + (5,2), (5,4), (5,5), (5,6), (5,8), (5,10), (5,11), (5,13), (5,14), (5,16), (5,20), (5,22), (5,23), (5,24), (5,26), + (6,2), (6,4), (6,5), (6,6), (6,8), (6,10), (6,11), (6,12), (6,13), (6,17), (6,20), (6,22), (6,23), (6,24), (6,26), + (7,2), (7,8), (7,11), (7,14), (7,15), (7,20), (7,26), + (8,2), (8,3), (8,4), (8,5), (8,6), (8,7), (8,8), (8,10), (8,12), (8,14), (8,16), (8,18), (8,20), (8,21), (8,22), (8,23), (8,24), (8,25), (8,26), + (9,11), (9,13), (9,18), + (10,2), (10,3), (10,4), (10,5), (10,8), (10,10), (10,14), (10,16), (10,18), (10,19), (10,22), (10,23), (10,24), (10,26), + (11,6), (11,9), (11,11), (11,16), (11,18), (11,21), (11,25), + (12,3), (12,4), (12,5), (12,6), (12,8), (12,9), (12,13), (12,14), (12,15), (12,20), (12,21), (12,22), + (13,3), (13,4), (13,5), (13,6), (13,9), (13,13), (13,15), (13,16), (13,17), (13,18), (13,19), (13,20), (13,21), (13,22), (13,23), (13,24), + (14,4), (14,7), (14,8), (14,11), (14,14), (14,15), (14,17), (14,19), (14,20), (14,21), (14,22), (14,24), (14,25), (14,26), + (15,6), (15,7), (15,10), (15,11), (15,12), (15,14), (15,17), (15,18), (15,20), (15,21), (15,22), (15,26), + (16,3), (16,5), (16,8), (16,9), (16,15), (16,16), (16,18), (16,19), (16,22), (16,24), (16,25), + (17,2), (17,4), (17,5), (17,6), (17,10), (17,11), (17,14), (17,18), (17,19), (17,20), (17,21), (17,22), (17,26), + (18,5), (18,6), (18,7), (18,8), (18,11), (18,14), (18,15), (18,17), (18,18), (18,19), (18,20), (18,21), (18,22), (18,23), (18,24), (18,25), (18,26), + (19,10), (19,11), (19,14), (19,15), (19,16), (19,18), (19,22), (19,24), (19,26), + (20,2), (20,3), (20,4), (20,5), (20,6), (20,7), (20,8), (20,15), (20,16), (20,18), (20,20), (20,22), (20,24), (20,25), (20,26), + (21,2), (21,8), (21,12), (21,14), (21,18), (21,22), (21,25), + (22,2), (22,4), (22,5), (22,6), (22,8), (22,11), (22,12), (22,18), (22,19), (22,20), (22,21), (22,22), (22,23), (22,25), (22,26), + (23,2), (23,4), (23,5), (23,6), (23,8), (23,10), (23,11), (23,13), (23,15), (23,16), (23,19), (23,20), (23,22), (23,23), (23,24), (23,25), (23,26), + (24,2), (24,4), (24,5), (24,6), (24,8), (24,10), (24,13), (24,14), (24,16), (24,17), (24,20), (24,22), (24,24), (24,25), + (25,2), (25,8), (25,10), (25,13), (25,14), (25,15), (25,16), (25,17), (25,19), (25,22), (25,24), + (26,2), (26,3), (26,4), (26,5), (26,6), (26,7), (26,8), (26,10), (26,11), (26,12), (26,16), (26,20), (26,21), (26,22), (26,23), (26,24), (26,25), (26,26)) +$excel = New-Object -ComObject excel.application +if ($excel) +{ + $excel.Visible = $false + # create a work book + $workbook = $excel.Workbooks.Add() + # get first sheet + $sheet = $workbook.Worksheets.Item(1) + # Set the current sheets name + $sheet.Name = 'QRCode' + # set top corner + #$sheet.Cells.Item(1,1) = 'Hak5' + # set Background colour to black + for ($i=0; $i -lt $points.length; $i++) + { + # 1 should be black + $sheet.Cells.Item($points[$i][0],$points[$i][1]).Interior.Color = 1 + } + # Set Column width to make squares + #for ($i=1; $i -le 26; $i++) + #{ + # $sheet.Columns[$i].ColumnWidth = 2.14; + #} + $usedRange = $sheet.UsedRange + $usedRange.EntireColumn.ColumnWidth = 2.14 + + $excel.Visible = $true + + #lets eject the bunny + $eject = New-Object -comObject Shell.Application + # namespace ssfDRIVES + $eject.NameSpace(17).ParseName((gwmi win32_volume -f 'label=''BashBunny''').driveletter).InvokeVerb(“Eject”) +} \ No newline at end of file diff --git a/payloads/library/prank/Win_PoSH_ExcelQRRickroll/payload.txt b/payloads/library/prank/Win_PoSH_ExcelQRRickroll/payload.txt new file mode 100644 index 00000000..9271de66 --- /dev/null +++ b/payloads/library/prank/Win_PoSH_ExcelQRRickroll/payload.txt @@ -0,0 +1,20 @@ +# Title: Excel QR Rickroll +# Description: Create a QR code in Excel that points to Rick Astley - Never Gonna Give You Up on YouTube +# Author: Cribbit +# Version: 1.0 +# Category: Pranks +# Target: Windows (Powershell 5.1+) +# Attackmodes: HID & STORAGE +# Extensions: Run + +LED SETUP + +GET SWITCH_POSITION + +ATTACKMODE HID STORAGE + +LED ATTACK + +RUN WIN "powerShell -Noni -NoP -W h -EP Bypass .((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\$SWITCH_POSITION\QRcode.ps1')" + +LED FINNISH \ No newline at end of file diff --git a/payloads/library/prank/Win_PoSH_ExcelQRRickroll/readme.md b/payloads/library/prank/Win_PoSH_ExcelQRRickroll/readme.md new file mode 100644 index 00000000..a1e6e654 --- /dev/null +++ b/payloads/library/prank/Win_PoSH_ExcelQRRickroll/readme.md @@ -0,0 +1,22 @@ +# Excel QR Rickroll +* Author: Cribbit +* Version: 1.0 +* Target: Windows (Powershell 5.1+) + Excel +* Category: pranks +* Attackmode: HID +* Extensions: Run + +## Change Log +| Version | Changes | +| ------- | ------------------------------| +| 1.0 | Initial release | + +## Description +Create a QR code in Excel that points to Rick Astley - Never Gonna Give You Up on YouTube + +## Colors +| Status | Color | Description | +| --------- | ------------------------------| ------------------------------------------------ | +| SETUP | Magenta solid | Setting attack mode, getting the switch position | +| ATTACK | Yellow single blink | Injecting Powershell script | +| FINISH | Green blink followed by SOLID | Script is finished |