From 39fd0e838c8a742cf3f422e294fc0c1d5b6bc943 Mon Sep 17 00:00:00 2001 From: cribb-it <24548670+cribb-it@users.noreply.github.com> Date: Tue, 21 Dec 2021 23:33:03 +0000 Subject: [PATCH] New Payload - Excel QR Rickroll (#436) * Add files via upload * Update readme.md * Update readme.md * Update payload.txt * Update readme.md * fix rebase errors * Fix for rebase * Fix for fewer details * Extensions: Add wait_for BTLE extensions * Quick and Dirty PrintNightmare Payload (#432) * New Payload Added new PrintNightmare Payload (Quick and dirty) * Fixed my potty mouth I'm a child sometimes * Renamed Payload * PrintNightmare: Use SWITCH_POSITION in payload path * Fixing a typo Co-authored-by: Marc * Bugfix (#433) * New Payload Added new PrintNightmare Payload (Quick and dirty) * Fixed my potty mouth I'm a child sometimes * Renamed Payload * PrintNightmare: Use SWITCH_POSITION in payload path * Fixing a typo * Added Delays Added some delays due to the fact that it was inconsistently reliable, occasionally it'd half type out the command. The delays have resolved the consistency issue on my end. Feel free to tweak as required. * Amending Version Number I'm a fool * Updated Readme with proper credit Co-authored-by: Marc * General Imrovements to PrintNightmare (#434) * Housekeeping Moved some of the QUACK Powershell commands into the juicybit.txt file for speed and ease of use. * Update README.md * More improvement Added exit to the juicybits rather than using alt and /noprofile to the run as * Update README.md Co-authored-by: Marc * New Payload - Excel QR Rickroll Co-authored-by: Marc Co-authored-by: panicacid Co-authored-by: Marc --- .../prank/Win_PoSH_ExcelQRRickroll/QRcode.ps1 | 90 +++++++++++++++++++ .../Win_PoSH_ExcelQRRickroll/payload.txt | 20 +++++ .../prank/Win_PoSH_ExcelQRRickroll/readme.md | 22 +++++ 3 files changed, 132 insertions(+) create mode 100644 payloads/library/prank/Win_PoSH_ExcelQRRickroll/QRcode.ps1 create mode 100644 payloads/library/prank/Win_PoSH_ExcelQRRickroll/payload.txt create mode 100644 payloads/library/prank/Win_PoSH_ExcelQRRickroll/readme.md diff --git a/payloads/library/prank/Win_PoSH_ExcelQRRickroll/QRcode.ps1 b/payloads/library/prank/Win_PoSH_ExcelQRRickroll/QRcode.ps1 new file mode 100644 index 00000000..e2ef3808 --- /dev/null +++ b/payloads/library/prank/Win_PoSH_ExcelQRRickroll/QRcode.ps1 @@ -0,0 +1,90 @@ +#$array = @((2,2), (2,3), (2,4), (2,5), (2,6), (2,7), (2,8), (2,9), (2,10), (2,11), (2,12), (2,13), (2,14), (2,15), (2,16), (2,17), (2,18), (2,19), (2,20), (2,21), (2,22), (2,23), (2,24), (2,25), (2,26), (3,2), (3,3), (3,4), (3,5), (3,6), (3,7), (3,8), (3,9), (3,10), (3,11), (3,12), (3,13), (3,14), (3,15), (3,16), (3,17), (3,18), (3,19), (3,20), (3,21), (3,22), (3,23), (3,24), (3,25), (3,26), (4,2), (4,3), (4,4), (4,5), (4,6), (4,7), (4,8), (4,9), (4,10), (4,11), (4,12), (4,13), (4,14), (4,15), (4,16), (4,17), (4,18), (4,19), (4,20), (4,21), (4,22), (4,23), (4,24), (4,25), (4,26), (5,2), (5,3), (5,4), (5,5), (5,6), (5,7), (5,8), (5,9), (5,10), (5,11), (5,12), (5,13), (5,14), (5,15), (5,16), (5,17), (5,18), (5,19), (5,20), (5,21), (5,22), (5,23), (5,24), (5,25), (5,26), (6,2), (6,3), (6,4), (6,5), (6,6), (6,7), (6,8), (6,9), (6,10), (6,11), (6,12), (6,13), (6,14), (6,15), (6,16), (6,17), (6,18), (6,19), (6,20), (6,21), (6,22), (6,23), (6,24), (6,25), (6,26), (7,2), (7,3), (7,4), (7,5), (7,6), (7,7), (7,8), (7,9), (7,10), (7,11), (7,12), (7,13), (7,14), (7,15), (7,16), (7,17), (7,18), (7,19), (7,20), (7,21), (7,22), (7,23), (7,24), (7,25), (7,26), (8,2), (8,3), (8,4), (8,5), (8,6), (8,7), (8,8), (8,9), (8,10), (8,11), (8,12), (8,13), (8,14), (8,15), (8,16), (8,17), (8,18), (8,19), (8,20), (8,21), (8,22), (8,23), (8,24), (8,25), (8,26), (9,2), (9,3), (9,4), (9,5), (9,6), (9,7), (9,8), (9,9), (9,10), (9,11), (9,12), (9,13), (9,14), (9,15), (9,16), (9,17), (9,18), (9,19), (9,20), (9,21), (9,22), (9,23), (9,24), (9,25), (9,26), (10,2), (10,3), (10,4), (10,5), (10,6), (10,7), (10,8), (10,9), (10,10), (10,11), (10,12), (10,13), (10,14), (10,15), (10,16), (10,17), (10,18), (10,19), (10,20), (10,21), (10,22), (10,23), (10,24), (10,25), (10,26), (11,2), (11,3), (11,4), (11,5), (11,6), (11,7), (11,8), (11,9), (11,10), (11,11), (11,12), (11,13), (11,14), (11,15), (11,16), (11,17), (11,18), (11,19), (11,20), (11,21), (11,22), (11,23), (11,24), (11,25), (11,26), (12,2), (12,3), (12,4), (12,5), (12,6), (12,7), (12,8), (12,9), (12,10), (12,11), (12,12), (12,13), (12,14), (12,15), (12,16), (12,17), (12,18), (12,19), (12,20), (12,21), (12,22), (12,23), (12,24), (12,25), (12,26), (13,2), (13,3), (13,4), (13,5), (13,6), (13,7), (13,8), (13,9), (13,10), (13,11), (13,12), (13,13), (13,14), (13,15), (13,16), (13,17), (13,18), (13,19), (13,20), (13,21), (13,22), (13,23), (13,24), (13,25), (13,26), (14,2), (14,3), (14,4), (14,5), (14,6), (14,7), (14,8), (14,9), (14,10), (14,11), (14,12), (14,13), (14,14), (14,15), (14,16), (14,17), (14,18), (14,19), (14,20), (14,21), (14,22), (14,23), (14,24), (14,25), (14,26), (15,2), (15,3), (15,4), (15,5), (15,6), (15,7), (15,8), (15,9), (15,10), (15,11), (15,12), (15,13), (15,14), (15,15), (15,16), (15,17), (15,18), (15,19), (15,20), (15,21), (15,22), (15,23), (15,24), (15,25), (15,26), (16,2), (16,3), (16,4), (16,5), (16,6), (16,7), (16,8), (16,9), (16,10), (16,11), (16,12), (16,13), (16,14), (16,15), (16,16), (16,17), (16,18), (16,19), (16,20), (16,21), (16,22), (16,23), (16,24), (16,25), (16,26), (17,2), (17,3), (17,4), (17,5), (17,6), (17,7), (17,8), (17,9), (17,10), (17,11), (17,12), (17,13), (17,14), (17,15), (17,16), (17,17), (17,18), (17,19), (17,20), (17,21), (17,22), (17,23), (17,24), (17,25), (17,26), (18,2), (18,3), (18,4), (18,5), (18,6), (18,7), (18,8), (18,9), (18,10), (18,11), (18,12), (18,13), (18,14), (18,15), (18,16), (18,17), (18,18), (18,19), (18,20), (18,21), (18,22), (18,23), (18,24), (18,25), (18,26), (19,2), (19,3), (19,4), (19,5), (19,6), (19,7), (19,8), (19,9), (19,10), (19,11), (19,12), (19,13), (19,14), (19,15), (19,16), (19,17), (19,18), (19,19), (19,20), (19,21), (19,22), (19,23), (19,24), (19,25), (19,26), (20,2), (20,3), (20,4), (20,5), (20,6), (20,7), (20,8), (20,9), (20,10), (20,11), (20,12), (20,13), (20,14), (20,15), (20,16), (20,17), (20,18), (20,19), (20,20), (20,21), (20,22), (20,23), (20,24), (20,25), (20,26), (21,2), (21,3), (21,4), (21,5), (21,6), (21,7), (21,8), (21,9), (21,10), (21,11), (21,12), (21,13), (21,14), (21,15), (21,16), (21,17), (21,18), (21,19), (21,20), (21,21), (21,22), (21,23), (21,24), (21,25), (21,26), (22,2), (22,3), (22,4), (22,5), (22,6), (22,7), (22,8), (22,9), (22,10), (22,11), (22,12), (22,13), (22,14), (22,15), (22,16), (22,17), (22,18), (22,19), (22,20), (22,21), (22,22), (22,23), (22,24), (22,25), (22,26), (23,2), (23,3), (23,4), (23,5), (23,6), (23,7), (23,8), (23,9), (23,10), (23,11), (23,12), (23,13), (23,14), (23,15), (23,16), (23,17), (23,18), (23,19), (23,20), (23,21), (23,22), (23,23), (23,24), (23,25), (23,26), (24,2), (24,3), (24,4), (24,5), (24,6), (24,7), (24,8), (24,9), (24,10), (24,11), (24,12), (24,13), (24,14), (24,15), (24,16), (24,17), (24,18), (24,19), (24,20), (24,21), (24,22), (24,23), (24,24), (24,25), (24,26), (25,2), (25,3), (25,4), (25,5), (25,6), (25,7), (25,8), (25,9), (25,10), (25,11), (25,12), (25,13), (25,14), (25,15), (25,16), (25,17), (25,18), (25,19), (25,20), (25,21), (25,22), (25,23), (25,24), (25,25), (25,26), (26,2), (26,3), (26,4), (26,5), (26,6), (26,7), (26,8), (26,9), (26,10), (26,11), (26,12), (26,13), (26,14), (26,15), (26,16), (26,17), (26,18), (26,19), (26,20), (26,21), (26,22), (26,23), (26,24), (26,25), (26,26)) +Clear-Host +<# Hak5.org +$points = @( + (2,2), (2,3), (2,4), (2,5), (2,6), (2,7), (2,8), (2,10), (2,12), (2,14), (2,16), (2,18), (2,20), (2,21), (2,22), (2,23), (2,24), (2,25), (2,26), + (3,2), (3,8), (3,11), (3,12), (3,13), (3,14), (3,15), (3,16), (3,18), (3,20), (3,26), + (4,2), (4,4), (4,5), (4,6), (4,8), (4,10), (4,11), (4,12), (4,15), (4,17), (4,20), (4,22), (4,23), (4,24), (4,26), + (5,2), (5,4), (5,5), (5,6), (5,8), (5,10), (5,11), (5,12), (5,14), (5,15), (5,16), (5,20), (5,22), (5,23), (5,24), (5,26), + (6,2), (6,4), (6,5), (6,6), (6,8), (6,10), (6,13), (6,14), (6,16), (6,17), (6,18), (6,20), (6,22), (6,23), (6,24), (6,26), + (7,2), (7,8), (7,12), (7,13), (7,16), (7,18), (7,20), (7,26), + (8,2), (8,3), (8,4), (8,5), (8,6), (8,7), (8,8), (8,10), (8,12), (8,14), (8,16), (8,18), (8,20), (8,21), (8,22), (8,23), (8,24), (8,25), (8,26), + (9,12), (9,14), (9,16), (9,17), (9,18), + (10,2), (10,3), (10,4), (10,5), (10,8), (10,10), (10,12), (10,13), (10,14), (10,15), (10,17), (10,18), (10,19), (10,22), (10,23), (10,24), (10,26), + (11,3), (11,4), (11,5), (11,6), (11,9), (11,10), (11,12), (11,14), (11,15), (11,19), (11,21), (11,25), + (12,2), (12,3), (12,4), (12,6), (12,7), (12,8), (12,9), (12,11), (12,12), (12,13), (12,14), (12,15), (12,18), (12,21), + (13,3), (13,4), (13,7), (13,9), (13,11), (13,12), (13,19), (13,20), (13,23), (13,24), + (14,3), (14,5), (14,6), (14,7), (14,8), (14,9), (14,11), (14,12), (14,14), (14,16), (14,17), (14,18), (14,20), (14,21), (14,22), (14,24), (14,25), (14,26), + (15,3), (15,11), (15,13), (15,14), (15,16), (15,17), (15,19), (15,20), (15,21), (15,22), (15,26), + (16,3), (16,7), (16,8), (16,9), (16,12), (16,13), (16,15), (16,19), (16,20), (16,22), (16,24), (16,25), + (17,2), (17,4), (17,5), (17,6), (17,7), (17,9), (17,10), (17,11), (17,12), (17,13), (17,16), (17,21), (17,23), (17,26), + (18,5), (18,6), (18,8), (18,14), (18,16), (18,17), (18,18), (18,19), (18,20), (18,21), (18,22), (18,23), (18,24), (18,25), (18,26), + (19,10), (19,12), (19,16), (19,18), (19,22), (19,26), + (20,2), (20,3), (20,4), (20,5), (20,6), (20,7), (20,8), (20,15), (20,16), (20,18), (20,20), (20,22), (20,23), (20,24), (20,25), (20,26), + (21,2), (21,8), (21,13), (21,15), (21,16), (21,17), (21,18), (21,22), (21,26), + (22,2), (22,4), (22,5), (22,6), (22,8), (22,11), (22,15), (22,16), (22,18), (22,19), (22,20), (22,21), (22,22), + (23,2), (23,4), (23,5), (23,6), (23,8), (23,10), (23,12), (23,19), (23,20), (23,21), (23,22), (23,24), (23,25), (23,26), + (24,2), (24,4), (24,5), (24,6), (24,8), (24,10), (24,11), (24,12), (24,16), (24,19), (24,20), (24,21), (24,22), (24,23), (24,24), (24,25), + (25,2), (25,8), (25,10), (25,13), (25,14), (25,15), (25,16), (25,20), (25,22), (25,24), + (26,2), (26,3), (26,4), (26,5), (26,6), (26,7), (26,8), (26,10), (26,11), (26,13), (26,20), (26,21), (26,22), (26,23), (26,24), (26,25), (26,26)) +#> +<# RickRoll #> +$points = @( + (2,2), (2,3), (2,4), (2,5), (2,6), (2,7), (2,8), (2,10), (2,11), (2,18), (2,20), (2,21), (2,22), (2,23), (2,24), (2,25), (2,26), + (3,2), (3,8), (3,18), (3,20), (3,26), + (4,2), (4,4), (4,5), (4,6), (4,8), (4,10), (4,13), (4,14), (4,15), (4,17), (4,20), (4,22), (4,23), (4,24), (4,26), + (5,2), (5,4), (5,5), (5,6), (5,8), (5,10), (5,11), (5,13), (5,14), (5,16), (5,20), (5,22), (5,23), (5,24), (5,26), + (6,2), (6,4), (6,5), (6,6), (6,8), (6,10), (6,11), (6,12), (6,13), (6,17), (6,20), (6,22), (6,23), (6,24), (6,26), + (7,2), (7,8), (7,11), (7,14), (7,15), (7,20), (7,26), + (8,2), (8,3), (8,4), (8,5), (8,6), (8,7), (8,8), (8,10), (8,12), (8,14), (8,16), (8,18), (8,20), (8,21), (8,22), (8,23), (8,24), (8,25), (8,26), + (9,11), (9,13), (9,18), + (10,2), (10,3), (10,4), (10,5), (10,8), (10,10), (10,14), (10,16), (10,18), (10,19), (10,22), (10,23), (10,24), (10,26), + (11,6), (11,9), (11,11), (11,16), (11,18), (11,21), (11,25), + (12,3), (12,4), (12,5), (12,6), (12,8), (12,9), (12,13), (12,14), (12,15), (12,20), (12,21), (12,22), + (13,3), (13,4), (13,5), (13,6), (13,9), (13,13), (13,15), (13,16), (13,17), (13,18), (13,19), (13,20), (13,21), (13,22), (13,23), (13,24), + (14,4), (14,7), (14,8), (14,11), (14,14), (14,15), (14,17), (14,19), (14,20), (14,21), (14,22), (14,24), (14,25), (14,26), + (15,6), (15,7), (15,10), (15,11), (15,12), (15,14), (15,17), (15,18), (15,20), (15,21), (15,22), (15,26), + (16,3), (16,5), (16,8), (16,9), (16,15), (16,16), (16,18), (16,19), (16,22), (16,24), (16,25), + (17,2), (17,4), (17,5), (17,6), (17,10), (17,11), (17,14), (17,18), (17,19), (17,20), (17,21), (17,22), (17,26), + (18,5), (18,6), (18,7), (18,8), (18,11), (18,14), (18,15), (18,17), (18,18), (18,19), (18,20), (18,21), (18,22), (18,23), (18,24), (18,25), (18,26), + (19,10), (19,11), (19,14), (19,15), (19,16), (19,18), (19,22), (19,24), (19,26), + (20,2), (20,3), (20,4), (20,5), (20,6), (20,7), (20,8), (20,15), (20,16), (20,18), (20,20), (20,22), (20,24), (20,25), (20,26), + (21,2), (21,8), (21,12), (21,14), (21,18), (21,22), (21,25), + (22,2), (22,4), (22,5), (22,6), (22,8), (22,11), (22,12), (22,18), (22,19), (22,20), (22,21), (22,22), (22,23), (22,25), (22,26), + (23,2), (23,4), (23,5), (23,6), (23,8), (23,10), (23,11), (23,13), (23,15), (23,16), (23,19), (23,20), (23,22), (23,23), (23,24), (23,25), (23,26), + (24,2), (24,4), (24,5), (24,6), (24,8), (24,10), (24,13), (24,14), (24,16), (24,17), (24,20), (24,22), (24,24), (24,25), + (25,2), (25,8), (25,10), (25,13), (25,14), (25,15), (25,16), (25,17), (25,19), (25,22), (25,24), + (26,2), (26,3), (26,4), (26,5), (26,6), (26,7), (26,8), (26,10), (26,11), (26,12), (26,16), (26,20), (26,21), (26,22), (26,23), (26,24), (26,25), (26,26)) +$excel = New-Object -ComObject excel.application +if ($excel) +{ + $excel.Visible = $false + # create a work book + $workbook = $excel.Workbooks.Add() + # get first sheet + $sheet = $workbook.Worksheets.Item(1) + # Set the current sheets name + $sheet.Name = 'QRCode' + # set top corner + #$sheet.Cells.Item(1,1) = 'Hak5' + # set Background colour to black + for ($i=0; $i -lt $points.length; $i++) + { + # 1 should be black + $sheet.Cells.Item($points[$i][0],$points[$i][1]).Interior.Color = 1 + } + # Set Column width to make squares + #for ($i=1; $i -le 26; $i++) + #{ + # $sheet.Columns[$i].ColumnWidth = 2.14; + #} + $usedRange = $sheet.UsedRange + $usedRange.EntireColumn.ColumnWidth = 2.14 + + $excel.Visible = $true + + #lets eject the bunny + $eject = New-Object -comObject Shell.Application + # namespace ssfDRIVES + $eject.NameSpace(17).ParseName((gwmi win32_volume -f 'label=''BashBunny''').driveletter).InvokeVerb(“Eject”) +} \ No newline at end of file diff --git a/payloads/library/prank/Win_PoSH_ExcelQRRickroll/payload.txt b/payloads/library/prank/Win_PoSH_ExcelQRRickroll/payload.txt new file mode 100644 index 00000000..9271de66 --- /dev/null +++ b/payloads/library/prank/Win_PoSH_ExcelQRRickroll/payload.txt @@ -0,0 +1,20 @@ +# Title: Excel QR Rickroll +# Description: Create a QR code in Excel that points to Rick Astley - Never Gonna Give You Up on YouTube +# Author: Cribbit +# Version: 1.0 +# Category: Pranks +# Target: Windows (Powershell 5.1+) +# Attackmodes: HID & STORAGE +# Extensions: Run + +LED SETUP + +GET SWITCH_POSITION + +ATTACKMODE HID STORAGE + +LED ATTACK + +RUN WIN "powerShell -Noni -NoP -W h -EP Bypass .((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\$SWITCH_POSITION\QRcode.ps1')" + +LED FINNISH \ No newline at end of file diff --git a/payloads/library/prank/Win_PoSH_ExcelQRRickroll/readme.md b/payloads/library/prank/Win_PoSH_ExcelQRRickroll/readme.md new file mode 100644 index 00000000..a1e6e654 --- /dev/null +++ b/payloads/library/prank/Win_PoSH_ExcelQRRickroll/readme.md @@ -0,0 +1,22 @@ +# Excel QR Rickroll +* Author: Cribbit +* Version: 1.0 +* Target: Windows (Powershell 5.1+) + Excel +* Category: pranks +* Attackmode: HID +* Extensions: Run + +## Change Log +| Version | Changes | +| ------- | ------------------------------| +| 1.0 | Initial release | + +## Description +Create a QR code in Excel that points to Rick Astley - Never Gonna Give You Up on YouTube + +## Colors +| Status | Color | Description | +| --------- | ------------------------------| ------------------------------------------------ | +| SETUP | Magenta solid | Setting attack mode, getting the switch position | +| ATTACK | Yellow single blink | Injecting Powershell script | +| FINISH | Green blink followed by SOLID | Script is finished |