From d4775c834b31d2af9ae878183f0552996885f3f7 Mon Sep 17 00:00:00 2001
From: egieb <93350544+beigeworm@users.noreply.github.com>
Date: Sun, 17 Mar 2024 09:31:39 +0000
Subject: [PATCH] Update README.md

---
 Discord-C2/README.md | 103 ++++++++++++++++++++++++++-----------------
 1 file changed, 62 insertions(+), 41 deletions(-)

diff --git a/Discord-C2/README.md b/Discord-C2/README.md
index 0c417b7..a82c15f 100644
--- a/Discord-C2/README.md
+++ b/Discord-C2/README.md
@@ -1,32 +1,25 @@
 # PoshCord-C2
 
-MAIN SCRIPT HERE - https://github.com/beigeworm/PoshCord-C2
-
 **SYNOPSIS**
 
-Using a Discord webhook and a hosted text file to Act as a Command and Control Platform.
-
-![a](https://github.com/beigeworm/BadUSB-Files-For-FlipperZero/assets/93350544/fbd9e46b-5ba2-402b-ac7e-4464985e085a)
+Using a Discord bot along with discords API and a webhook to Act as a Command and Control Platform.
 
 **INFORMATION**
 
-This script will wait until it notices a change in the contents of a text file hosted online (eg. github/pastebin).
-Every 10 seconds it will check a file for a change in the file contents and interpret it as a custom command / module.
+This script uses a discord bot along with discords API and a webhook to create a chat that can control a windows pc.
+Every 10 seconds it will check for a new message in chat and interpret it as a custom command / module in powershell.
 
-*Using github to host your command file will take up to 5 minutes to run each module command - Use pastebin (account needed) OR your own server to host the txt file for instant response* 
+**Demo** (using .vbs stager and python bot)
+
+![GIF 3-14-2024 7-18-11 PM](https://github.com/beigeworm/PoshCord-C2/assets/93350544/d1805cf3-f850-45c1-b4d2-c342cc17ecdb)
 
 **SETUP**
 1. make a discord bot at https://discord.com/developers/applications/
-2. in bot > server intents turn on everything
-3. add the bot to your discord server (oauth > copy link) copy link
-
-![Screenshot_1](https://github.com/beigeworm/BadUSB-Files-For-FlipperZero/assets/93350544/b3fe7785-dcf3-4971-99f0-f3456ddc34ef)
-
-4. create a webhook in the desired channel on your server. ( channel-settings/integrations )
-5. FLIPPER ONLY - goto https://t.ly and make a short link for the webhook. (run prompt only allows 256 characters!)
-6. Change WEBHOOK_URL below to your short webhook URL eg. https://t.ly/byuf4e
-7. Change BOT_TOKEN below with your bot token
-8. Change CHANNEL_ID below to the channel id of your webhook.
+2. add the bot to your discord server
+3. create a webhook in the desired channel on your server. ( channel-settings/integrations )
+3. Change $dc below to your webhook URL eg. https://discord.com/api/webhooks/123445623531/f4fw3f4r46r44343t5gxxxxxx
+4. Change $tk below with your bot token
+5. Change $ch below to the channel id of your webhook.
 
 **USAGE**
 1. Setup the script
@@ -36,35 +29,63 @@ Every 10 seconds it will check a file for a change in the file contents and inte
 5. Do the same with any other command listed - To run that module.
 
 **MODULES**
-1. `Message` : Send a message window to the Users desktop.
-2. `SpeechToText`  : Send microphone audio transcript to Discord       
-3. `Screenshot`  : Sends a screenshot of the desktop to Discord.      
-4. `KeyCapture`   : Capture Keystrokes and send to Discord. (see ExtraInfo for usage.)          
-5. `Exfiltrate` : Send various files to Discord zipped in 25mb files. (see ExtraInfo for usage.)                   
-6. `Upload` : Upload a file to Discord. (see ExtraInfo for usage.)     
-7. `Systeminfo` : Send System information as text file to Discord. (takes a few minutes to gather data)
-8. `RecordAudio`  : Record microphone to Discord (RecordAudio -t 100) in seconds
-9. `RecordScreen`  : Record Screen to Discord (RecordScreen -t 100) in seconds
-10. `TakePicture` : Send a webcam picture to Discord. (can take a few minutes..)
-11. `FolderTree` : Save folder trees to file and send to Discord.
-12. `FakeUpdate` : Spoof windows update screen.
-13. `Nearby-Wifi` : Show nearby wifi networks
-14. `Send-Hydra` : Never ending popups (use killswitch)            
-15. `AddPersistance` : Add this script to the startup folder.         
-16. `RemovePersistance` : Remove this script from the startup folder.               
-17. `IsAdmin`  : Check if the session is admin.             
-18. `AttemptElevate` : Attempt to restart script as admin. (displays a UAC prompt to User)  
-19. `EnumerateLAN`  : Show all devices on the network (see ExtraInfo for usage.) (can take a few miniutes to complete)    
-20. `Close`  : Close this Session                          
-21. `Options`  : Show the Module menu
-22. `ExtraInfo`  : Show extra Module information
+- **SpeechToText**: Send audio transcript to Discord
+- **Systeminfo**: Send System info as text file to Discord
+- **FolderTree**: Save folder trees to file and send to Discord
+- **EnumerateLAN**: Show devices on LAN (see ExtraInfo)
+- **NearbyWifi**: Show nearby wifi networks (!user popup!)
+
+- **AddPersistance**: Add this script to startup.
+- **RemovePersistance**: Remove Poshcord from startup
+- **IsAdmin**: Check if the session is admin
+- **Elevate**: Attempt to restart script as admin (!user popup!)
+- **ExcludeCDrive**: Exclude C:/ Drive from all Defender Scans
+- **ExcludeAllDrives**: Exclude C:/ - G:/ Drives from Defender Scans
+- **EnableRDP**: Enable Remote Desktop on target.
+- **EnableIO**: Enable Keyboard and Mouse
+- **DisableIO**: Disable Keyboard and Mouse
+
+- **RecordAudio**: Record microphone and send to Discord
+- **RecordScreen**: Record Screen and send to Discord
+- **TakePicture**: Send a webcam picture and send to Discord
+- **Exfiltrate**: Send various files. (see ExtraInfo)
+- **Upload**: Upload a file. (see ExtraInfo)
+- **Screenshot**: Sends a screenshot of the desktop and send to Discord
+- **Keycapture**: Capture Keystrokes and send to Discord
+
+- **FakeUpdate**: Spoof Windows-10 update screen using Chrome
+- **Windows93**: Start parody Windows93 using Chrome
+- **WindowsIdiot**: Start fake Windows95 using Chrome
+- **SendHydra**: Never ending popups (use killswitch) to stop
+- **SoundSpam**: Play all Windows default sounds on the target
+- **Message**: Send a message window to the User (!user popup!)
+- **VoiceMessage**: Send a message window to the User (!user popup!)
+- **MinimizeAll**: Send a voice message to the User
+- **EnableDarkMode**: Enable System wide Dark Mode
+- **DisableDarkMode**: Disable System wide Dark Mode\
+- **VolumeMax**: Maximise System Volume
+- **VolumeMin**: Minimise System Volume
+- **ShortcutBomb**: Create 50 shortcuts on the desktop.
+- **Wallpaper**: Set the wallpaper (wallpaper -url http://img.com/f4wc)
+- **Goose**: Spawn an annoying goose (Sam Pearson App)
+
+- **ExtraInfo**: Get a list of further info and command examples
+- **Cleanup**: Wipe history (run prompt, powershell, recycle bin, Temp)
+- **Kill**: Stop a running module (eg. Keycapture / Exfiltrate)
+- **Control-All**: Control all waiting sessions simultaneously
+- **Pause**: Pause the current authenticated session
+- **Close**: Close this session
 
 
 **FEATURES**
 
 **Custom Scripting**
 
-Edit the hosted file contents to any custom powershell script or command to run custom powershell.
+You can add custom scripting / commands - Type 'YOUR CUSTOM POWERSHELL COMMAND' in chat
+
+**Mass Control Mode**
+
+Control all waiting sessions simultaneously with 'controll-all' to mass authenticate sessions.
 
 **Killswitch**