jinks/Flipper-Zero-BadUSB
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Updates to SwiftOnSysmon

Browse source
This commit is contained in:
Matze 2022-12-22 16:09:27 -08:00
parent e25a195d3c
commit e32a03bca7
3 changed files with 21 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

BIN
Payloads/Flip-SwiftOnSysmon/Sysmon (1).zip
View file

Binary file not shown.

42
Payloads/Flip-SwiftOnSysmon/SwiftOnSysmon.txt → Payloads/Flip-Sysmon/SwiftOnSysmon.txt
View file

@ -1,22 +1,22 @@
REM TITLE Sysmon
REM AUTHOR Matze
REM Version: 1.0
REM Target: Windows
REM DESCRIPTION: A payload used to install Sysmon with the SwiftOnSecurity rules
DELAY 3000
GUI r
DELAY 500
STRING powershell saps PowerShell -verb runas
ENTER
REM The delay below is a longer delay for admins to put in passwords if needed.
DELAY 8000
REM Stage 2 (Downloading files)
STRING Invoke-WebRequest -Uri "DROPBOX LINK HERE" -OutFile "C:\sysmon.zip"
ENTER
DELAY 8000
STRING Expand-Archive C:\sysmon.zip -DestinationPath "C:\Sysmon"
ENTER
DELAY 5000
STRING C:\Sysmon\Sysmon.ps1
REM TITLE Sysmon
REM AUTHOR Matze
REM Version: 1.0
REM Target: Windows
REM DESCRIPTION: A payload used to install Sysmon with the SwiftOnSecurity rules
DELAY 3000
GUI r
DELAY 500
STRING powershell saps PowerShell -verb runas
ENTER
REM The delay below is a longer delay for admins to put in passwords if needed.
DELAY 8000
REM Stage 2 (Downloading files)
STRING Invoke-WebRequest -Uri "DROPBOX LINK HERE" -OutFile "C:\sysmon.zip"
ENTER
DELAY 8000
STRING Expand-Archive C:\sysmon.zip -DestinationPath "C:\Sysmon"
ENTER
DELAY 5000
STRING C:\Sysmon\Sysmon.ps1
ENTER

0
Payloads/Flip-SwiftOnSysmon/Sysmon.zip → Payloads/Flip-Sysmon/Sysmon.zip
View file