BadUSB/3.0. VulnerabilityScanner

DELAY 1000
REM Open Start Menu
CONTROL ESCAPE
DELAY 3000
STRING powershell
REM Navigate to the context menu to run PowerShell as an administrator
DELAY 2000
RIGHTARROW
DELAY 500
DOWNARROW
DELAY 500
ENTER
DELAY 5000
ALT Y
DELAY 5000
REM Set PowerShell Execution Policy to Bypass
DELAY 1000
STRING set-executionpolicy bypass -scope process -force
DELAY 400
ENTER
DELAY 400
REM Create the PowerShell script in memory and execute it
DELAY 400
STRING $usbName = "MYUSB"
DELAY 400
ENTER
DELAY 400
STRING $usbDrive = Get-WmiObject Win32_Volume | Where-Object { $_.Label -eq $usbName } | Select-Object -ExpandProperty DriveLetter
DELAY 400
ENTER
DELAY 400
STRING if ($usbDrive) {
DELAY 400
ENTER
DELAY 400
STRING     $owner = (Get-WmiObject Win32_ComputerSystem).UserName
DELAY 400
ENTER
DELAY 400
STRING     $directoryPath = Join-Path -Path $usbDrive -ChildPath $owner
DELAY 400
ENTER
DELAY 400
STRING     New-Item -ItemType Directory -Path $directoryPath
DELAY 400
ENTER
DELAY 400
STRING     $resultsFilePath = Join-Path -Path $directoryPath -ChildPath "results.txt"
DELAY 400
ENTER
DELAY 400
STRING     "" > $resultsFilePath
DELAY 400
ENTER
DELAY 400
STRING     function check-passwordpolicy {
DELAY 400
ENTER
DELAY 400
STRING         try {
DELAY 400
ENTER
DELAY 400
STRING             net accounts
DELAY 400
ENTER
DELAY 400
STRING         } catch {
DELAY 400
ENTER
DELAY 400
STRING             write-output "Error checking password policy: $_"
DELAY 400
ENTER
DELAY 400
STRING         }
DELAY 400
ENTER
DELAY 400
STRING     }
DELAY 400
ENTER
DELAY 400
STRING     function audit-services {
DELAY 400
ENTER
DELAY 400
STRING         try {
DELAY 400
ENTER
DELAY 400
STRING             get-service | select-object name, displayname, status, starttype
DELAY 400
ENTER
DELAY 400
STRING         } catch {
DELAY 400
ENTER
DELAY 400
STRING             write-output "Error auditing services: $_"
DELAY 400
ENTER
DELAY 400
STRING         }
DELAY 400
ENTER
DELAY 400
STRING     }
DELAY 400
ENTER
DELAY 400
STRING     function check-networksettings {
DELAY 400
ENTER
DELAY 400
STRING         try {
DELAY 400
ENTER
DELAY 400
STRING             get-netipconfiguration
DELAY 400
ENTER
DELAY 400
STRING         } catch {
DELAY 400
ENTER
DELAY 400
STRING             write-output "Error checking network settings: $_"
DELAY 400
ENTER
DELAY 400
STRING         }
DELAY 400
ENTER
DELAY 400
STRING     }
DELAY 400
ENTER
DELAY 400
STRING     function check-softwarevulnerabilities {
DELAY 400
ENTER
DELAY 400
STRING         try {
DELAY 400
ENTER
DELAY 400
STRING             get-itemproperty hklm:\software\wow6432node\microsoft\windows\currentversion\uninstall\* | select-object displayname, displayversion, publisher
DELAY 400
ENTER
DELAY 400
STRING         } catch {
DELAY 400
ENTER
DELAY 400
STRING             write-output "Error checking software vulnerabilities: $_"
DELAY 400
ENTER
DELAY 400
STRING         }
DELAY 400
ENTER
DELAY 400
STRING     }
DELAY 400
ENTER
DELAY 400
STRING     function check-cve {
DELAY 400
ENTER
DELAY 400
STRING         param (
DELAY 400
ENTER
DELAY 400
STRING             [string]$productname,
DELAY 400
ENTER
DELAY 400
STRING             [string]$version
DELAY 400
ENTER
DELAY 400
STRING         )
DELAY 400
ENTER
DELAY 400
STRING         $initialDelay = 2
DELAY 400
ENTER
DELAY 400
STRING         try {
DELAY 400
ENTER
DELAY 400
STRING             $uri = "https://services.nvd.nist.gov/rest/json/cves/1.0?keyword=$productname+$version"
DELAY 400
ENTER
DELAY 400
STRING             start-sleep -seconds $initialDelay
DELAY 400
ENTER
DELAY 400
STRING             $response = invoke-restmethod -uri $uri -method get
DELAY 400
ENTER
DELAY 400
STRING             if ($response.totalresults -gt 0) {
DELAY 400
ENTER
DELAY 400
STRING                 foreach ($cve in $response.result.cve_items) {
DELAY 400
ENTER
DELAY 400
STRING                     "$($cve.cve.cve_data_meta.id) - $($cve.cve.description.description_data[0].value)"
DELAY 400
ENTER
DELAY 400
STRING                 }
DELAY 400
ENTER
DELAY 400
STRING             } else {
DELAY 400
ENTER
DELAY 400
STRING                 "no cves found for $productname $version"
DELAY 400
ENTER
DELAY 400
STRING             }
DELAY 400
ENTER
DELAY 400
STRING         } catch {
DELAY 400
ENTER
DELAY 400
STRING             write-output "Error checking CVEs: $_"
DELAY 400
ENTER
DELAY 400
STRING             if ($_.Exception -match '403') {
DELAY 400
ENTER
DELAY 400
STRING                 write-output "403 Forbidden error encountered. Retrying in 60 seconds..."
DELAY 400
ENTER
DELAY 400
STRING                 start-sleep -seconds 60
DELAY 400
ENTER
DELAY 400
STRING                 $retryResponse = invoke-restmethod -uri $uri -method get
DELAY 400
ENTER
DELAY 400
STRING                 if ($retryResponse.totalresults -gt 0) {
DELAY 400
ENTER
DELAY 400
STRING                     foreach ($cve in $retryResponse.result.cve_items) {
DELAY 400
ENTER
DELAY 400
STRING                         "$($cve.cve.cve_data_meta.id) - $($cve.cve.description.description_data[0].value)"
DELAY 400
ENTER
DELAY 400
STRING                     }
DELAY 400
ENTER
DELAY 400
STRING                 } else {
DELAY 400
ENTER
DELAY 400
STRING                     "no cves found for $productname $version"
DELAY 400
ENTER
DELAY 400
STRING                 }
DELAY 400
ENTER
DELAY 400
STRING             }
DELAY 400
ENTER
DELAY 400
STRING         }
DELAY 400
ENTER
DELAY 400
STRING     }
DELAY 400
ENTER
DELAY 400
STRING     function analyze-logs {
DELAY 400
ENTER
DELAY 400
STRING         try {
DELAY 400
ENTER
DELAY 400
STRING             get-eventlog -logname system -newest 100
DELAY 400
ENTER
DELAY 400
STRING         } catch {
DELAY 400
ENTER
DELAY 400
STRING             write-output "Error analyzing logs: $_"
DELAY 400
ENTER
DELAY 400
STRING         }
DELAY 400
ENTER
DELAY 400
STRING     }
DELAY 400
ENTER
DELAY 400
STRING     function check-openports {
DELAY 400
ENTER
DELAY 400
STRING         try {
DELAY 400
ENTER
DELAY 400
STRING             netstat -an
DELAY 400
ENTER
DELAY 400
STRING         } catch {
DELAY 400
ENTER
DELAY 400
STRING             write-output "Error checking open ports: $_"
DELAY 400
ENTER
DELAY 400
STRING         }
DELAY 400
ENTER
DELAY 400
STRING     }
DELAY 400
ENTER
DELAY 400
STRING     function check-missingupdates {
DELAY 400
ENTER
DELAY 400
STRING         try {
DELAY 400
ENTER
DELAY 400
STRING             write-output "Checking Windows Update logs..."
DELAY 400
ENTER
DELAY 400
STRING             $updateLogPath = Join-Path -Path $directoryPath -ChildPath "WindowsUpdate.log"
DELAY 400
ENTER
DELAY 400
STRING             Get-WindowsUpdateLog -LogPath $updateLogPath
DELAY 400
ENTER
DELAY 400
STRING             write-output "WindowsUpdate.log written to $updateLogPath"
DELAY 400
ENTER
DELAY 400
STRING             Remove-Item -Path "C:\Users\$env:USERNAME\AppData\Local\Temp\WindowsUpdateLog\*" -Recurse -Force
DELAY 400
ENTER
DELAY 400
STRING         } catch {
DELAY 400
ENTER
DELAY 400
STRING             write-output "Error getting Windows Update log: $_"
DELAY 400
ENTER
DELAY 400
STRING         }
DELAY 400
ENTER
DELAY 400
STRING     }
DELAY 400
ENTER
DELAY 400
STRING     function check-firewallstatus {
DELAY 400
ENTER
DELAY 400
STRING         try {
DELAY 400
ENTER
DELAY 400
STRING             netsh advfirewall show allprofiles
DELAY 400
ENTER
DELAY 400
STRING         } catch {
DELAY 400
ENTER
DELAY 400
STRING             write-output "Error checking firewall status: $_"
DELAY 400
ENTER
DELAY 400
STRING         }
DELAY 400
ENTER
DELAY 400
STRING     }
DELAY 400
ENTER
DELAY 400
STRING     function check-smbv1status {
DELAY 400
ENTER
DELAY 400
STRING         try {
DELAY 400
ENTER
DELAY 400
STRING             get-windowsoptionalfeature -online -featurename smb1protocol
DELAY 400
ENTER
DELAY 400
STRING         } catch {
DELAY 400
ENTER
DELAY 400
STRING             write-output "Error checking SMBv1 status: $_"
DELAY 400
ENTER
DELAY 400
STRING         }
DELAY 400
ENTER
DELAY 400
STRING     }
DELAY 400
ENTER
DELAY 400
STRING     function check-antivirusstatus {
DELAY 400
ENTER
DELAY 400
STRING         try {
DELAY 400
ENTER
DELAY 400
STRING             get-mpcomputerstatus
DELAY 400
ENTER
DELAY 400
STRING         } catch {
DELAY 400
ENTER
DELAY 400
STRING             write-output "Error checking antivirus status: $_"
DELAY 400
ENTER
DELAY 400
STRING         }
DELAY 400
ENTER
DELAY 400
STRING     }
DELAY 400
ENTER
DELAY 400
STRING     check-passwordpolicy >> $resultsFilePath
DELAY 400
ENTER
DELAY 400
STRING     audit-services >> $resultsFilePath
DELAY 400
ENTER
DELAY 400
STRING     check-networksettings >> $resultsFilePath
DELAY 400
ENTER
DELAY 400
STRING     check-softwarevulnerabilities >> $resultsFilePath
DELAY 400
ENTER
DELAY 400
STRING     analyze-logs >> $resultsFilePath
DELAY 400
ENTER
DELAY 400
STRING     check-openports >> $resultsFilePath
DELAY 400
ENTER
DELAY 400
STRING     check-missingupdates >> $resultsFilePath
DELAY 400
ENTER
DELAY 400
STRING     check-firewallstatus >> $resultsFilePath
DELAY 400
ENTER
DELAY 400
STRING     check-smbv1status >> $resultsFilePath
DELAY 400
ENTER
DELAY 400
STRING     check-antivirusstatus >> $resultsFilePath
DELAY 400
ENTER
DELAY 400
REM Dynamically identify critical software from running processes and scheduled tasks
STRING     $runningSoftware = Get-Process | Select-Object Name | Sort-Object Name -Unique
DELAY 400
ENTER
DELAY 400
STRING     $scheduledTasks = schtasks /query /fo CSV | ConvertFrom-Csv | Select-Object TaskName, TaskToRun | Sort-Object TaskToRun -Unique
DELAY 400
ENTER
DELAY 400
REM Combine running software and scheduled tasks
STRING     $softwareList = @()
DELAY 400
ENTER
DELAY 400
STRING     foreach ($process in $runningSoftware) {
DELAY 400
ENTER
DELAY 400
STRING         $softwareList += $process.Name
DELAY 400
ENTER
DELAY 400
STRING     }
DELAY 400
ENTER
DELAY 400
STRING     foreach ($task in $scheduledTasks) {
DELAY 400
ENTER
DELAY 400
STRING         $softwareList += [System.IO.Path]::GetFileNameWithoutExtension($task.TaskToRun)
DELAY 400
ENTER
DELAY 400
STRING     }
DELAY 400
ENTER
DELAY 400
REM Remove duplicates and empty entries
STRING     $softwareList = $softwareList | Sort-Object -Unique | Where-Object { $_ -ne "" }
DELAY 400
ENTER
DELAY 400
REM Check CVEs for identified software
STRING     foreach ($software in $softwareList) {
DELAY 400
ENTER
DELAY 400
STRING         $version = (Get-ItemProperty hklm:\software\wow6432node\microsoft\windows\currentversion\uninstall\* | Where-Object { $_.DisplayName -eq $software }).DisplayVersion
DELAY 400
ENTER
DELAY 400
STRING         if ($version) {
DELAY 400
ENTER
DELAY 400
STRING             check-cve -productname $software -version $version >> $resultsFilePath
DELAY 400
ENTER
DELAY 400
STRING             $initialDelay += (Get-Random -Minimum 5 -Maximum 10)
DELAY 400
ENTER
DELAY 400
STRING             start-sleep -seconds $initialDelay
DELAY 400
ENTER
DELAY 400
STRING         }
DELAY 400
ENTER
DELAY 400
STRING     }
DELAY 400
ENTER
DELAY 400
STRING     write-output "Results saved to USB drive."
DELAY 400
ENTER
DELAY 400
STRING } else {
DELAY 400
ENTER
DELAY 400
STRING     write-output "Error: USB drive MYUSB not found."
DELAY 400
ENTER
DELAY 400
STRING }
DELAY 400
ENTER
DELAY 400
STRING invoke-command -scriptblock $script
DELAY 400
ENTER
DELAY 20000