Screen-Shock

Screen-Shock
Download Copy
Title: Screen-Shock
Author: atomiczsec

This payload is meant to exfiltrate screenshots of all monitors and sends to a dropbox every 15 seconds. (This setting can be changed in the c.ps1 file) This payload uses iwr to download 2 files I.bat c.ps1 I.bat is downloaded to the startup folder to maintain persistence and execute c.ps1 on reboot/startup c.ps1 will sit in AppData\Roaming folder, taking a screenshot of all monitors every 15 seconds Then the contents will then be sent to the DropBox for viewing pleasure

Exfiltration is an involuntary backup. It's a technique for obtaining data from a network. Once obtained, the data may be removed using a number of methods. These may include traversing the network to a command and control server, such as Cloud C². The content is typically encrypted or obfuscated. In the case of physical access, a bring-your-own-network element may be included to evade detection. See all exfiltration payloads.

This payload is for OMG — a platform built for covert field-use with features that enhance remote execution, stealth and forensics evasion, all while being able to quickly change your tooling on the fly.

Submit your own payload, or browse more featured OMG Payloads.

 

 

Related Payloads

Same File Name Prank
Same File Name Prank
This payload renames files and folders to all have a similar name.
Read More
Exfiltrate NTLM Hash
Exfiltrate NTLM Hash
A payload used to exfiltrate the NTLM hash on a Windows machine.
Read More
Shark Net Sniff
Shark Net Sniff
uses tcpdump to capture network traffic for 1 minute and saves a pcap into loot storage folder
Read More