Screen-Shock

Screen-Shock
Download Copy
Title: Screen-Shock
Author: atomiczsec

This payload is meant to exfiltrate screenshots of all monitors and sends to a dropbox every 15 seconds. (This setting can be changed in the c.ps1 file) This payload uses iwr to download 2 files I.bat c.ps1 I.bat is downloaded to the startup folder to maintain persistence and execute c.ps1 on reboot/startup c.ps1 will sit in AppData\Roaming folder, taking a screenshot of all monitors every 15 seconds Then the contents will then be sent to the DropBox for viewing pleasure

Exfiltration is an involuntary backup. It's a technique for obtaining data from a network. Once obtained, the data may be removed using a number of methods. These may include traversing the network to a command and control server, such as Cloud C². The content is typically encrypted or obfuscated. In the case of physical access, a bring-your-own-network element may be included to evade detection. See all exfiltration payloads.

This payload is for OMG — a platform built for covert field-use with features that enhance remote execution, stealth and forensics evasion, all while being able to quickly change your tooling on the fly.

Submit your own payload, or browse more featured OMG Payloads.

 

 

Related Payloads

Export Firefox Cookies Database
Export Firefox Cookies Database
This script may come in handy for those who want to quickly save all the cookies of their Firefox session by exporting t
Read More
Uninstall Signal
Uninstall Signal
A script used to uninstall signal-desktop app on Windows users. Open a PowerShell, stop the Signal proccess if it runs
Read More
Starting a PowerShell with administrator permissions in Windows 10/11
Starting a PowerShell with administrator permissions in Windows 10/11
This script can be considered by people who are new to the world of scripts written in DuckyScript so that they can unde
Read More