Ever needed a convincing paylod for a USB drop? Look no further!
This script is meant to check in to an attacker controlled server returning information on the system that plugs in the machine.
Also returning information specific to the physical branches/sites a client has is set to do so.
The script relies on the wget command, which is packaged along with configuration information. When ready to use, simply clone the github repository onto the usb drive. Or copy it over.
Per USB drive use, go on and open up the .xls.bat file, currently named "2020_Summer_Photos.xls.bat".
Once open, modify each area within brackets "<>" to fit your situation. If you change the name of this file, make sure you also update autorun.inf
Now simply remove the usb drive, and plug it into a windows system. If the system has not blocked usb access, you should receive a check in.
Ideally, this will be updated to utilize a more modern "autorun" like feature so as to provide more stealth.