New Recipe

[+] Generalized Windows User Path

Author: aleff-github

assets/code/1_0_GENERALIZED_WINDOWS_USER_PATH.txt

@@ -0,0 +1,8 @@
+REM To generalize the username so that the script works for any user, you can use the variable $env:USERPROFILE, which points to the current user's profile directory.
+
+REM In this example you will go inside the “Documents” folder of the currently logged in user.
+
+REM To change it change the end part of the command.
+
+STRING $path = Join-Path -Path $env:USERPROFILE -ChildPath "Documents"
+ENTER

assets/code/3_0_GENERALIZED_WINDOWS_USER_PATH.txt

@@ -0,0 +1,9 @@
+REM_BLOCK
+    To generalize the username so that the script works for any user, you can use the variable $env:USERPROFILE, which points to the current user's profile directory.
+    In this example you will go inside the “Documents” folder of the currently logged in user.
+END_REM
+
+REM Change this variable to access the subfolder or subpath you want to reach, for example Documents/private/etc...
+DEFINE #SUBDIRECTORY example
+
+STRINGLN $path = Join-Path -Path $env:USERPROFILE -ChildPath "#SUBDIRECTORY"

media/js/main.js

@@ -21,11 +21,13 @@
         'EXFILTRATE_FILES_USING_DROPBOX_WINDOWS_3_0': function () { vscode.postMessage({ type: 'EXFILTRATE_FILES_USING_DROPBOX_WINDOWS_3_0' }); },
         'OPEN_POWERSHELL_3_0': function () { vscode.postMessage({ type: 'OPEN_POWERSHELL_3_0' }); },
         'SAVE_FILES_IN_RUBBER_DUCKY_STORAGE_WINDOWS_3_0': function () { vscode.postMessage({ type: 'SAVE_FILES_IN_RUBBER_DUCKY_STORAGE_WINDOWS_3_0' }); },
+        'GENERALIZED_WINDOWS_USER_PATH_3_0': function () { vscode.postMessage({ type: 'GENERALIZED_WINDOWS_USER_PATH_3_0' }); },
         'PAYLOAD_INTRO_1_0': function () { vscode.postMessage({ type: 'PAYLOAD_INTRO_1_0' }); },
         'ERASE_TRACES_POWERSHELL_1_0': function () { vscode.postMessage({ type: 'ERASE_TRACES_POWERSHELL_1_0' }); },
         'ERASE_TRACES_SHELL_1_0': function () { vscode.postMessage({ type: 'ERASE_TRACES_SHELL_1_0' }); },
         'EXFILTRATE_FILES_USING_DROPBOX_WINDOWS_1_0': function () { vscode.postMessage({ type: 'EXFILTRATE_FILES_USING_DROPBOX_WINDOWS_1_0' }); },
         'OPEN_POWERSHELL_1_0': function () { vscode.postMessage({ type: 'OPEN_POWERSHELL_1_0' }); },
+        'GENERALIZED_WINDOWS_USER_PATH_1_0': function () { vscode.postMessage({ type: 'GENERALIZED_WINDOWS_USER_PATH_1_0' }); },
         'OPEN_SHELL': function () { vscode.postMessage({ type: 'OPEN_SHELL' }); },
     };
 

src/cpanel/code_panel_view_provider.ts

@@ -88,6 +88,12 @@ export class CodePanelViewProvider implements vscode.WebviewViewProvider {
 						editBuilder.replace(selection, code.duckyscript(this._extension.asAbsolutePath(PATH_TO_COOKBOOK.SAVE_FILES_IN_RUBBER_DUCKY_STORAGE_WINDOWS_3_0)));
 					});
 					break;
+				case 'GENERALIZED_WINDOWS_USER_PATH_3_0':
+					active.edit(editBuilder => {
+						const code = new cpanel.Code(this._extension.extensionUri);
+						editBuilder.replace(selection, code.duckyscript(this._extension.asAbsolutePath(PATH_TO_COOKBOOK.GENERALIZED_WINDOWS_USER_PATH_3_0)));
+					});
+					break;
 
 				// DuckyScript 1.0 Payloads
 				case 'PAYLOAD_INTRO_1_0':
@@ -120,6 +126,12 @@ export class CodePanelViewProvider implements vscode.WebviewViewProvider {
 						editBuilder.replace(selection, code.duckyscript(this._extension.asAbsolutePath(PATH_TO_COOKBOOK.OPEN_POWERSHELL_1_0)));
 					});
 					break;
+				case 'GENERALIZED_WINDOWS_USER_PATH_1_0':
+					active.edit(editBuilder => {
+						const code = new cpanel.Code(this._extension.extensionUri);
+						editBuilder.replace(selection, code.duckyscript(this._extension.asAbsolutePath(PATH_TO_COOKBOOK.GENERALIZED_WINDOWS_USER_PATH_1_0)));
+					});
+					break;
 
 				// Both
 				case 'OPEN_SHELL':
@@ -222,6 +234,9 @@ function getCodePanelBody() {
 				<a href="#" class="btn" role="button" data-act="SAVE_FILES_IN_RUBBER_DUCKY_STORAGE_WINDOWS_3_0">
 					<li><span>Save Files In Rubber Ducky Storage - Windows</span></li>
 				</a>
+				<a href="#" class="btn" role="button" data-act="GENERALIZED_WINDOWS_USER_PATH_3_0">
+					<li><span>Generalized Windows User Path</span></li>
+				</a>
 				<a href="#" class="btn" role="button" data-act="OPEN_SHELL">
 					<li><span>Open A Shell</span></li>
 				</a>
@@ -251,6 +266,9 @@ function getCodePanelBody() {
 					<a href="#" class="btn" role="button" data-act="OPEN_POWERSHELL_1_0">
 						<li><span>Open Powershell</span></li>
 					</a>
+					<a href="#" class="btn" role="button" data-act="GENERALIZED_WINDOWS_USER_PATH_1_0">
+						<li><span>Generalized Windows User Path</span></li>
+					</a>
 					<a href="#" class="btn" role="button" data-act="OPEN_SHELL">
 						<li><span>Open A Shell</span></li>
 					</a>

src/utils/consts.ts

@@ -13,10 +13,12 @@ export const PATH_TO_COOKBOOK = {
 	EXFILTRATE_FILES_USING_DROPBOX_WINDOWS_3_0 : FULL_PATH + "3_0_EXFILTRATE_FILES_USING_DROPBOX_WINDOWS" + COOKBOOK_EXTENSION_FILE,
 	OPEN_POWERSHELL_3_0 : FULL_PATH + "3_0_OPEN_POWERSHELL" + COOKBOOK_EXTENSION_FILE,
 	SAVE_FILES_IN_RUBBER_DUCKY_STORAGE_WINDOWS_3_0 : FULL_PATH + "3_0_SAVE_FILES_IN_RUBBER_DUCKY_STORAGE_WINDOWS" + COOKBOOK_EXTENSION_FILE,
+	GENERALIZED_WINDOWS_USER_PATH_3_0 : FULL_PATH + "3_0_GENERALIZED_WINDOWS_USER_PATH" + COOKBOOK_EXTENSION_FILE,
 	PAYLOAD_INTRO_1_0 : FULL_PATH + "1_0_PAYLOAD_INTRO" + COOKBOOK_EXTENSION_FILE,
 	ERASE_TRACES_POWERSHELL_1_0 : FULL_PATH + "1_0_ERASE_TRACES_POWERSHELL" + COOKBOOK_EXTENSION_FILE,
 	ERASE_TRACES_SHELL_1_0 : FULL_PATH + "1_0_ERASE_TRACES_SHELL" + COOKBOOK_EXTENSION_FILE,
 	EXFILTRATE_FILES_USING_DROPBOX_WINDOWS_1_0 : FULL_PATH + "1_0_EXFILTRATE_FILES_USING_DROPBOX_WINDOWS" + COOKBOOK_EXTENSION_FILE,
 	OPEN_POWERSHELL_1_0 : FULL_PATH + "1_0_OPEN_POWERSHELL" + COOKBOOK_EXTENSION_FILE,
+	GENERALIZED_WINDOWS_USER_PATH_1_0 : FULL_PATH + "1_0_GENERALIZED_WINDOWS_USER_PATH" + COOKBOOK_EXTENSION_FILE,
 	OPEN_SHELL : FULL_PATH + "OPEN_SHELL" + COOKBOOK_EXTENSION_FILE
 };