hak5 · dallaswinger · Oct 19, 2023
diff --git a/payloads/extensions/default_lock_key_states.txt b/payloads/extensions/default_lock_key_states.txt
@@ -0,0 +1,26 @@
+EXTENSION DEFAULT_LOCK_KEY_STATES
+    REM VERSION: 1.0
+    REM AUTHOR: Korben
+
+    DEFINE #CAPS_ENABLED FALSE
+    DEFINE #NUM_ENABLED TRUE
+    DEFINE #SCROLL_ENABLED FALSE
+
+    DEFINE #SAVE_ORIGINAL_STATE TRUE
+
+    FUNCTION DEFAULT_LOCK_KEY_STATES()
+        IF_DEFINED_TRUE #SAVE_ORIGINAL_STATE
+            SAVE_HOST_KEYBOARD_LOCK_STATE
+        END_IF_DEFINED
+
+        IF (($_CAPSLOCK_ON == #CAPS_ENABLED) == FALSE) THEN
+            CAPSLOCK
+        END_IF
+        IF (($_NUMLOCK_ON == #NUM_ENABLED) == FALSE) THEN
+            NUMLOCK
+        END_IF
+        IF (($_SCROLLLOCK_ON == #SCROLL_ENABLED) == FALSE) THEN
+            SCROLLLOCK
+        END_IF
+    END_FUNCTION
+END_EXTENSION
diff --git a/payloads/extensions/detect_reflection.txt b/payloads/extensions/detect_reflection.txt
@@ -0,0 +1,19 @@
+EXTENSION DETECT_REFLECTION
+    REM VERSION: 1.0
+    REM AUTHOR: Korben
+
+    DEFINE #RESPONSE_DELAY 100
+
+    FUNCTION DETECT_REFLECTION()
+        SAVE_HOST_KEYBOARD_LOCK_STATE
+        $CURRENT_CAPS = $_CAPSLOCK_ON
+        CAPSLOCK
+        DELAY #RESPONSE_DELAY
+        IF ($CURRENT_CAPS == $_CAPSLOCK_ON) THEN
+            RESTORE_HOST_KEYBOARD_LOCK_STATE
+            RETURN FALSE
+        END_IF
+        RESTORE_HOST_KEYBOARD_LOCK_STATE
+        RETURN TRUE
+    END_FUNCTION
+END_EXTENSION
diff --git a/payloads/extensions/random_variable_labels.txt b/payloads/extensions/random_variable_labels.txt
@@ -0,0 +1,121 @@
+EXTENSION RANDOM_VARIABLE_LABELS
+    REM_BLOCK Documentation
+        This extension is used to generate 5 guaranteed random unique random strings  or characters
+
+        TARGET: 
+            Any
+
+        USAGE:
+            Place this extension at top of your payload. Replace usages of 
+            static variable names within the code youre injecting with usages of 
+            the function calls below - RANDOM_LABEL_N - where N is 1-5
+
+        CONFIGURATION:
+            To change the type of random label replace RANDOM_LABEL_TYPE with 
+            one of the following:
+                $_RANDOM_LETTER_KEYCODE
+                $_RANDOM_CHAR_KEYCODE
+                $_RANDOM_NUMBER_KEYCODE
+            WARNING: be sure to choose something that is a valid variable name in
+            the language you intend to use this with
+
+
+            If you only need 5 or less random variable names and would prefer 
+            injection performance and reduced payload size, set SINGLE_CHAR_MODE
+            to TRUE
+
+            If you need MORE than 5 random variable names, use the template at 
+            the end of this extension to generate as many unique strings as 
+            needed with the 5 base variables: $random_label_1 through $random_label_5
+            note: if this is the case you will need to keep SINGLE_CHAR_MODE FALSE
+
+    END_REM
+
+
+    DEFINE #RANDOM_LABEL_TYPE $_RANDOM_LETTER_KEYCODE
+
+    DEFINE #SINGLE_CHAR_MODE FALSE
+
+    VAR $random_label_1 = #RANDOM_LABEL_TYPE
+    VAR $random_label_2 = #RANDOM_LABEL_TYPE
+    WHILE ($random_label_1 == $random_label_2)
+        $random_label_2 = #RANDOM_LABEL_TYPE
+    END_WHILE
+    VAR $random_label_3 = #RANDOM_LABEL_TYPE
+    WHILE (($random_label_1 == $random_label_3) || ($random_label_2 == $random_label_3))
+        $random_label_3 = #RANDOM_LABEL_TYPE
+    END_WHILE
+    VAR $random_label_4 = #RANDOM_LABEL_TYPE
+    WHILE (($random_label_1 == $random_label_4) || ($random_label_2 == $random_label_3) || ($random_label_3 == $random_label_4))
+        $random_label_4 = #RANDOM_LABEL_TYPE
+    END_WHILE
+    VAR $random_label_5 = #RANDOM_LABEL_TYPE
+    WHILE (($random_label_1 == $random_label_5) || ($random_label_2 == $random_label_5) || ($random_label_3 == $random_label_5) || ($random_label_4 == $random_label_5))
+        $random_label_5 = #RANDOM_LABEL_TYPE
+    END_WHILE
+
+
+    FUNCTION RANDOM_LABEL_1()
+        INJECT_VAR $random_label_1
+        IF_NOT_DEFINED_TRUE #SINGLE_CHAR_MODE
+            INJECT_VAR $random_label_2
+            INJECT_VAR $random_label_3
+            INJECT_VAR $random_label_4
+            INJECT_VAR $random_label_5
+        END_IF_DEFINED
+    END_FUNCTION
+
+    FUNCTION RANDOM_LABEL_2()
+        INJECT_VAR $random_label_2
+        IF_NOT_DEFINED_TRUE #SINGLE_CHAR_MODE
+            INJECT_VAR $random_label_1
+            INJECT_VAR $random_label_3
+            INJECT_VAR $random_label_4
+            INJECT_VAR $random_label_5
+        END_IF_DEFINED
+    END_FUNCTION
+
+    FUNCTION RANDOM_LABEL_3()
+        INJECT_VAR $random_label_3
+        IF_NOT_DEFINED_TRUE #SINGLE_CHAR_MODE
+            INJECT_VAR $random_label_2
+            INJECT_VAR $random_label_1
+            INJECT_VAR $random_label_4
+            INJECT_VAR $random_label_5
+        END_IF_DEFINED
+    END_FUNCTION
+
+    FUNCTION RANDOM_LABEL_4()
+        INJECT_VAR $random_label_4
+        IF_NOT_DEFINED_TRUE #SINGLE_CHAR_MODE
+            INJECT_VAR $random_label_3
+            INJECT_VAR $random_label_2
+            INJECT_VAR $random_label_1
+            INJECT_VAR $random_label_5
+        END_IF_DEFINED
+    END_FUNCTION
+
+    FUNCTION RANDOM_LABEL_5()
+        INJECT_VAR $random_label_5
+        IF_NOT_DEFINED_TRUE #SINGLE_CHAR_MODE
+            INJECT_VAR $random_label_3
+            INJECT_VAR $random_label_4
+            INJECT_VAR $random_label_2
+            INJECT_VAR $random_label_1
+        END_IF_DEFINED
+    END_FUNCTION
+
+    REM_BLOCK
+    REM    Template; if you need more than 5 variable names
+
+    FUNCTION RANDOM_LABEL_^()
+        INJECT_VAR $random_label_2
+        INJECT_VAR $random_label_3
+        INJECT_VAR $random_label_4
+        INJECT_VAR $random_label_5
+        INJECT_VAR $random_label_1
+    END_FUNCTION
+
+    END_REM
+
+END_EXTENSION
diff --git a/payloads/extensions/timed_wait_for_button_press.txt b/payloads/extensions/timed_wait_for_button_press.txt
@@ -0,0 +1,24 @@
+EXTENSION TIMED_WAIT_FOR_BUTTON_PRESS
+    REM VERSION: 1.0
+    REM AUTHOR: Korben
+
+    DEFINE #MAX_WAIT 10000
+    DEFINE #CHECK_INTERVAL 100
+
+    FUNCTION TIMED_WAIT_FOR_BUTTON_PRESS()
+        VAR $MAX_WAIT = #MAX_WAIT
+        VAR $CURRENT_WAIT = 0
+        VAR $CONTINUE = TRUE
+        VAR $HELD_FOR = 0
+
+        WHILE ($CURRENT_WAIT > $MAX_WAIT)
+            DELAY #CHECK_INTERVAL 
+            IF ($_BUTTON_PUSH_RECEIVED) THEN
+                RETURN $CURRENT_WAIT
+            END_IF
+            $_BUTTON_PUSH_RECEIVED = FALSE
+            $CURRENT_WAIT = ($CURRENT_WAIT + #CHECK_INTERVAL) 
+        END_WHILE
+        RETURN 0
+    END_FUNCTION
+END_EXTENSION
diff --git a/payloads/extensions/wait_for_button_hold.txt b/payloads/extensions/wait_for_button_hold.txt
@@ -0,0 +1,54 @@
+EXTENSION WAIT_FOR_BUTTON_HOLD
+    REM VERSION: 1.0
+    REM AUTHOR: Korben
+
+    REM_BLOCK DOCUMENTATION
+        USAGE:
+            Call WAIT_FOR_BUTTON_HOLD() - RETURNS TRUE if button held before timeout, FALSE if not
+
+        CONFIGURATION:
+            MAX_WAIT - number of ms requried before execution continues 
+            regardless of button press - set to 0 to block forever until button hold
+
+            HOLD_LENGTH - number of ms required to regsiter button activity as a valid hold
+
+            CHECK_INTERVAL - number of ms interval to check button status
+    END_REM
+
+    REM set #MAX_WAIT to 0 for no timeout -- wait forever
+    DEFINE #MAX_WAIT 10000
+    REM amount of time required to be considered a hold in ms
+    DEFINE #HOLD_LENGTH 3000
+    REM how frequently we check that the button is continuously being held
+    DEFINE #CHECK_INTERVAL 100
+
+    FUNCTION WAIT_FOR_BUTTON_HOLD()
+        VAR $MAX_WAIT = #MAX_WAIT
+        VAR $CURRENT_WAIT = 0
+        VAR $CONTINUE = TRUE
+        VAR $HELD_FOR = 0
+
+        WHILE ($CONTINUE)
+            DELAY #CHECK_INTERVAL 
+            IF ($_BUTTON_PUSH_RECEIVED) THEN
+                $HELD_FOR = ($HELD_FOR + #CHECK_INTERVAL)
+                IF ($HELD_FOR >= #HOLD_LENGTH) THEN
+                    $MAX_WAIT = 0
+                    REM button held target met
+                    RETURN TRUE
+                END_IF
+            ELSE
+                $HELD_FOR = 0
+            END_IF
+            $_BUTTON_PUSH_RECEIVED = FALSE
+            $CURRENT_WAIT = ($CURRENT_WAIT + #CHECK_INTERVAL) 
+
+            REM check to see if we have timed out, if non-0
+            IF (($MAX_WAIT > 0) && ($CURRENT_WAIT > $MAX_WAIT)) THEN
+                $CONTINUE = FALSE
+            END_IF
+        END_WHILE
+
+        RETURN FALSE
+    END_FUNCTION
+END_EXTENSION
diff --git a/payloads/extensions/windows_only.txt b/payloads/extensions/windows_only.txt
@@ -0,0 +1,20 @@
+EXTENSION WINDOWS_ONLY 
+    REM VERSION 1.0
+    REM AUTHOR: Korben
+
+    DEFINE #FAILURE_LED TRUE
+    DEFINE #FAILURE_LED_MODE LED_R
+    DEFINE #FAILURE_ATTACKMODE ATTACKMODE OFF
+
+    IF (($_OS == WINDOWS) == FALSE) THEN
+        IF_DEFINED_TRUE #FAILURE_LED
+            #FAILURE_LED_MODE
+            DELAY 500
+            #FAILURE_LED_MODE
+            DELAY 500
+            #FAILURE_LED_MODE
+        END_IF_DEFINED
+        #FAILURE_ATTACKMODE
+        STOP_PAYLOAD
+    END_IF
+END_EXTENSION