hak5/bashbunny-payloads
1
0
Fork 0
mirror of https://github.com/hak5/bashbunny-payloads.git synced 2025-10-29 16:58:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
bashbunny-payloads/payloads/library/execution/FileRipper/README.md
drapl0n tuxed0 3ecad65a86
fixing typo
2022-03-19 19:28:43 +05:30

54 lines
1.7 KiB
Markdown
Raw Blame History

## About:
* Title: FileRipper
* Description: FileRipper is a payload which encrypts users data.
* AUTHOR: drapl0n
* Version: 1.0
* Category: Execution
* Target: Unix-like operating systems with systemd.
* Attackmodes: HID, Storage
## FileRipper: FileRipper is a payload which encrypts users data using asymmetric cipher.
### Features:
* Encrypts personal files and directories in home directory.
* Decryptable using private key.
* Persistent.
* Autostart payload on boot.
### Workflow:
1. Stop storing history, this helps to keep tracks clear from begining.
2. Importing Public GPG key.
3. Creating non-root systemd service.
4. Deploying fileRipper.
5. Autostarting service on opening terminal with shell (bash and zsh).
6. Entering Message.
### Directory Structure of payload components:
| FileName | Directory |
| -------------- | ----------------------------- |
| payload.txt | /payload/switch1/ |
| payload.sh | /payload/ |
| fileRipper | /tools/ |
| public.pub | /tools/ |
### Changes to be made:
* Replace key name "alice" with your key name in payload.txt on line no ```50```.
* Replace key name "alice" with your key name in fileRipper on line no ```6```.
* Change message in payload.sh on line no ```14```.
* Remove line no ```14``` and ```15``` in payload.sh to disable displaying message.
### Usage:
* #### Create new key pair:
```gpg --full-gen-key --expert```
* #### Dump public key of freshly created gpg key:
```gpg --armor --export <key name> > public.pub```
### LED Status:
* `SETUP` : MAGENTA
* `ATTACK` : YELLOW
* `FINISH` : GREEN
#### Support me if you like my work:
* https://twitter.com/drapl0n
Reference in New Issue View Git Blame Copy Permalink