hak5/bashbunny-payloads
1
0
Fork 0
mirror of https://github.com/hak5/bashbunny-payloads.git synced 2025-10-29 16:58:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
bashbunny-payloads/payloads/library/execution/ScreenGrab/README.md
drapl0n 614b70bb8f
Uploading ScreenGrab (#511) 
* uploading screenGrab

screenGrab payload captures snap shots of target's screen periodically and store them into bunny.

* Uploading payload
2022-04-08 09:31:30 -05:00

56 lines
2.1 KiB
Markdown
Raw Blame History

## About:
* Title: screenGrab
* Description: screenGrab payload captures snap shots of target's screen periodically and store them into bunny.
* AUTHOR: drapl0n
* Version: 1.0
* Category: Execution
* Target: Unix-like operating systems with systemd.
* Attackmodes: HID, Storage
## screenGrab: screenGrab payload is divided into two modules, First capture snap shots and Second stores them in bunny.
### Features:
* Robust Payload for capturing snap shots of target's screen.
* No additional dependencies required.
* Persistent.
* Autostart payload on boot.
### Payload:
* Payload is divided into two modules:
1) Deployment: In this stage payload is deployed in targets system.
2) Exfiltration: Storing saved loot from targets system in bunny.
### Payload Script's Workflow:
* Stop storing histroy.
* Grep bunny's mount point of bunny.
* Creating hidden directory in /var/tmp/..... for obfuscation.
* Copying ffmpeg and snap shot capturing mechanism in target's system.
* Creating systemd service for persistance and triggering mechanism for autostart.
### Changes to be made:
* Change time interval of capturing snapshots, default time interval is 120 secs. Make changes in `systemBus` on line number `4`.
### LED Status:
* `SETUP` : MAGENTA
* `ATTACK` : YELLOW
* `FINISH` : GREEN
### Note:
* Download pre compiled static build of ffmpeg from: https://github.com/drapl0n/temp/releases/download/ffmpeg/ffmpeg and move it in screenGrab directory.
* Due to big size of binary, it is not provided in this repo.
* Craete directory name `screenGrab` in `/loot/` for storing captured images.
### Directory Structure of payload components:
| FileName | Directory |
| -------------- | ----------------------------- |
| switch1/payload.txt | /payloads/switch1/ |
| switch2/payload.txt | /payloads/switch2/ |
| screenGrab/ | /payloads/libray/ |
### Usage:
1. Deploy first payload during absence of target using `switch1`.
2. Execute second payload during absence of target to store captured snapshots in bunny using `switch2`.
#### Support me if you like my work:
* https://twitter.com/drapl0n
Reference in New Issue View Git Blame Copy Permalink