bashbunny-payloads/payloads/library/prank/win93/payload.txt

# Title:         Win93
# Description:   Open a new fullscreen navigator to windows93.net
# Author:        gled
# Version:       0.1
# Category:      pranck
# Target:        MacOs and Linux
# Attackmodes:   Ethernet, HID

# Config section
DEFAULT_OS='LINUX'
LOOTDIR='/root/udisk/loot/win93'

# Script section, do not modify after that line
LED SETUP
mkdir -p $LOOTDIR
echo "Starting win93 prank" > $LOOTDIR/win93.log
DEFAULT=0

LED STAGE1
ATTACKMODE ECM_ETHERNET
sleep 3
GET TARGET_IP
if [ -z "${TARGET_IP}" ]; then
  echo "No target IP, checking if it's a windows host" >> $LOOTDIR/win93.log
  DEFAULT_OS='WIN'
  LED SPECIAL
  ATTACKMODE RNDIS_ETHERNET
  sleep 3
  GET TARGET_IP
  if [ -z "${TARGET_IP}" ]; then
      LED FAIL
      exit 1
  fi
fi
echo "Starting stage1, launching scan" >> $LOOTDIR/win93.log
nmap -O -sV --osscan-guess $TARGET_IP > $LOOTDIR/nmap_results.log

LED STAGE2
ATTACKMODE HID
echo "Starting stage2, checking nmap results" >> $LOOTDIR/win93.log
grep -i 'linux' $LOOTDIR/nmap_results.log
RES=$?
echo "After linux grep: $RES" >> $LOOTDIR/win93.log
if [ $RES -eq 0 ]
then
    OS='LINUX'
else
    grep -v 'MAC Address' $LOOTDIR/nmap_results.log | grep -i 'mac'
    RES=$?
    echo "After mac grep: $RES" >> $LOOTDIR/win93.log
    if [ $RES -eq 0 ]
    then
       OS='MAC'
    else
       grep -i 'windows' $LOOTDIR/nmap_results.log
       RES=$?
       echo "After windows grep: $RES" >> $LOOTDIR/win93.log
       if [ $RES -eq 0 ]
       then
          OS='WIN'
       else
          OS=$DEFAULT_OS
          DEFAULT=1
       fi
    fi
fi
echo "$OS Host detected" >> $LOOTDIR/win93.log

if [ $DEFAULT -eq 0 ]; then
LED STAGE3
else
LED SPECIAL
fi

echo "Starting stage3, launching full screen browser on the website" >> $LOOTDIR/win93.log
if [ "$OS" = "MAC" ]; then
    # May need csf instead of ccf for Chrome
    RUN OSX "terminal"
    QUACK STRING "open \"http://www.windows93.net\" && osascript -e \"sleep 3;ccf;\";"
elif [ "$OS" = "LINUX" ]; then
    DUCKY_LANG fr
    RUN UNITY "xterm"
    QUACK STRING "chromium-browser --start-fullscreen --incognito --new-window http://www.windows93.net &; exit;"
    QUACK ENTER
    QUACK DELAY 1000
    QUACK F11
elif [ "$OS" = "WIN" ]; then
    LED FAIL
    echo "Payload not supported on windows for now, exiting" >> $LOOTDIR/win93.log
    exit 1
fi

LED CLEANUP
echo "Cleaning up now, syncing" >> $LOOTDIR/win93.log
sync
LED FINISH